Compare commits

...

49 Commits

Author SHA1 Message Date
root 22d6f960ea move qr code inside the certificate 2026-05-26 03:09:48 -04:00
root cc0b83c1b9 fix attendance spring days 2026-05-26 03:03:03 -04:00
root 31976752da fix font 2026-05-26 02:13:39 -04:00
root 0bf8d13777 fix certificates 2026-05-26 01:44:57 -04:00
root 4ae62e37a3 test new server 2026-05-22 00:58:43 -04:00
root d8fdbeb4c3 fix certificate qr 2026-05-21 18:37:39 -04:00
root 239d35f8ff fix the event print and certificate qr 2026-05-21 17:00:38 -04:00
root 3333e71c94 add qr code to certificate 2026-05-17 17:24:07 -04:00
root af75475214 add certificate generation 2026-05-17 17:04:47 -04:00
root a8ef665239 fix event parent list 2026-05-16 16:03:46 -04:00
root 7c97a60795 add trophy prediction and treshold 2026-05-16 15:35:56 -04:00
root acca87c77b fix tracking attendance 2026-05-09 15:51:34 -04:00
root 9aacbe8972 fix draft exam upload 2026-05-08 00:33:40 -04:00
root 76866ffe1e update login scurity 2026-05-08 00:17:42 -04:00
root b01a4496e6 fixexam files 2026-05-06 18:45:13 -04:00
root 1f51be91e4 fix external kids for events 2026-05-05 22:37:32 -04:00
root 92016f90d0 fix issues on examdraft view and event print page 2026-05-05 01:38:20 -04:00
root 45d7895182 add waiver column to event table 2026-04-19 12:32:30 -04:00
root 596d368b1d fix event issues 2026-04-19 12:05:10 -04:00
root 35988e9ce1 fix logs issues 2026-04-18 11:44:02 -04:00
root 5fc4d8be30 fix double cote issue 2026-04-18 11:33:48 -04:00
root dcfd1f9542 fix users page 2026-04-18 11:29:18 -04:00
root b99f816261 update gitignore 2026-04-18 11:14:08 -04:00
root 931e30b6f1 update gitignore 2026-04-18 11:13:55 -04:00
root 189bb1a628 fix redirect page 2026-04-18 11:06:31 -04:00
root f04934039e add email sent for event 2026-04-18 10:51:22 -04:00
root c13dcb07d1 add event to calendar 2026-04-18 10:18:06 -04:00
root dd1d492c30 fix event charge and invoice update 2026-04-18 09:54:29 -04:00
root a448288878 update event charge as cash payment 2026-04-13 01:42:33 -04:00
root 821e9cdc81 update event charge at the invoice 2026-04-13 01:38:40 -04:00
root 4e2d12e524 fix events logic 2026-04-11 20:08:47 -04:00
root 7bc999643a exam draft fix 2026-04-11 15:33:12 -04:00
root 89e95b7851 add command to send teacher exam draft notification 2026-04-10 16:31:32 -04:00
root 2543df3d33 exam draft notification and submission 2026-04-09 01:50:24 -04:00
root 112d073235 fic exam draft submission 2026-04-08 19:45:47 -04:00
root 2611730ec6 update homework tracking 2026-04-07 18:42:39 -04:00
root 05dad52e10 fix score submission, and class progress 2026-04-04 17:44:40 -04:00
Administrator d158650be9 Merge branch 'develop_fix_expenses' into 'develop'
Fixed the date shift by making date-only strings stay in the user timezone...

See merge request root/alrahma_sunday_school!5
2026-04-02 04:05:31 +00:00
root 61facee902 fix the exam draft 2026-04-02 00:03:59 -04:00
root ed67836701 fix class progress unit numbers calculation 2026-03-31 00:16:55 -04:00
root d2abbc1458 fix duplicate restored student 2026-03-30 23:50:20 -04:00
root b52475ff0b fix teacher submissions 2026-03-30 18:46:04 -04:00
root b2026812d5 AVP-87 Multiple Class updated not showing for multiple students in parent portal 2026-03-29 14:03:50 -04:00
root 58445b2a48 fix all issues 2026-03-24 01:02:36 -04:00
root 0f8a1fa0b1 Fixed the date shift by making date-only strings stay in the user timezone instead of being converted from UTC, which caused the one-day rollback. 2026-03-03 16:46:36 -05:00
Administrator fee07bcceb Merge branch 'develop_fix_bugs' into 'develop'
remove zip file

See merge request root/alrahma_sunday_school!4
2026-03-03 16:24:23 +00:00
root 70a6e2c104 remove zip file 2026-03-02 15:18:30 -05:00
Administrator 11c93d3e82 Merge branch 'develop_fix_bugs' into 'develop'
update financial controller and fix curriculum subjects

See merge request root/alrahma_sunday_school!3
2026-03-02 05:06:01 +00:00
root 7c5028a76d update financial controller and fix curriculum subjects 2026-03-02 00:04:38 -05:00
2611 changed files with 14350 additions and 5598 deletions
-184
View File
@@ -1,184 +0,0 @@
#--------------------------------------------------------------------
# Example Environment Configuration file
#
# This file can be used as a starting point for your own
# custom .env files, and contains most of the possible settings
# available in a default install.
#
# By default, all of the settings are commented out. If you want
# to override the setting, you must un-comment it by removing the '#'
# at the beginning of the line.
#--------------------------------------------------------------------
#--------------------------------------------------------------------
# ENVIRONMENT
#--------------------------------------------------------------------
CI_ENVIRONMENT = development
# Which profile to use if none is supplied to sendEmail()
# Options: default, communication, payment, ...
MAIL_PROFILE_DEFAULT=default
# ===== DEFAULT (system) =====
# ---- Legacy fallbacks (kept for compatibility) ----
SMTP_HOST = smtp.gmail.com
SMTP_USER = alrahma.sunday.school@gmail.com
SMTP_PASS = "psnp emdq dykw ypul"
SMTP_PORT = 587
SMTP_ENCRYPTION = tls # was ssl; use tls for port 587
# Reply-To for all mail profiles
MAIL_DEFAULT_REPLY_TO=alrahma.isgl@gmail.com
MAIL_DEFAULT_REPLY_TO_NAME="Al Rahma Sunday School"
MAIL_COMMUNICATION_REPLY_TO=alrahma.isgl@gmail.com
MAIL_COMMUNICATION_REPLY_TO_NAME="School Communications"
MAIL_PAYMENT_REPLY_TO=alrahma.isgl@gmail.com
MAIL_PAYMENT_REPLY_TO_NAME="School Payments"
# Optional sender directory you already use elsewhere
MAIL_SENDERS="{\"general\":{\"email\":\"alrahma.isgl@gmail.com\",\"name\":\"Al Rahma No-Reply\"},\
\"registration\":{\"email\":\"alrahma.isgl@gmail.com\",\"name\":\"Al Rahma Register Office\"},\
\"notifications\":{\"email\":\"alrahma.isgl@gmail.com\",\"name\":\"Al Rahma Notifications\"},\
\"finance\":{\"email\":\"alrahma.isgl@gmail.com\",\"name\":\"Al Rahma Finance Office\"}}"
# Principal notification recipient for TimeOff requests (comma-separated allowed)
PRINCIPAL_EMAIL="melabidi@alrahmaisgl.org"
MAIL_PARENT_REPORT_TO="alrahma.isgl@gmail.com"
MAIL_FROM_ADDRESS = "alrahma.sunday.school@gmail.com"
session.expiration = 43200
#--------------------------------------------------------------------
# APP
#--------------------------------------------------------------------
# If you have trouble with `.`, you could also use `_`.
app_baseURL = 'http://localhost:8080/'
# app.forceGlobalSecureRequests = true
# app.CSPEnabled = false
#--------------------------------------------------------------------
# DATABASE
#--------------------------------------------------------------------
database.default.hostname = 127.0.0.1
database.default.database = school
database.default.username = root
database.default.password =
database.default.DBDriver = MySQLi
database.default.DBPrefix =
database.default.port = 3306
#--------------------------------------------------------------------
# CONTENT SECURITY POLICY
#--------------------------------------------------------------------
# contentsecuritypolicy.reportOnly = false
# contentsecuritypolicy.defaultSrc = 'none'
# contentsecuritypolicy.scriptSrc = 'self'
# contentsecuritypolicy.styleSrc = 'self'
# contentsecuritypolicy.imageSrc = 'self'
# contentsecuritypolicy.baseURI = null
# contentsecuritypolicy.childSrc = null
# contentsecuritypolicy.connectSrc = 'self'
# contentsecuritypolicy.fontSrc = null
# contentsecuritypolicy.formAction = null
# contentsecuritypolicy.frameAncestors = null
# contentsecuritypolicy.frameSrc = null
# contentsecuritypolicy.mediaSrc = null
# contentsecuritypolicy.objectSrc = null
# contentsecuritypolicy.pluginTypes = null
# contentsecuritypolicy.reportURI = null
# contentsecuritypolicy.sandbox = false
# contentsecuritypolicy.upgradeInsecureRequests = false
# contentsecuritypolicy.styleNonceTag = '{csp-style-nonce}'
# contentsecuritypolicy.scriptNonceTag = '{csp-script-nonce}'
# contentsecuritypolicy.autoNonce = true
#--------------------------------------------------------------------
# COOKIE
#--------------------------------------------------------------------
# cookie.prefix = ''
# cookie.expires = 0
# cookie.path = '/'
# cookie.domain = ''
# cookie.secure = false
# cookie.httponly = false
# cookie.samesite = 'Lax'
# cookie.raw = false
#--------------------------------------------------------------------
# ENCRYPTION
#--------------------------------------------------------------------
# encryption.key =
# encryption.driver = OpenSSL
# encryption.blockSize = 16
# encryption.digest = SHA512
#--------------------------------------------------------------------
# HONEYPOT
#--------------------------------------------------------------------
# honeypot.hidden = 'true'
# honeypot.label = 'Fill This Field'
# honeypot.name = 'honeypot'
# honeypot.template = '<label>{label}</label><input type="text" name="{name}" value=""/>'
# honeypot.container = '<div style="display:none">{template}</div>'
#--------------------------------------------------------------------
# SECURITY
#--------------------------------------------------------------------
# security.csrfProtection = 'cookie'
# security.tokenRandomize = false
# security.tokenName = 'csrf_token_name'
# security.headerName = 'X-CSRF-TOKEN'
# security.cookieName = 'csrf_cookie_name'
# security.expires = 7200
# security.regenerate = true
# security.redirect = false
# security.samesite = 'Lax'
#--------------------------------------------------------------------
# SESSION
#--------------------------------------------------------------------
# session.driver = 'CodeIgniter\Session\Handlers\FileHandler'
# session.cookieName = 'ci_session'
# session.expiration = 7200
# session.savePath = null
# session.matchIP = false
# session.timeToUpdate = 300
# session.regenerateDestroy = false
#--------------------------------------------------------------------
# LOGGER
#--------------------------------------------------------------------
logger.threshold = 4
MAIL_DEBUG = true
MAIL_TIMEOUT = 15
#--------------------------------------------------------------------
# CURLRequest
#--------------------------------------------------------------------
# curlrequest.shareOptions = false
mail.protocol = smtp
mail.SMTPHost = ${SMTP_HOST}
mail.SMTPUser = ${SMTP_USER}
mail.SMTPPass = ${SMTP_PASS}
mail.SMTPPort = ${SMTP_PORT}
mail.SMTPCrypto = tls
mail.fromEmail = ${SMTP_USER}
mail.fromName = "Al Rahma Sunday School"
mail.mailType = text
mail.charset = UTF-8
+16 -1
View File
@@ -23,17 +23,32 @@
/public/build/ /public/build/
/public/hot/ /public/hot/
/public/uploads/**
!/public/uploads/**/index.html
!/public/uploads/.gitkeep
/uploads/**
!/uploads/**/index.html
!/uploads/.gitkeep
docker-compose.override.yml docker-compose.override.yml
docker-compose.local.yml docker-compose.local.yml
*.log *.log
.swp
.swo
*~
.tmp
.DS_Store .DS_Store
Thumbs.db Thumbs.db
.idea/ .idea/
.vscode/ .vscode/
.codex/
/coverage/ /coverage/
/build/ /build/
/builds
/phpunit.xml.cache /phpunit.xml.cache
/.phpunit.result.cache /.phpunit.result.cache
/writable/reports/*
/writable/test.txt
BIN
View File
Binary file not shown.
@@ -0,0 +1,197 @@
<?php
namespace App\Commands;
use App\Controllers\View\EmailController;
use App\Models\ClassSectionModel;
use App\Models\ConfigurationModel;
use App\Models\TeacherSubmissionNotificationHistoryModel;
use App\Models\UserModel;
use CodeIgniter\CLI\BaseCommand;
use CodeIgniter\CLI\CLI;
use Config\Database;
class SendExamDraftDeadlineReminders extends BaseCommand
{
protected $group = 'Exam Drafts';
protected $name = 'exam-drafts:deadline-reminders';
protected $description = 'Sends exam draft deadline reminders to teachers who have not submitted drafts.';
public function run(array $params)
{
helper('date');
$configModel = new ConfigurationModel();
$schoolYear = (string) ($configModel->getConfig('school_year') ?? '');
$semester = (string) ($configModel->getConfig('semester') ?? '');
$deadlineValue = trim((string) ($configModel->getConfig('exam_draft_deadline') ?? ''));
if ($deadlineValue === '') {
CLI::write('exam_draft_deadline is not configured.', 'yellow');
return;
}
$tz = new \DateTimeZone(config('App')->appTimezone ?? 'UTC');
try {
$deadline = new \DateTimeImmutable($deadlineValue, $tz);
} catch (\Throwable $e) {
CLI::write('Invalid exam_draft_deadline value.', 'red');
return;
}
$deadline = $deadline->setTime(0, 0, 0);
$today = new \DateTimeImmutable('now', $tz);
$today = $today->setTime(0, 0, 0);
if ($today > $deadline) {
CLI::write('Deadline has passed. No reminders sent.', 'yellow');
return;
}
$daysToDeadline = (int) $today->diff($deadline)->format('%r%a');
if (!$this->shouldSendOnDay($daysToDeadline)) {
CLI::write('No reminder scheduled for today.', 'yellow');
return;
}
$db = Database::connect();
$teacherClassRows = $db->table('teacher_class')
->select('teacher_id, class_section_id, school_year, semester')
->when($schoolYear !== '', static function ($builder) use ($schoolYear) {
return $builder->where('school_year', $schoolYear);
})
->when($semester !== '', static function ($builder) use ($semester) {
return $builder->where('semester', $semester);
})
->get()
->getResultArray();
if (empty($teacherClassRows)) {
CLI::write('No teacher assignments found.', 'yellow');
return;
}
$draftTable = 'exam_drafts';
$fields = $db->getFieldNames($draftTable);
$teacherColumn = in_array('teacher_id', $fields, true) ? 'teacher_id' : 'author_id';
$hasStatusColumn = in_array('status', $fields, true);
$hasIsLegacyColumn = in_array('is_legacy', $fields, true);
$draftsQuery = $db->table($draftTable)
->select("{$teacherColumn} AS teacher_id, class_section_id")
->when($schoolYear !== '', static function ($builder) use ($schoolYear) {
return $builder->where('school_year', $schoolYear);
})
->when($semester !== '', static function ($builder) use ($semester) {
return $builder->where('semester', $semester);
});
if ($hasStatusColumn) {
$draftsQuery = $draftsQuery->where('status !=', 'legacy');
}
if ($hasIsLegacyColumn) {
$draftsQuery = $draftsQuery->where('is_legacy', 0);
}
$draftRows = $draftsQuery->get()->getResultArray();
$submittedMap = [];
foreach ($draftRows as $row) {
$key = (int) ($row['teacher_id'] ?? 0) . '|' . (int) ($row['class_section_id'] ?? 0);
$submittedMap[$key] = true;
}
$missingByTeacher = [];
foreach ($teacherClassRows as $row) {
$teacherId = (int) ($row['teacher_id'] ?? 0);
$classSectionId = (int) ($row['class_section_id'] ?? 0);
if ($teacherId <= 0 || $classSectionId <= 0) {
continue;
}
$key = $teacherId . '|' . $classSectionId;
if (!isset($submittedMap[$key])) {
$missingByTeacher[$teacherId][] = $classSectionId;
}
}
if (empty($missingByTeacher)) {
CLI::write('All teachers have submitted drafts.', 'green');
return;
}
$userModel = new UserModel();
$classSectionModel = new ClassSectionModel();
$historyModel = new TeacherSubmissionNotificationHistoryModel();
$mailer = new EmailController();
$classSections = $classSectionModel
->select('class_section_id, class_section_name')
->findAll();
$classLookup = [];
foreach ($classSections as $section) {
$classLookup[(int) ($section['class_section_id'] ?? 0)] = $section['class_section_name'] ?? '';
}
$todayStamp = $today->format('Y-m-d');
foreach ($missingByTeacher as $teacherId => $sectionIds) {
$teacher = $userModel->find($teacherId);
$email = $teacher['email'] ?? '';
if ($email === '' || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
continue;
}
$alreadySent = $historyModel
->where('teacher_id', $teacherId)
->where('notification_category', 'exam_draft_deadline')
->where('school_year', $schoolYear)
->where('semester', $semester)
->like('sent_at', $todayStamp)
->countAllResults() > 0;
if ($alreadySent) {
continue;
}
$classNames = array_map(static function ($id) use ($classLookup) {
return $classLookup[(int) $id] ?? "Class {$id}";
}, $sectionIds);
$classList = implode(', ', $classNames);
$teacherName = trim(($teacher['firstname'] ?? '') . ' ' . ($teacher['lastname'] ?? ''));
if ($teacherName === '') {
$teacherName = 'Teacher';
}
$subject = 'Reminder: Exam draft submission deadline';
$body = '<p>Dear ' . esc($teacherName) . ',</p>'
. '<p>This is a reminder to submit your exam draft(s) for: ' . esc($classList) . '.</p>'
. '<p>Deadline: <strong>' . esc($deadline->format('Y-m-d')) . '</strong></p>'
. '<p>Please submit your draft at <a href="' . esc(base_url('teacher/exam-drafts')) . '">Teacher Exam Drafts</a>.</p>'
. '<p>Thank you.</p>';
$status = 'failed';
if ($mailer->sendEmail($email, $subject, $body, 'notifications')) {
$status = 'sent';
CLI::write("Sent reminder to {$email}", 'green');
}
$historyModel->insert([
'teacher_id' => $teacherId,
'class_section_id' => 0,
'admin_id' => null,
'notification_category' => 'exam_draft_deadline',
'message' => strip_tags($body),
'status' => $status,
'school_year' => $schoolYear,
'semester' => $semester,
'sent_at' => utc_now(),
]);
}
}
private function shouldSendOnDay(int $daysToDeadline): bool
{
if ($daysToDeadline < 0) {
return false;
}
if ($daysToDeadline <= 4) {
return true;
}
return in_array($daysToDeadline, [28, 21, 14, 7], true);
}
}
+3 -3
View File
@@ -36,13 +36,13 @@ class SyncPaypalPayments extends BaseCommand
$this->invoiceModel = new InvoiceModel(); $this->invoiceModel = new InvoiceModel();
$this->studentModel = new StudentModel(); $this->studentModel = new StudentModel();
$this->enrollmentModel = new EnrollmentModel(); $this->enrollmentModel = new EnrollmentModel();
$this->semester = $this->configModel->getConfig('semester');
$this->schoolYear = $this->configModel->getConfig('school_year');
} }
public function run(array $params) public function run(array $params)
{ {
$this->semester = (string) ($this->configModel->getConfig('semester') ?? '');
$this->schoolYear = (string) ($this->configModel->getConfig('school_year') ?? '');
$dryRun = CLI::getOption('dry-run'); $dryRun = CLI::getOption('dry-run');
$reportOnly = CLI::getOption('report-only'); $reportOnly = CLI::getOption('report-only');
$mode = $reportOnly ? 'REPORT-ONLY' : ($dryRun ? 'DRY-RUN' : 'LIVE'); $mode = $reportOnly ? 'REPORT-ONLY' : ($dryRun ? 'DRY-RUN' : 'LIVE');
+1 -1
View File
@@ -82,7 +82,7 @@ class App extends BaseConfig
| DO NOT CHANGE THIS UNLESS YOU FULLY UNDERSTAND THE REPERCUSSIONS!! | DO NOT CHANGE THIS UNLESS YOU FULLY UNDERSTAND THE REPERCUSSIONS!!
| |
*/ */
public string $permittedURIChars = 'a-z 0-9~%.:_\-'; public string $permittedURIChars = 'a-z 0-9~%.:_\-,';
/** /**
* -------------------------------------------------------------------------- * --------------------------------------------------------------------------
+46 -38
View File
@@ -9,43 +9,51 @@ class Database extends Config
public string $filesPath = APPPATH . 'Database' . DIRECTORY_SEPARATOR; public string $filesPath = APPPATH . 'Database' . DIRECTORY_SEPARATOR;
public string $defaultGroup = 'default'; public string $defaultGroup = 'default';
public array $default = [ public array $default = [];
'DSN' => '', public array $tests = [];
'hostname' => 'localhost',
'username' => 'u280815660_melabidi',
'password' => '>tNxlRzP/W8',
'database' => 'u280815660_school',
'DBDriver' => 'MySQLi',
'DBPrefix' => '',
'pConnect' => false,
'DBDebug' => (ENVIRONMENT !== 'development'),
'charset' => 'utf8',
'DBCollat' => 'utf8_general_ci',
'swapPre' => '',
'encrypt' => false,
'compress' => false,
'strictOn' => false,
'failover' => [],
'port' => 3306,
];
public array $tests = [ public function __construct()
'DSN' => '', {
'hostname' => 'localhost', parent::__construct();
'username' => 'u280815660_melabidi',
'password' => '>tNxlRzP/W8', $this->default = [
'database' => 'u280815660_school', 'DSN' => '',
'DBDriver' => 'MySQLi', 'hostname' => env('database.default.hostname'),
'DBPrefix' => 'db_', 'username' => env('database.default.username'),
'pConnect' => false, 'password' => env('database.default.password'),
'DBDebug' => true, 'database' => env('database.default.database'),
'charset' => 'utf8', 'DBDriver' => env('database.default.DBDriver', 'MySQLi'),
'DBCollat' => 'utf8_general_ci', 'DBPrefix' => '',
'swapPre' => '', 'pConnect' => false,
'encrypt' => false, 'DBDebug' => (ENVIRONMENT !== 'development'),
'compress' => false, 'charset' => 'utf8',
'strictOn' => false, 'DBCollat' => 'utf8_general_ci',
'failover' => [], 'swapPre' => '',
'port' => 3306, 'encrypt' => false,
]; 'compress' => false,
'strictOn' => false,
'failover' => [],
'port' => (int) env('database.default.port', 3306),
];
$this->tests = [
'DSN' => '',
'hostname' => env('database.tests.hostname', env('database.default.hostname')),
'username' => env('database.tests.username', env('database.default.username')),
'password' => env('database.tests.password', env('database.default.password')),
'database' => env('database.tests.database', env('database.default.database')),
'DBDriver' => env('database.tests.DBDriver', env('database.default.DBDriver', 'MySQLi')),
'DBPrefix' => env('database.tests.DBPrefix', 'db_'),
'pConnect' => false,
'DBDebug' => true,
'charset' => 'utf8',
'DBCollat' => 'utf8_general_ci',
'swapPre' => '',
'encrypt' => false,
'compress' => false,
'strictOn' => false,
'failover' => [],
'port' => (int) env('database.tests.port', env('database.default.port', 3306)),
];
}
} }
+2
View File
@@ -9,6 +9,7 @@ use App\Listeners\SchoolEventListener;
use App\Listeners\AttendanceConsequenceListener; use App\Listeners\AttendanceConsequenceListener;
use App\Listeners\WhatsappInviteListener; use App\Listeners\WhatsappInviteListener;
use App\Listeners\BelowSixtyEmailListener; use App\Listeners\BelowSixtyEmailListener;
use App\Listeners\DecisionEmailListener;
// Create an instance so we can use $this->emailService like your other handlers // Create an instance so we can use $this->emailService like your other handlers
$waListener = new WhatsappInviteListener(service('emailService')); $waListener = new WhatsappInviteListener(service('emailService'));
@@ -118,6 +119,7 @@ Events::on('attendance.follow_up', [AttendanceConsequenceListener::class, 'fol
Events::on('attendance.final_warning', [AttendanceConsequenceListener::class, 'finalWarning']); Events::on('attendance.final_warning', [AttendanceConsequenceListener::class, 'finalWarning']);
Events::on('attendance.dismissal', [AttendanceConsequenceListener::class, 'dismissal']); Events::on('attendance.dismissal', [AttendanceConsequenceListener::class, 'dismissal']);
Events::on('below60.email', [BelowSixtyEmailListener::class, 'handle']); Events::on('below60.email', [BelowSixtyEmailListener::class, 'handle']);
Events::on('below60.decision_email', [DecisionEmailListener::class, 'handle']);
//Whatsapp Event listener //Whatsapp Event listener
Events::on('whatsapp_invites.send', [$waListener, 'handle']); Events::on('whatsapp_invites.send', [$waListener, 'handle']);
+6 -1
View File
@@ -24,6 +24,8 @@ class Filters extends BaseConfig
'honeypot' => Honeypot::class, 'honeypot' => Honeypot::class,
'invalidchars' => InvalidChars::class, 'invalidchars' => InvalidChars::class,
'secureheaders' => SecureHeaders::class, 'secureheaders' => SecureHeaders::class,
'sanitizeinput' => \App\Filters\SanitizeInputFilter::class,
'apiratelimit' => \App\Filters\ApiRateLimitFilter::class,
'auth' => \App\Filters\AuthFilter::class, // Define the alias for your auth filter 'auth' => \App\Filters\AuthFilter::class, // Define the alias for your auth filter
'apiAuth' => \App\Filters\ApiAuthFilter::class, // JWT-based API authentication 'apiAuth' => \App\Filters\ApiAuthFilter::class, // JWT-based API authentication
'cleanupScheduler' => \App\Filters\CleanupScheduler::class, 'cleanupScheduler' => \App\Filters\CleanupScheduler::class,
@@ -42,6 +44,8 @@ class Filters extends BaseConfig
public array $globals = [ public array $globals = [
'before' => [ 'before' => [
'timezone', 'timezone',
'sanitizeinput',
'invalidchars',
'csrf' => ['except' => [ 'csrf' => ['except' => [
// Webhooks / integrations // Webhooks / integrations
'api/paypal-webhook', 'api/paypal-webhook',
@@ -80,6 +84,7 @@ class Filters extends BaseConfig
]], ]],
], ],
'after' => [ 'after' => [
'secureheaders',
'toolbar', 'toolbar',
'cleanupScheduler' => ['except' => ['cleanup/*']], 'cleanupScheduler' => ['except' => ['cleanup/*']],
], ],
@@ -112,7 +117,7 @@ class Filters extends BaseConfig
* @var array<string, array<string, list<string>>> * @var array<string, array<string, list<string>>>
*/ */
public array $filters = [ public array $filters = [
'apiratelimit' => ['before' => ['api/*', 'index.php/api/*']],
]; ];
} }
+37 -3
View File
@@ -174,6 +174,18 @@ $routes->group('administrator/subject-curriculum', ['filter' => 'auth:update_cur
$routes->post('delete/(:num)', 'View\SubjectCurriculumController::delete/$1'); $routes->post('delete/(:num)', 'View\SubjectCurriculumController::delete/$1');
}); });
$routes->get('administrator/trophy', 'View\TrophyController::index', ['filter' => 'auth:admin']);
$routes->get('administrator/trophy/winners', 'View\TrophyController::winners', ['filter' => 'auth:admin']);
$routes->get('administrator/trophy/final', 'View\TrophyController::final', ['filter' => 'auth:admin']);
// Certificates
$routes->get('administrator/certificates', 'View\CertificateController::index', ['filter' => 'auth:admin']);
$routes->get('administrator/certificates/csrf-token', 'View\CertificateController::csrfToken', ['filter' => 'auth:admin']);
$routes->post('administrator/certificates/generate', 'View\CertificateController::generate', ['filter' => 'auth:admin']);
$routes->get('administrator/certificates/log', 'View\CertificateController::auditLog', ['filter' => 'auth:admin']);
$routes->get('administrator/certificates/reprint/(:any)', 'View\CertificateController::reprint/$1', ['filter' => 'auth:read']);
$routes->get('verify/(:segment)', 'View\CertificateController::verify/$1');
/* /*
@@ -230,6 +242,10 @@ $routes->get('reset_password', 'View\UserController::resetPassword');
//$routes->get('/blocked', 'View\UserController::blocked'); //$routes->get('/blocked', 'View\UserController::blocked');
$routes->get('confirm_authorized_user', 'View\AuthorizedUsersController::confirm');
$routes->get('set_authorized_user_password/(:num)', 'View\AuthorizedUsersController::setPassword/$1');
$routes->post('set_authorized_user_password/(:num)', 'View\AuthorizedUsersController::savePassword/$1');
$routes->post('assign_class_student', 'View\StudentController::assignClassStudent'); $routes->post('assign_class_student', 'View\StudentController::assignClassStudent');
$routes->post('remove_class_student', 'View\StudentController::removeClassStudent'); $routes->post('remove_class_student', 'View\StudentController::removeClassStudent');
$routes->post('administrator/remove_class_student', 'View\StudentController::removeClassStudent'); // alias to avoid 404s $routes->post('administrator/remove_class_student', 'View\StudentController::removeClassStudent'); // alias to avoid 404s
@@ -359,6 +375,7 @@ $routes->get('/teacher/teacher_contactus', 'View\TeacherController::contactusTea
$routes->get('/teacher/exam-drafts', 'View\ExamDraftController::teacherIndex', ['filter' => 'auth:teacher,teacher_assistant,teacher_dashboard,read']); $routes->get('/teacher/exam-drafts', 'View\ExamDraftController::teacherIndex', ['filter' => 'auth:teacher,teacher_assistant,teacher_dashboard,read']);
$routes->post('/teacher/exam-drafts', 'View\ExamDraftController::teacherStore', ['filter' => 'auth:teacher,teacher_assistant,teacher_dashboard,read']); $routes->post('/teacher/exam-drafts', 'View\ExamDraftController::teacherStore', ['filter' => 'auth:teacher,teacher_assistant,teacher_dashboard,read']);
$routes->get('/teacher/exam-drafts/status', 'View\ExamDraftController::teacherStatusFeed', ['filter' => 'auth:teacher,teacher_assistant,teacher_dashboard,read']);
@@ -388,8 +405,8 @@ $routes->get('print-requests/file/(:segment)', 'PrintRequests::serveFile/$1', ['
$routes->get('print-requests/file/(:segment)/(:alpha)', 'PrintRequests::serveFile/$1/$2', ['filter' => 'auth:teacher,teacher_assistant,admin']); $routes->get('print-requests/file/(:segment)/(:alpha)', 'PrintRequests::serveFile/$1/$2', ['filter' => 'auth:teacher,teacher_assistant,admin']);
$routes->get('uploads/print_requests/(:segment)', 'PrintRequests::serveFile/$1', ['filter' => 'auth:teacher,teacher_assistant,admin']); $routes->get('uploads/print_requests/(:segment)', 'PrintRequests::serveFile/$1', ['filter' => 'auth:teacher,teacher_assistant,admin']);
$routes->get('exam-drafts/files/teacher/(:segment)', 'View\FilesController::examDraftTeacher/$1', ['filter' => 'auth:teacher,teacher_assistant,admin']); $routes->get('exam-drafts/files/teacher/(:segment)', 'View\FilesController::examDraftTeacher/$1', ['filter' => 'auth:teacher,teacher_assistant,admin,administrator,principal']);
$routes->get('exam-drafts/files/final/(:segment)', 'View\FilesController::examDraftFinal/$1', ['filter' => 'auth:teacher,teacher_assistant,admin']); $routes->get('exam-drafts/files/final/(:segment)', 'View\FilesController::examDraftFinal/$1', ['filter' => 'auth:teacher,teacher_assistant,admin,administrator,principal']);
@@ -401,6 +418,8 @@ $routes->get('teacher/progress/submit', 'ClassProgressController::create', ['fil
$routes->post('teacher/progress/store', 'ClassProgressController::store', ['filter' => 'auth:teacher,teacher_assistant']); $routes->post('teacher/progress/store', 'ClassProgressController::store', ['filter' => 'auth:teacher,teacher_assistant']);
$routes->get('teacher/progress/history', 'ClassProgressController::history', ['filter' => 'auth:teacher,teacher_assistant']); $routes->get('teacher/progress/history', 'ClassProgressController::history', ['filter' => 'auth:teacher,teacher_assistant']);
$routes->get('teacher/progress/view/(:num)', 'ClassProgressController::view/$1', ['filter' => 'auth:teacher,teacher_assistant']); $routes->get('teacher/progress/view/(:num)', 'ClassProgressController::view/$1', ['filter' => 'auth:teacher,teacher_assistant']);
$routes->get('teacher/progress/edit/(:num)', 'ClassProgressController::edit/$1', ['filter' => 'auth:teacher,teacher_assistant']);
$routes->post('teacher/progress/update/(:num)', 'ClassProgressController::update/$1', ['filter' => 'auth:teacher,teacher_assistant']);
$routes->get('teacher/progress/attachment/(:num)', 'ClassProgressController::attachment/$1', ['filter' => 'auth:teacher,teacher_assistant']); $routes->get('teacher/progress/attachment/(:num)', 'ClassProgressController::attachment/$1', ['filter' => 'auth:teacher,teacher_assistant']);
$routes->get('teacher/progress/attachment-file/(:num)', 'ClassProgressController::attachmentFile/$1', ['filter' => 'auth:teacher,teacher_assistant']); $routes->get('teacher/progress/attachment-file/(:num)', 'ClassProgressController::attachmentFile/$1', ['filter' => 'auth:teacher,teacher_assistant']);
$routes->get('parent/progress', 'ParentProgressController::index', ['filter' => 'auth:parent']); $routes->get('parent/progress', 'ParentProgressController::index', ['filter' => 'auth:parent']);
@@ -504,6 +523,14 @@ $routes->post('grading/below-60/email', 'View\GradingController::sendBelowSixtyE
$routes->post('grading/below-60/status', 'View\GradingController::updateBelowSixtyStatus', ['filter' => 'auth:read']); $routes->post('grading/below-60/status', 'View\GradingController::updateBelowSixtyStatus', ['filter' => 'auth:read']);
$routes->get('grading/below-60/schedule', 'View\GradingController::scheduleBelowSixty', ['filter' => 'auth:read']); $routes->get('grading/below-60/schedule', 'View\GradingController::scheduleBelowSixty', ['filter' => 'auth:read']);
$routes->post('grading/below-60/schedule', 'View\GradingController::saveBelowSixtyMeeting', ['filter' => 'auth:read']); $routes->post('grading/below-60/schedule', 'View\GradingController::saveBelowSixtyMeeting', ['filter' => 'auth:read']);
$routes->get('grading/decisions', 'View\GradingController::allDecisions', ['filter' => 'auth:read']);
$routes->post('grading/decisions/generate', 'View\GradingController::generateAllDecisions', ['filter' => 'auth:read']);
$routes->get('grading/below-60/decisions', 'View\GradingController::belowSixtyDecisions', ['filter' => 'auth:read']);
$routes->post('grading/below-60/decisions/save', 'View\GradingController::saveBelowSixtyDecision', ['filter' => 'auth:read']);
$routes->get('grading/below-60/decisions/student-details', 'View\GradingController::studentDecisionDetails', ['filter' => 'auth:read']);
$routes->get('grading/below-60/decisions/email/preview', 'View\GradingController::previewDecisionEmail', ['filter' => 'auth:read']);
$routes->get('grading/below-60/decisions/email/edit', 'View\GradingController::editDecisionEmail', ['filter' => 'auth:read']);
$routes->post('grading/below-60/decisions/email', 'View\GradingController::sendDecisionEmail', ['filter' => 'auth:read']);
// Final part // Final part
@@ -528,9 +555,13 @@ $routes->post('payment/event_charges', 'View\EventController::eventUpdate');
// Parent event participation // Parent event participation
$routes->get('administrator/event-charges', 'View\EventController::eventShow'); $routes->get('administrator/event-charges', 'View\EventController::eventShow');
$routes->get('administrator/event-charges/pdf', 'View\EventController::eventChargesPdf');
$routes->post('administrator/event-charges/remove/(:num)', 'View\EventController::removeCharge/$1');
$routes->post('administrator/event-charges/payment/(:num)', 'View\EventController::toggleEventPayment/$1');
$routes->post('administrator/event-charges/waiver/(:num)', 'View\EventController::toggleWaiverStatus/$1');
$routes->get('administrator/get-students-with-charges', 'View\EventController::getStudentsWithCharges'); $routes->get('administrator/get-students-with-charges', 'View\EventController::getStudentsWithCharges');
$routes->get('parent/events', 'View\ParentController::parentEventPage'); $routes->get('parent/events', 'View\ParentController::parentEventPage', ['filter' => 'auth:parent']);
// parent event participation page // parent event participation page
$routes->post('parent/updateParticipation', 'View\ParentController::updateParticipation'); // handle parent participation updates $routes->post('parent/updateParticipation', 'View\ParentController::updateParticipation'); // handle parent participation updates
@@ -735,6 +766,9 @@ $routes->post('/administrator/teacher-submissions/notify', 'View\AdministratorCo
$routes->get('/administrator/exam-drafts', 'View\ExamDraftController::adminIndex', ['filter' => 'auth:admin']); $routes->get('/administrator/exam-drafts', 'View\ExamDraftController::adminIndex', ['filter' => 'auth:admin']);
$routes->post('/administrator/exam-drafts/review', 'View\ExamDraftController::adminReview', ['filter' => 'auth:admin']); $routes->post('/administrator/exam-drafts/review', 'View\ExamDraftController::adminReview', ['filter' => 'auth:admin']);
$routes->post('/administrator/exam-drafts/upload-legacy', 'View\ExamDraftController::adminUploadLegacy', ['filter' => 'auth:admin']); $routes->post('/administrator/exam-drafts/upload-legacy', 'View\ExamDraftController::adminUploadLegacy', ['filter' => 'auth:admin']);
$routes->get('/principal/exam-drafts', 'View\ExamDraftController::principalIndex', ['filter' => 'auth:admin']);
$routes->post('/principal/exam-drafts/review', 'View\ExamDraftController::principalReview', ['filter' => 'auth:admin']);
$routes->post('/principal/exam-drafts/upload-legacy', 'View\ExamDraftController::principalUploadLegacy', ['filter' => 'auth:admin']);
/* /*
* -------------------------------------------------------------------- * --------------------------------------------------------------------
+1 -1
View File
@@ -36,7 +36,7 @@ class Services extends BaseService
/** /**
* Override CI Email service to enforce a global Reply-To. * Override CI Email service to enforce a global Reply-To.
*/ */
public static function email(array $config = null, bool $getShared = true) public static function email(?array $config = null, bool $getShared = true)
{ {
if ($getShared) { if ($getShared) {
return static::getSharedInstance('email', $config); return static::getSharedInstance('email', $config);
+102 -38
View File
@@ -111,6 +111,23 @@ class AdminProgressController extends BaseController
); );
$sectionStats = $this->buildSectionSubmissionStats($rows, $activeDatesSet, $expectedDays); $sectionStats = $this->buildSectionSubmissionStats($rows, $activeDatesSet, $expectedDays);
$sectionSubjectCounts = $this->buildSectionSubjectCounts($rows); $sectionSubjectCounts = $this->buildSectionSubjectCounts($rows);
$lowProgressSectionIds = [];
if ($expectedDays > 0) {
foreach ($filteredSections as $section) {
$sectionId = (int) ($section['class_section_id'] ?? 0);
if ($sectionId === 0) {
continue;
}
$stat = $sectionStats[$sectionId] ?? null;
$percent = $stat['percent'] ?? 0;
if ($stat === null) {
$percent = 0;
}
if ($percent < 50) {
$lowProgressSectionIds[] = $sectionId;
}
}
}
return view('admin/class_progress_list', [ return view('admin/class_progress_list', [
'reportGroupsBySection' => $reportGroupsBySection, 'reportGroupsBySection' => $reportGroupsBySection,
@@ -121,6 +138,7 @@ class AdminProgressController extends BaseController
'sectionStats' => $sectionStats, 'sectionStats' => $sectionStats,
'sectionSubjectCounts' => $sectionSubjectCounts, 'sectionSubjectCounts' => $sectionSubjectCounts,
'expectedDays' => $expectedDays, 'expectedDays' => $expectedDays,
'lowProgressSectionIds' => $lowProgressSectionIds,
]); ]);
} }
@@ -414,13 +432,11 @@ class AdminProgressController extends BaseController
$allowedSubjects = array_values(array_filter($allowedSubjects)); $allowedSubjects = array_values(array_filter($allowedSubjects));
$counts = []; $counts = [];
$latestWeekBySection = [];
$sectionClassMap = []; $sectionClassMap = [];
foreach ($rows as $row) { foreach ($rows as $row) {
$sectionId = (int) ($row['class_section_id'] ?? 0); $sectionId = (int) ($row['class_section_id'] ?? 0);
$subject = (string) ($row['subject'] ?? ''); $subject = (string) ($row['subject'] ?? '');
$weekStart = (string) ($row['week_start'] ?? ''); if ($sectionId === 0 || $subject === '') {
if ($sectionId === 0 || $subject === '' || $weekStart === '') {
continue; continue;
} }
if (! empty($allowedSubjects) && ! in_array($subject, $allowedSubjects, true)) { if (! empty($allowedSubjects) && ! in_array($subject, $allowedSubjects, true)) {
@@ -429,45 +445,41 @@ class AdminProgressController extends BaseController
if (! isset($sectionClassMap[$sectionId])) { if (! isset($sectionClassMap[$sectionId])) {
$sectionClassMap[$sectionId] = $this->classSectionModel->getClassId($sectionId); $sectionClassMap[$sectionId] = $this->classSectionModel->getClassId($sectionId);
} }
if (
! isset($latestWeekBySection[$sectionId])
|| $weekStart > $latestWeekBySection[$sectionId]
) {
$latestWeekBySection[$sectionId] = $weekStart;
}
} }
$curriculumChapters = $this->buildCurriculumChapterMap(array_values(array_filter($sectionClassMap))); $curriculumUnits = $this->buildCurriculumUnitMap(array_values(array_filter($sectionClassMap)));
foreach ($rows as $row) { foreach ($rows as $row) {
$sectionId = (int) ($row['class_section_id'] ?? 0); $sectionId = (int) ($row['class_section_id'] ?? 0);
$subject = (string) ($row['subject'] ?? ''); $subject = (string) ($row['subject'] ?? '');
$weekStart = (string) ($row['week_start'] ?? ''); if ($sectionId === 0 || $subject === '') {
if ($sectionId === 0 || $subject === '' || $weekStart === '') {
continue; continue;
} }
if (! empty($allowedSubjects) && ! in_array($subject, $allowedSubjects, true)) { if (! empty($allowedSubjects) && ! in_array($subject, $allowedSubjects, true)) {
continue; continue;
} }
if (empty($latestWeekBySection[$sectionId]) || $weekStart !== $latestWeekBySection[$sectionId]) {
continue;
}
$subjectSlug = $this->resolveSubjectSlug($subject); $subjectSlug = $this->resolveSubjectSlug($subject);
$classId = $sectionClassMap[$sectionId] ?? null; $classId = $sectionClassMap[$sectionId] ?? null;
$chapterSet = []; $chapterToUnit = [];
if ($classId && $subjectSlug && ! empty($curriculumChapters[$classId][$subjectSlug])) { if ($classId && $subjectSlug && ! empty($curriculumUnits[$classId][$subjectSlug]['chapter_to_unit'])) {
$chapterSet = $curriculumChapters[$classId][$subjectSlug]; $chapterToUnit = $curriculumUnits[$classId][$subjectSlug]['chapter_to_unit'];
}
$unitKeys = $this->extractUnitKeys((string) ($row['unit_title'] ?? ''), $chapterToUnit);
foreach ($unitKeys as $unitKey) {
$key = $subjectSlug . '|' . $unitKey;
$counts[$sectionId][$key] = true;
} }
$counts[$sectionId] = ($counts[$sectionId] ?? 0) + $this->countChapterSegments(
(string) ($row['unit_title'] ?? ''),
$chapterSet
);
} }
return $counts; $totals = [];
foreach ($counts as $sectionId => $unitSet) {
$totals[$sectionId] = count($unitSet);
}
return $totals;
} }
protected function buildCurriculumChapterMap(array $classIds): array protected function buildCurriculumUnitMap(array $classIds): array
{ {
$classIds = array_values(array_filter(array_map('intval', $classIds))); $classIds = array_values(array_filter(array_map('intval', $classIds)));
if (empty($classIds)) { if (empty($classIds)) {
@@ -483,10 +495,15 @@ class AdminProgressController extends BaseController
$classId = (int) ($row['class_id'] ?? 0); $classId = (int) ($row['class_id'] ?? 0);
$subject = (string) ($row['subject'] ?? ''); $subject = (string) ($row['subject'] ?? '');
$chapter = trim((string) ($row['chapter_name'] ?? '')); $chapter = trim((string) ($row['chapter_name'] ?? ''));
$unitNumber = $row['unit_number'] ?? null;
if ($classId === 0 || $subject === '' || $chapter === '') { if ($classId === 0 || $subject === '' || $chapter === '') {
continue; continue;
} }
$map[$classId][$subject][$chapter] = true; if ($unitNumber === null || $unitNumber === '') {
continue;
}
$unitKey = (string) $unitNumber;
$map[$classId][$subject]['chapter_to_unit'][$chapter] = $unitKey;
} }
return $map; return $map;
@@ -504,46 +521,93 @@ class AdminProgressController extends BaseController
return null; return null;
} }
protected function countChapterSegments(string $unitTitle, array $chapterSet): int protected function countUnitSegments(string $unitTitle, array $chapterToUnit): int
{ {
$unitTitle = trim($unitTitle); $unitTitle = trim($unitTitle);
if ($unitTitle === '') { if ($unitTitle === '') {
return 1; return 0;
} }
$parts = array_filter(array_map('trim', explode(';', $unitTitle)), static fn ($part) => $part !== ''); $parts = array_filter(array_map('trim', explode(';', $unitTitle)), static fn ($part) => $part !== '');
if (! $parts) { if (! $parts) {
return 1; return 0;
} }
$count = 0;
$seen = []; $seen = [];
foreach ($parts as $part) { foreach ($parts as $part) {
$chapter = $this->extractChapterFromSegment($part); [$unitPart, $chapterPart] = $this->splitUnitChapterSegment($part);
$key = $chapter !== '' ? $chapter : $part; $key = $this->resolveUnitKey($unitPart, $chapterPart, $chapterToUnit);
if (! empty($chapterSet) && $chapter !== '' && empty($chapterSet[$chapter])) { if ($key === '') {
$key = $part; $key = $part;
} }
if (isset($seen[$key])) { if (isset($seen[$key])) {
continue; continue;
} }
$seen[$key] = true; $seen[$key] = true;
$count++;
} }
return $count > 0 ? $count : 1; return count($seen);
} }
protected function extractChapterFromSegment(string $segment): string protected function splitUnitChapterSegment(string $segment): array
{ {
$segment = trim($segment); $segment = trim($segment);
if ($segment === '') { if ($segment === '') {
return ''; return ['', ''];
} }
$pos = strrpos($segment, '/'); $pos = strrpos($segment, '/');
if ($pos === false) { if ($pos === false) {
return $segment; return [$segment, ''];
} }
return trim(substr($segment, $pos + 1)); $unitPart = trim(substr($segment, 0, $pos));
$chapterPart = trim(substr($segment, $pos + 1));
return [$unitPart, $chapterPart];
}
protected function extractUnitKeys(string $unitTitle, array $chapterToUnit): array
{
$unitTitle = trim($unitTitle);
if ($unitTitle === '') {
return [];
}
$parts = array_filter(array_map('trim', explode(';', $unitTitle)), static fn ($part) => $part !== '');
if (! $parts) {
return [];
}
$keys = [];
foreach ($parts as $part) {
[$unitPart, $chapterPart] = $this->splitUnitChapterSegment($part);
$key = $this->resolveUnitKey($unitPart, $chapterPart, $chapterToUnit);
if ($key === '') {
continue;
}
$keys[$key] = true;
}
return array_keys($keys);
}
protected function resolveUnitKey(string $unitPart, string $chapterPart, array $chapterToUnit): string
{
if ($chapterPart !== '' && ! empty($chapterToUnit[$chapterPart])) {
return (string) $chapterToUnit[$chapterPart];
}
if (empty($chapterToUnit)) {
if (preg_match('/\bunit\s*(\d+)\b/i', $unitPart, $matches)) {
return (string) $matches[1];
}
return '';
}
if (preg_match('/\bunit\s*(\d+)\b/i', $unitPart, $matches)) {
return (string) $matches[1];
}
if ($unitPart !== '') {
return $unitPart;
}
if ($chapterPart !== '') {
return $chapterPart;
}
return '';
} }
protected function buildSectionStat(int $submitted, int $expectedDays): array protected function buildSectionStat(int $submitted, int $expectedDays): array
+125 -35
View File
@@ -5,7 +5,6 @@ namespace App\Controllers;
use App\Models\LoginActivityModel; use App\Models\LoginActivityModel;
use App\Models\UserModel; use App\Models\UserModel;
use App\Models\UserRoleModel; use App\Models\UserRoleModel;
use CodeIgniter\Controller;
use CodeIgniter\Events\Events; use CodeIgniter\Events\Events;
use App\Models\IpAttemptModel; use App\Models\IpAttemptModel;
use App\Models\PasswordResetModel; use App\Models\PasswordResetModel;
@@ -19,7 +18,7 @@ require_once APPPATH . 'Helpers/pbkdf2_helper.php';
require_once APPPATH . 'Helpers/jwt_helper.php'; require_once APPPATH . 'Helpers/jwt_helper.php';
class AuthController extends Controller class AuthController extends BaseController
{ {
protected $configModel; protected $configModel;
protected $userModel; protected $userModel;
@@ -56,17 +55,50 @@ class AuthController extends Controller
public function loginMask() public function loginMask()
{ {
// Serve the login view directly here $redirectTo = $this->sanitizeRedirectTarget((string) ($this->request->getGet('redirect_to') ?? ''));
return view('user/login'); // Adjust the view path as needed
if (session()->get('is_logged_in')) {
if ($redirectTo !== null) {
return redirect()->to($redirectTo);
}
$roles = session()->get('roles') ?? [];
if (empty($roles) && session()->get('role')) {
$roles = [session()->get('role')];
}
if (!empty($roles)) {
return $this->redirectToDashboard($roles);
}
}
return view('user/login', [
'redirect_to' => $redirectTo ?? '',
]);
} }
public function login() public function login()
{ {
log_message('info', 'Processing login form submission.'); log_message('info', 'Processing login form submission.');
$redirectTo = $this->sanitizeRedirectTarget((string) ($this->request->getPost('redirect_to') ?? $this->request->getGet('redirect_to') ?? ''));
$validator = \Config\Services::validation();
$requestData = sanitize_request_value($this->request->getPost(['email', 'password']));
$validator->setRules([
'email' => 'required|valid_email|max_length[254]',
'password' => 'required|max_length[255]',
]);
if (! $validator->run($requestData)) {
return redirect()
->back()
->with('error', 'Please enter a valid email and password.')
->withInput();
}
// Step 1: Get email, password, and IP from the request // Step 1: Get email, password, and IP from the request
$email = $this->request->getPost('email'); $email = strtolower((string) $requestData['email']);
$password = $this->request->getPost('password'); $password = (string) $requestData['password'];
$ip = $this->request->getIPAddress(); $ip = $this->request->getIPAddress();
log_message('info', 'Login attempt from IP: ' . $ip . ' for email: ' . $email); log_message('info', 'Login attempt from IP: ' . $ip . ' for email: ' . $email);
@@ -98,7 +130,7 @@ class AuthController extends Controller
$this->logLoginAttempt($user['id'], $user['email'], $ip, $this->request->getUserAgent()); $this->logLoginAttempt($user['id'], $user['email'], $ip, $this->request->getUserAgent());
// ✅ Step 7: Call loginUser() to set session and redirect // ✅ Step 7: Call loginUser() to set session and redirect
return $this->loginUser($user); return $this->loginUser($user, $redirectTo);
} else { } else {
// Step 8: Password mismatch — log failed attempt // Step 8: Password mismatch — log failed attempt
$this->handleFailedLogin($user['id'], $user['email'], $ip); $this->handleFailedLogin($user['id'], $user['email'], $ip);
@@ -120,26 +152,29 @@ class AuthController extends Controller
// JSON API: POST /api/login // JSON API: POST /api/login
public function apiLogin() public function apiLogin()
{ {
$requestData = $this->request->getJSON(true); $requestData = sanitize_request_value($this->request->getJSON(true) ?: [
if (!$requestData) { 'email' => $this->request->getPost('email'),
// fallback to form vars 'password' => $this->request->getPost('password'),
$requestData = [ ]);
'email' => $this->request->getPost('email'),
'password' => $this->request->getPost('password'),
];
}
$email = $requestData['email'] ?? ''; $validation = \Config\Services::validation();
$password = $requestData['password'] ?? ''; $validation->setRules([
$ip = $this->request->getIPAddress(); 'email' => 'required|valid_email|max_length[254]',
'password' => 'required|max_length[255]',
]);
if (!$email || !$password) { if (! $validation->run($requestData)) {
return $this->response->setStatusCode(400)->setJSON([ return $this->response->setStatusCode(422)->setJSON([
'status' => false, 'status' => false,
'message' => 'Email and password are required.' 'message' => 'Validation failed.',
'errors' => $validation->getErrors(),
]); ]);
} }
$email = strtolower((string) ($requestData['email'] ?? ''));
$password = (string) ($requestData['password'] ?? '');
$ip = $this->request->getIPAddress();
if ($this->isIpBlocked($ip)) { if ($this->isIpBlocked($ip)) {
return $this->response->setStatusCode(429)->setJSON([ return $this->response->setStatusCode(429)->setJSON([
'status' => false, 'status' => false,
@@ -201,7 +236,15 @@ class AuthController extends Controller
'exp' => $exp, 'exp' => $exp,
]; ];
$secret = env('JWT_SECRET', 'change-me-in-env'); try {
$secret = require_env('JWT_SECRET');
} catch (\RuntimeException $e) {
return $this->response->setStatusCode(500)->setJSON([
'status' => false,
'message' => 'JWT configuration is missing.',
]);
}
$token = jwt_encode($payload, $secret, 'HS256'); $token = jwt_encode($payload, $secret, 'HS256');
return $this->response->setJSON([ return $this->response->setJSON([
@@ -221,18 +264,14 @@ class AuthController extends Controller
*/ */
public function apiRegister() public function apiRegister()
{ {
$requestData = $this->request->getJSON(true); $requestData = sanitize_request_value($this->request->getJSON(true) ?: $this->request->getPost());
if (!$requestData) {
// fallback to form vars
$requestData = $this->request->getPost();
}
// Basic validation // Basic validation
$rules = [ $rules = [
'firstname' => 'required|min_length[2]|max_length[30]', 'firstname' => "required|regex_match[/^[\\p{L}\\s'\\-]+$/u]|min_length[2]|max_length[30]",
'lastname' => 'required|min_length[2]|max_length[30]', 'lastname' => "required|regex_match[/^[\\p{L}\\s'\\-]+$/u]|min_length[2]|max_length[30]",
'email' => 'required|valid_email|is_unique[users.email]', 'email' => 'required|valid_email|max_length[254]|is_unique[users.email]',
'password' => 'required|min_length[8]', 'password' => 'required|min_length[8]|max_length[255]',
'cellphone' => 'required|min_length[10]|max_length[20]', 'cellphone' => 'required|min_length[10]|max_length[20]',
]; ];
@@ -313,7 +352,7 @@ class AuthController extends Controller
'exp' => $exp, 'exp' => $exp,
]; ];
$secret = env('JWT_SECRET', 'change-me-in-env'); $secret = require_env('JWT_SECRET');
$token = jwt_encode($payload, $secret, 'HS256'); $token = jwt_encode($payload, $secret, 'HS256');
return $this->response->setStatusCode(201)->setJSON([ return $this->response->setStatusCode(201)->setJSON([
@@ -469,6 +508,7 @@ class AuthController extends Controller
// Generate a secure token for the password reset // Generate a secure token for the password reset
helper('text'); helper('text');
$token = bin2hex(random_bytes(48)); $token = bin2hex(random_bytes(48));
$tokenHash = hash('sha256', $token);
// Calculate the expiration time for the token (1 hour from now) // Calculate the expiration time for the token (1 hour from now)
$expires_at = Time::now()->addHours(1); $expires_at = Time::now()->addHours(1);
@@ -477,7 +517,7 @@ class AuthController extends Controller
$passwordResetModel = new PasswordResetModel(); $passwordResetModel = new PasswordResetModel();
$passwordResetModel->insert([ $passwordResetModel->insert([
'email' => $email, 'email' => $email,
'token' => $token, 'token' => $tokenHash,
'created_at' => Time::now(), 'created_at' => Time::now(),
'expires_at' => $expires_at, 'expires_at' => $expires_at,
]); ]);
@@ -490,7 +530,7 @@ class AuthController extends Controller
return true; return true;
} }
private function loginUser($user) private function loginUser($user, ?string $redirectTo = null)
{ {
$userRoleModel = new UserRoleModel(); $userRoleModel = new UserRoleModel();
$roles = $userRoleModel->select('roles.name') $roles = $userRoleModel->select('roles.name')
@@ -524,9 +564,17 @@ class AuthController extends Controller
if (count($roleNames) === 1) { if (count($roleNames) === 1) {
// One role → set and redirect directly // One role → set and redirect directly
session()->set('role', $roleNames[0]); session()->set('role', $roleNames[0]);
if ($redirectTo !== null) {
return redirect()->to($redirectTo);
}
return $this->redirectToDashboard([$roleNames[0]]); return $this->redirectToDashboard([$roleNames[0]]);
} else { } else {
// Multiple roles → redirect to role selection view // Multiple roles → redirect to role selection view
if ($redirectTo !== null) {
session()->set('post_login_redirect', $redirectTo);
} else {
session()->remove('post_login_redirect');
}
return redirect()->to('/select-role'); return redirect()->to('/select-role');
} }
@@ -591,12 +639,17 @@ private function redirectToDashboard(array $roles)
{ {
$selectedRole = $this->request->getPost('selected_role'); $selectedRole = $this->request->getPost('selected_role');
$availableRoles = session()->get('roles'); $availableRoles = session()->get('roles');
$redirectTo = $this->sanitizeRedirectTarget((string) ($this->request->getPost('redirect_to') ?? session()->get('post_login_redirect') ?? ''));
if (!$selectedRole || !in_array($selectedRole, $availableRoles)) { if (!$selectedRole || !in_array($selectedRole, $availableRoles)) {
return redirect()->to('/select-role')->with('error', 'Invalid role selected.'); return redirect()->to('/select-role')->with('error', 'Invalid role selected.');
} }
session()->set('role', $selectedRole); session()->set('role', $selectedRole);
session()->remove('post_login_redirect');
if ($redirectTo !== null) {
return redirect()->to($redirectTo);
}
return $this->redirectToDashboard([$selectedRole]); return $this->redirectToDashboard([$selectedRole]);
} }
@@ -608,7 +661,44 @@ private function redirectToDashboard(array $roles)
return redirect()->to('/login')->with('error', 'No roles available.'); return redirect()->to('/login')->with('error', 'No roles available.');
} }
return view('auth/select_role', ['roles' => $roles]); return view('auth/select_role', [
'roles' => $roles,
'redirect_to' => (string) (session()->get('post_login_redirect') ?? ''),
]);
}
private function sanitizeRedirectTarget(string $redirectTo): ?string
{
$redirectTo = trim($redirectTo);
if ($redirectTo === '') {
return null;
}
if (preg_match('#^https?://#i', $redirectTo)) {
$appHost = (string) parse_url(base_url('/'), PHP_URL_HOST);
$targetHost = (string) parse_url($redirectTo, PHP_URL_HOST);
$targetPath = (string) parse_url($redirectTo, PHP_URL_PATH);
$targetQuery = (string) parse_url($redirectTo, PHP_URL_QUERY);
if ($appHost === '' || $targetHost === '' || strcasecmp($appHost, $targetHost) !== 0) {
return null;
}
$redirectTo = $targetPath !== '' ? $targetPath : '/';
if ($targetQuery !== '') {
$redirectTo .= '?' . $targetQuery;
}
}
if (!str_starts_with($redirectTo, '/')) {
$redirectTo = '/' . ltrim($redirectTo, '/');
}
if (str_starts_with($redirectTo, '//')) {
return null;
}
return $redirectTo;
} }
} }
+17 -2
View File
@@ -36,7 +36,7 @@ abstract class BaseController extends Controller
* *
* @var list<string> * @var list<string>
*/ */
protected $helpers = []; protected $helpers = ['security'];
/** @var ApiClient */ /** @var ApiClient */
protected ApiClient $api; protected ApiClient $api;
@@ -73,6 +73,21 @@ abstract class BaseController extends Controller
// Assuming the user role is stored in the session // Assuming the user role is stored in the session
return session()->get('role'); return session()->get('role');
} }
protected function validated(array $rules, ?array $data = null): array
{
$validation = service('validation');
$payload = $data ?? ($this->request->getJSON(true) ?: $this->request->getPost());
$payload = sanitize_request_value($payload);
$validation->setRules($rules);
if (! $validation->run($payload)) {
throw new \InvalidArgumentException(json_encode($validation->getErrors(), JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES) ?: 'Validation failed');
}
return $payload;
}
} }
?> ?>
+380 -1
View File
@@ -28,6 +28,10 @@ class ClassProgressController extends BaseController
'db_subject' => 'Quran/Arabic', 'db_subject' => 'Quran/Arabic',
], ],
]; ];
/** Unit column for teacher custom Islamic / Quran rows; must match teacher form JS. Segment: "Custom / {text}". */
public const CUSTOM_UNIT_ROW_LABEL = 'Custom';
protected ClassProgressReportModel $reportModel; protected ClassProgressReportModel $reportModel;
protected ClassProgressAttachmentModel $attachmentModel; protected ClassProgressAttachmentModel $attachmentModel;
protected TeacherClassModel $teacherClassModel; protected TeacherClassModel $teacherClassModel;
@@ -98,6 +102,10 @@ class ClassProgressController extends BaseController
return redirect()->back()->withInput()->with('errors', $this->validator->getErrors()); return redirect()->back()->withInput()->with('errors', $this->validator->getErrors());
} }
if (! $this->hasIslamicUnitSelection()) {
return redirect()->back()->withInput()->with('error', 'Please select at least one Islamic Studies unit.');
}
$attachmentErrors = $this->validateAttachmentFiles($subjectSections); $attachmentErrors = $this->validateAttachmentFiles($subjectSections);
if (! empty($attachmentErrors)) { if (! empty($attachmentErrors)) {
return redirect()->back()->withInput()->with('errors', $attachmentErrors); return redirect()->back()->withInput()->with('errors', $attachmentErrors);
@@ -119,6 +127,32 @@ class ClassProgressController extends BaseController
return redirect()->back()->withInput()->with('error', 'No class assignment found for this report.'); return redirect()->back()->withInput()->with('error', 'No class assignment found for this report.');
} }
$confirmOverwrite = (bool) $this->request->getPost('confirm_overwrite');
$existingReports = $this->reportModel
->select('id')
->where('class_section_id', $classSectionId)
->where('week_start', $weekStart)
->where('teacher_id', $teacherId)
->findAll();
if (! $confirmOverwrite && ! empty($existingReports)) {
return redirect()->back()
->withInput()
->with('warning', 'A progress report already exists for this week, are you sure you want to override it?')
->with('confirm_overwrite', true);
}
if ($confirmOverwrite && ! empty($existingReports)) {
$existingIds = array_values(array_filter(array_map(
static fn (array $row): int => (int) ($row['id'] ?? 0),
$existingReports
)));
if (! empty($existingIds)) {
$this->attachmentModel->whereIn('report_id', $existingIds)->delete();
$this->reportModel->whereIn('id', $existingIds)->delete();
}
}
$status = self::DEFAULT_STATUS; $status = self::DEFAULT_STATUS;
$reportsCreated = 0; $reportsCreated = 0;
@@ -276,6 +310,262 @@ class ClassProgressController extends BaseController
]); ]);
} }
public function edit($id)
{
$teacherId = (int) session()->get('user_id');
$row = $this->reportModel
->select('class_progress_reports.*, cs.class_section_name')
->join('classSection cs', 'cs.class_section_id = class_progress_reports.class_section_id', 'left')
->where('class_progress_reports.id', (int) $id)
->first();
if (! $row) {
throw new PageNotFoundException('Progress report not found.');
}
[$semester, $schoolYear] = $this->resolveCurrentTerm();
$allowedTeacherIds = $this->resolveAssignedTeacherIds((int) $row['class_section_id'], $semester, $schoolYear);
if (empty($allowedTeacherIds)) {
if ($teacherId !== (int) $row['teacher_id']) {
throw new PageNotFoundException('Progress report not found.');
}
$allowedTeacherIds = [(int) $row['teacher_id']];
} elseif (! in_array($teacherId, $allowedTeacherIds, true)) {
throw new PageNotFoundException('Progress report not found.');
}
$weeklyReports = $this->reportModel
->select('class_progress_reports.*')
->whereIn('teacher_id', $allowedTeacherIds)
->where('class_section_id', $row['class_section_id'])
->where('week_start', $row['week_start'])
->orderBy('subject', 'ASC')
->findAll();
$reportMap = [];
foreach ($weeklyReports as $report) {
$subject = (string) ($report['subject'] ?? '');
if ($subject === '') {
continue;
}
$reportMap[$subject] = $report;
}
$subjectReports = [];
foreach (self::SUBJECT_SECTIONS as $slug => $section) {
$subjectName = $section['db_subject'] ?? $section['label'] ?? $slug;
$report = $reportMap[$subjectName] ?? null;
if (! $report) {
continue;
}
$parsed = $this->parseUnitChapterSummary((string) ($report['unit_title'] ?? ''));
$subjectReports[$slug] = [
'report_id' => (int) ($report['id'] ?? 0),
'covered' => $report['covered'] ?? '',
'homework' => $report['homework'] ?? '',
'unit_title' => $report['unit_title'] ?? '',
'unit_values' => $parsed['units'],
'chapter_values' => $parsed['chapters'],
];
}
$assignments = $this->loadTeacherSections($teacherId);
$classId = null;
$classSectionName = $row['class_section_name'] ?? '';
foreach ($assignments as $assignment) {
if ((int) ($assignment['class_section_id'] ?? 0) === (int) $row['class_section_id']) {
$classId = $assignment['class_id'] ?? null;
$classSectionName = $assignment['class_section_name'] ?? $classSectionName;
break;
}
}
$subjectCurriculum = [];
if ($classId) {
foreach (self::SUBJECT_SECTIONS as $slug => $section) {
$subjectCurriculum[$slug] = $this->curriculumModel->getOptionsForClass((int) $classId, $slug);
}
}
$sundayOptions = $this->buildSundayOptions();
if (!in_array($row['week_start'], $sundayOptions, true)) {
array_unshift($sundayOptions, $row['week_start']);
}
return view('teacher/class_progress_submit', [
'subjectSections' => self::SUBJECT_SECTIONS,
'subjectCurriculum' => $subjectCurriculum,
'classSectionId' => $row['class_section_id'],
'classSectionName' => $classSectionName,
'classId' => $classId,
'sundayOptions' => $sundayOptions,
'defaultWeekStart' => $row['week_start'],
'existingWeekEnd' => $row['week_end'],
'existingReports' => $subjectReports,
'isEdit' => true,
'formAction' => base_url('teacher/progress/update/' . (int) $row['id']),
'submitLabel' => 'Update Progress',
]);
}
public function update($id)
{
$teacherId = (int) session()->get('user_id');
$row = $this->reportModel->find((int) $id);
if (! $row) {
throw new PageNotFoundException('Progress report not found.');
}
[$semester, $schoolYear] = $this->resolveCurrentTerm();
$allowedTeacherIds = $this->resolveAssignedTeacherIds((int) $row['class_section_id'], $semester, $schoolYear);
if (empty($allowedTeacherIds)) {
if ($teacherId !== (int) $row['teacher_id']) {
throw new PageNotFoundException('Progress report not found.');
}
$allowedTeacherIds = [(int) $row['teacher_id']];
} elseif (! in_array($teacherId, $allowedTeacherIds, true)) {
throw new PageNotFoundException('Progress report not found.');
}
$subjectSections = self::SUBJECT_SECTIONS;
$rules = [
'class_section_id' => 'required|integer',
'week_start' => 'required|valid_date[Y-m-d]',
'week_end' => 'required|valid_date[Y-m-d]',
];
foreach ($subjectSections as $slug => $section) {
$rules["covered_$slug"] = 'required|string';
$rules["homework_$slug"] = 'permit_empty|string';
$rules["unit_{$slug}.*"] = 'permit_empty|string|max_length[120]';
$rules["chapter_{$slug}.*"] = 'permit_empty|string|max_length[120]';
}
if (! $this->validate($rules)) {
return redirect()->back()->withInput()->with('errors', $this->validator->getErrors());
}
if (! $this->hasIslamicUnitSelection()) {
return redirect()->back()->withInput()->with('error', 'Please select at least one Islamic Studies unit.');
}
$attachmentErrors = $this->validateAttachmentFiles($subjectSections);
if (! empty($attachmentErrors)) {
return redirect()->back()->withInput()->with('errors', $attachmentErrors);
}
$weekStart = (string) $this->request->getPost('week_start');
$weekEnd = (string) $this->request->getPost('week_end');
if ($weekStart && ! $weekEnd) {
$weekEnd = $this->buildWeekEndFromStart($weekStart);
}
if ($weekStart && $weekEnd && strtotime($weekEnd) < strtotime($weekStart)) {
return redirect()->back()->withInput()->with('error', 'Week end must be the same as or after the week start.');
}
$classSectionId = (int) ($row['class_section_id'] ?? 0);
if ($classSectionId === 0) {
return redirect()->back()->withInput()->with('error', 'No class assignment found for this report.');
}
$confirmOverwrite = (bool) $this->request->getPost('confirm_overwrite');
if ($weekStart && $weekStart !== (string) ($row['week_start'] ?? '')) {
$conflicts = $this->reportModel
->select('id')
->where('class_section_id', $classSectionId)
->where('week_start', $weekStart)
->where('teacher_id', $teacherId)
->findAll();
if (! $confirmOverwrite && ! empty($conflicts)) {
return redirect()->back()
->withInput()
->with('warning', 'A progress report already exists for this week, are you sure you want to override it?')
->with('confirm_overwrite', true);
}
if ($confirmOverwrite && ! empty($conflicts)) {
$conflictIds = array_values(array_filter(array_map(
static fn (array $row): int => (int) ($row['id'] ?? 0),
$conflicts
)));
if (! empty($conflictIds)) {
$this->attachmentModel->whereIn('report_id', $conflictIds)->delete();
$this->reportModel->whereIn('id', $conflictIds)->delete();
}
}
}
$weeklyReports = $this->reportModel
->select('class_progress_reports.*')
->whereIn('teacher_id', $allowedTeacherIds)
->where('class_section_id', $classSectionId)
->where('week_start', $row['week_start'])
->orderBy('subject', 'ASC')
->findAll();
$reportMap = [];
foreach ($weeklyReports as $report) {
$subject = (string) ($report['subject'] ?? '');
if ($subject === '') {
continue;
}
$reportMap[$subject] = $report;
}
$reportsUpdated = 0;
$flagsInput = $this->request->getPost('flags');
foreach ($subjectSections as $slug => $section) {
$covered = trim((string) $this->request->getPost("covered_$slug"));
if ($covered === '') {
continue;
}
$homework = trim((string) $this->request->getPost("homework_$slug"));
$unitTitle = $this->buildUnitChapterSummary($slug);
$subjectName = $section['db_subject'] ?? $section['label'] ?? $slug;
$existing = $reportMap[$subjectName] ?? null;
if ($unitTitle === null && $existing) {
$unitTitle = $existing['unit_title'] ?? null;
}
$data = [
'class_section_id' => $classSectionId,
'week_start' => $weekStart,
'week_end' => $weekEnd,
'subject' => $subjectName,
'unit_title' => $unitTitle,
'covered' => $covered,
'homework' => $homework ?: null,
];
if ($flagsInput !== null) {
$data['flags_json'] = $this->normalizeFlags($flagsInput);
}
if ($existing) {
$this->reportModel->update((int) $existing['id'], $data);
$reportId = (int) $existing['id'];
} else {
$data['teacher_id'] = $teacherId;
$data['status'] = self::DEFAULT_STATUS;
$reportId = (int) $this->reportModel->insert($data, true);
}
$attachmentField = "attachment_$slug";
$attachments = $this->request->getFileMultiple($attachmentField) ?? [];
$storedAttachments = $this->storeAttachments($reportId, $attachments);
if (! empty($storedAttachments)) {
$this->attachmentModel->insertBatch($storedAttachments);
if (empty($existing['attachment_path'] ?? '')) {
$this->reportModel->update($reportId, ['attachment_path' => $storedAttachments[0]['file_path']]);
}
}
$reportsUpdated++;
}
if ($reportsUpdated === 0) {
return redirect()->back()->withInput()->with('error', 'Please provide progress for at least one subject.');
}
return redirect()->to('teacher/progress/history')->with('success', 'Progress reports updated.');
}
public function attachment($id) public function attachment($id)
{ {
$row = $this->reportModel->find((int)$id); $row = $this->reportModel->find((int)$id);
@@ -419,6 +709,37 @@ class ClassProgressController extends BaseController
return $flags ? json_encode($flags) : null; return $flags ? json_encode($flags) : null;
} }
/**
* Split stored unit_title into curriculum lines vs custom teacher-typed subjects ("Custom / …").
* Keep in sync with teacher form, {@see buildUnitChapterSummary()}, and admin views.
*
* @return array{curriculum: list<string>, custom: list<string>}
*/
public static function splitUnitTitleForDisplay(string $unitTitle): array
{
$unitTitle = trim($unitTitle);
if ($unitTitle === '') {
return ['curriculum' => [], 'custom' => []];
}
$segments = preg_split('/\s*;\s*/', $unitTitle, -1, PREG_SPLIT_NO_EMPTY);
$curriculum = [];
$custom = [];
foreach ($segments as $seg) {
$seg = trim((string) $seg);
if ($seg === '') {
continue;
}
if (preg_match('/^Custom\s*\/\s*(.+)$/iu', $seg, $m)) {
$custom[] = trim($m[1]);
} else {
$curriculum[] = $seg;
}
}
return ['curriculum' => $curriculum, 'custom' => $custom];
}
protected function buildUnitChapterSummary(string $slug): ?string protected function buildUnitChapterSummary(string $slug): ?string
{ {
$unitValues = array_map('trim', (array) $this->request->getPost("unit_$slug")); $unitValues = array_map('trim', (array) $this->request->getPost("unit_$slug"));
@@ -431,9 +752,12 @@ class ClassProgressController extends BaseController
if ($unit === '' && $chapter === '') { if ($unit === '' && $chapter === '') {
continue; continue;
} }
if (strcasecmp($unit, self::CUSTOM_UNIT_ROW_LABEL) === 0 && $chapter !== '') {
$unit = self::CUSTOM_UNIT_ROW_LABEL;
}
$segment = $unit; $segment = $unit;
if ($chapter !== '') { if ($chapter !== '') {
$segment = $segment !== '' ? $segment . ' / ' . $chapter : $chapter; $segment = $segment !== '' ? $unit . ' / ' . $chapter : $chapter;
} }
if ($segment === '') { if ($segment === '') {
continue; continue;
@@ -444,9 +768,64 @@ class ClassProgressController extends BaseController
return null; return null;
} }
$summary = implode(' ; ', $parts); $summary = implode(' ; ', $parts);
return mb_strlen($summary) > 120 ? mb_substr($summary, 0, 120) : $summary; return mb_strlen($summary) > 120 ? mb_substr($summary, 0, 120) : $summary;
} }
protected function hasIslamicUnitSelection(): bool
{
$unitValues = array_map('trim', (array) $this->request->getPost('unit_islamic'));
$chapterValues = array_map('trim', (array) $this->request->getPost('chapter_islamic'));
$count = max(count($unitValues), count($chapterValues));
for ($i = 0; $i < $count; $i++) {
$unit = $unitValues[$i] ?? '';
$chapter = $chapterValues[$i] ?? '';
if ($unit !== '' || $chapter !== '') {
return true;
}
}
return false;
}
protected function parseUnitChapterSummary(string $summary): array
{
$summary = trim($summary);
if ($summary === '') {
return ['units' => [], 'chapters' => []];
}
$units = [];
$chapters = [];
$segments = preg_split('/\s*;\s*/', $summary, -1, PREG_SPLIT_NO_EMPTY);
foreach ($segments as $segment) {
$segment = trim($segment);
if ($segment === '') {
continue;
}
if (preg_match('/^Custom\s*\/\s*(.+)$/iu', $segment, $m)) {
$units[] = self::CUSTOM_UNIT_ROW_LABEL;
$chapters[] = trim($m[1]);
continue;
}
$parts = preg_split('/\s*\/\s*/', $segment, 2);
if (count($parts) === 2) {
$u = trim($parts[0]);
if (strcasecmp($u, self::CUSTOM_UNIT_ROW_LABEL) === 0) {
$u = self::CUSTOM_UNIT_ROW_LABEL;
}
$units[] = $u;
$chapters[] = trim($parts[1]);
} else {
$units[] = $segment;
$chapters[] = '';
}
}
return ['units' => $units, 'chapters' => $chapters];
}
protected function buildSundayOptions(int $count = 12): array protected function buildSundayOptions(int $count = 12): array
{ {
$range = $this->resolveProgressDateRange(); $range = $this->resolveProgressDateRange();
+58 -22
View File
@@ -29,18 +29,12 @@ class ParentProgressController extends BaseController
public function index() public function index()
{ {
$sectionIds = $this->getParentSectionIds(); $students = $this->getParentStudents();
$sectionOptions = $this->buildSectionOptions($sectionIds); $sectionIds = array_values(array_unique(array_filter(array_map(
static fn (array $student): int => (int) ($student['class_section_id'] ?? 0),
$students
))));
$subjectSections = ClassProgressController::SUBJECT_SECTIONS; $subjectSections = ClassProgressController::SUBJECT_SECTIONS;
$selectedSectionId = (int) $this->request->getGet('class_section_id');
$validSectionIds = array_keys($sectionOptions);
if ($selectedSectionId === 0 && ! empty($validSectionIds)) {
$selectedSectionId = $validSectionIds[0];
}
if ($selectedSectionId && ! in_array($selectedSectionId, $validSectionIds, true)) {
$selectedSectionId = $validSectionIds[0] ?? null;
}
$rows = []; $rows = [];
if (! empty($sectionIds)) { if (! empty($sectionIds)) {
@@ -50,23 +44,32 @@ class ParentProgressController extends BaseController
->join('users u', 'u.id = class_progress_reports.teacher_id', 'left') ->join('users u', 'u.id = class_progress_reports.teacher_id', 'left')
->whereIn('class_progress_reports.class_section_id', $sectionIds); ->whereIn('class_progress_reports.class_section_id', $sectionIds);
if ($selectedSectionId) {
$builder->where('class_progress_reports.class_section_id', $selectedSectionId);
}
$rows = $builder $rows = $builder
->orderBy('week_start', 'DESC') ->orderBy('week_start', 'DESC')
->findAll(); ->findAll();
} }
$reportGroups = $this->groupReportsByWeek($rows); $studentReportGroups = [];
foreach ($students as $student) {
$studentId = (int) ($student['student_id'] ?? 0);
if ($studentId === 0) {
continue;
}
$classSectionId = (int) ($student['class_section_id'] ?? 0);
$studentRows = $classSectionId
? array_values(array_filter(
$rows,
static fn (array $row): bool => (int) ($row['class_section_id'] ?? 0) === $classSectionId
))
: [];
$studentReportGroups[$studentId] = $this->groupReportsByWeek($studentRows);
}
return view('parent/class_progress_list', [ return view('parent/class_progress_list', [
'reportGroups' => $reportGroups, 'students' => $students,
'studentReportGroups' => $studentReportGroups,
'subjectSections' => $subjectSections, 'subjectSections' => $subjectSections,
'classSectionOptions' => $sectionOptions, 'hasStudents' => ! empty($students),
'selectedSectionId' => $selectedSectionId,
'hasSections' => ! empty($sectionIds),
]); ]);
} }
@@ -198,20 +201,53 @@ class ParentProgressController extends BaseController
return $options; return $options;
} }
protected function getParentStudents(): array
{
$parentId = (int) session()->get('user_id');
if ($parentId === 0) {
return [];
}
$rows = $this->db->table('enrollments e')
->select('e.student_id, e.class_section_id, e.updated_at, e.created_at, s.firstname, s.lastname, cs.class_section_name')
->join('students s', 's.id = e.student_id')
->join('classSection cs', 'cs.class_section_id = e.class_section_id', 'left')
->where('e.parent_id', $parentId)
->where('e.is_withdrawn', 0)
->orderBy('e.updated_at', 'DESC')
->orderBy('e.created_at', 'DESC')
->get()
->getResultArray();
$students = [];
foreach ($rows as $row) {
$studentId = (int) ($row['student_id'] ?? 0);
if ($studentId === 0 || isset($students[$studentId])) {
continue;
}
$students[$studentId] = $row;
}
return array_values($students);
}
protected function groupReportsByWeek(array $rows): array protected function groupReportsByWeek(array $rows): array
{ {
$reportGroups = []; $reportGroups = [];
foreach ($rows as $row) { foreach ($rows as $row) {
$row['status_label'] = ClassProgressController::STATUS_OPTIONS[$row['status']] ?? 'Unknown'; $row['status_label'] = ClassProgressController::STATUS_OPTIONS[$row['status']] ?? 'Unknown';
$key = $row['week_start'] ?? ''; $weekStart = $row['week_start'] ?? '';
if ($key === '') { $sectionId = (int) ($row['class_section_id'] ?? 0);
if ($weekStart === '' || $sectionId === 0) {
continue; continue;
} }
$key = $weekStart . ':' . $sectionId;
if (! isset($reportGroups[$key])) { if (! isset($reportGroups[$key])) {
$reportGroups[$key] = [ $reportGroups[$key] = [
'week_start' => $row['week_start'] ?? '', 'week_start' => $row['week_start'] ?? '',
'week_end' => $row['week_end'] ?? '', 'week_end' => $row['week_end'] ?? '',
'class_section_name' => $row['class_section_name'] ?? '', 'class_section_name' => $row['class_section_name'] ?? '',
'class_section_id' => $sectionId,
'reports' => [], 'reports' => [],
]; ];
} }
+10 -3
View File
@@ -20,15 +20,22 @@ class ProofreadController extends ResourceController
} }
// Accept form-urlencoded payload to play nicely with CSRF protection // Accept form-urlencoded payload to play nicely with CSRF protection
$text = (string) ($this->request->getPost('text') ?? ''); $validation = service('validation');
if ($text === '' || mb_strlen($text) > 20000) { $payload = sanitize_request_value($this->request->getPost(['text']));
$validation->setRules([
'text' => 'required|min_length[1]|max_length[20000]',
]);
if (! $validation->run($payload)) {
return $this->respond([ return $this->respond([
'ok' => false, 'ok' => false,
'error' => 'Invalid text (empty or too long).', 'error' => 'Invalid text payload.',
'csrfHash' => csrf_hash(), 'csrfHash' => csrf_hash(),
], 422); ], 422);
} }
$text = (string) $payload['text'];
$client = \Config\Services::curlrequest(['timeout' => 10]); $client = \Config\Services::curlrequest(['timeout' => 10]);
try { try {
+550 -35
View File
@@ -28,6 +28,8 @@ use App\Models\ScoreCommentModel;
use App\Models\SemesterScoreModel; use App\Models\SemesterScoreModel;
use App\Models\TeacherClassModel; use App\Models\TeacherClassModel;
use App\Models\TeacherSubmissionNotificationHistoryModel; use App\Models\TeacherSubmissionNotificationHistoryModel;
use App\Models\ExamDraftModel;
use App\Models\HomeworkModel;
use App\Services\SemesterRangeService; use App\Services\SemesterRangeService;
use CodeIgniter\Events\Events; use CodeIgniter\Events\Events;
@@ -696,15 +698,26 @@ class AdministratorController extends BaseController
public function teacherSubmissionsReport() public function teacherSubmissionsReport()
{ {
$semester = (string)($this->semester ?? ''); $semester = (string)($this->configModel->getConfig('semester') ?? $this->semester ?? '');
$schoolYear = (string)($this->schoolYear ?? ''); $schoolYear = (string)($this->configModel->getConfig('school_year') ?? $this->schoolYear ?? '');
$semesterResolver = new SemesterRangeService($this->configModel);
$semesterNorm = $semesterResolver->normalizeSemester($semester);
$semesterFilter = $semesterNorm !== '' ? $semesterNorm : $semester;
$semesterCandidates = $this->buildSemesterCandidates($semesterFilter);
$lowProgressRaw = (string) $this->request->getGet('low_progress_sections');
$lowProgressSectionIds = array_values(array_unique(array_filter(array_map(
'intval',
preg_split('/\s*,\s*/', $lowProgressRaw, -1, PREG_SPLIT_NO_EMPTY)
))));
$scoreComments = new ScoreCommentModel(); $scoreComments = new ScoreCommentModel();
$semesterScores = new SemesterScoreModel(); $semesterScores = new SemesterScoreModel();
$attendanceDays = new AttendanceDayModel(); $attendanceDays = new AttendanceDayModel();
$examDrafts = new ExamDraftModel();
$homeworkModel = new HomeworkModel();
$historyModel = new TeacherSubmissionNotificationHistoryModel(); $historyModel = new TeacherSubmissionNotificationHistoryModel();
$assignmentRows = $this->db->table('teacher_class tc') $assignmentQuery = $this->db->table('teacher_class tc')
->select([ ->select([
'tc.class_section_id', 'tc.class_section_id',
'cs.class_section_name', 'cs.class_section_name',
@@ -715,11 +728,97 @@ class AdministratorController extends BaseController
]) ])
->join('classSection cs', 'cs.class_section_id = tc.class_section_id', 'left') ->join('classSection cs', 'cs.class_section_id = tc.class_section_id', 'left')
->join('users u', 'u.id = tc.teacher_id', 'left') ->join('users u', 'u.id = tc.teacher_id', 'left')
->where('tc.school_year', $schoolYear) ->orderBy('cs.class_section_name', 'ASC');
->where('tc.semester', $semester)
->orderBy('cs.class_section_name', 'ASC') $filteredQuery = clone $assignmentQuery;
->get() if ($schoolYear !== '') {
->getResultArray(); $filteredQuery = $filteredQuery->where('tc.school_year', $schoolYear);
}
if (!empty($semesterCandidates)) {
$filteredQuery = $filteredQuery->whereIn('tc.semester', $semesterCandidates);
}
$assignmentRows = $filteredQuery->get()->getResultArray();
if (empty($assignmentRows) && ($schoolYear !== '' || $semester !== '')) {
$assignmentRows = $assignmentQuery->get()->getResultArray();
}
$studentCounts = $this->studentClassModel->getStudentCountsBySection($schoolYear !== '' ? $schoolYear : null);
$sectionRows = $this->classSectionModel
->select('class_section_id, class_section_name')
->orderBy('class_section_name', 'ASC')
->findAll();
$sectionMap = [];
foreach ($sectionRows as $sectionRow) {
$sectionId = (int) ($sectionRow['class_section_id'] ?? 0);
if ($sectionId <= 0) {
continue;
}
if (empty($studentCounts[$sectionId])) {
continue;
}
$sectionMap[$sectionId] = $sectionRow['class_section_name'] ?? "Section {$sectionId}";
}
$sectionIds = array_keys($sectionMap);
[$progressExpectedWeeks, $progressSubmittedBySection] = $this->buildClassProgressStats($sectionIds);
$examDraftCounts = [];
$examDraftDeadline = $this->resolveTeacherDashboardExamDraftDeadline($semester, $schoolYear);
$examDraftDeadlineConfig = trim((string) ($this->configModel->getConfig('exam_draft_deadline') ?? ''));
$examDraftDeadlineFormatted = '';
if ($examDraftDeadlineConfig !== '') {
$parsedUi = $this->parseExamDraftDeadlineConfigValue();
$examDraftDeadlineFormatted = $parsedUi !== null ? $parsedUi->format('M j, Y') : '';
}
$homeworkCounts = [];
if (! empty($sectionIds)) {
$draftBuilder = $examDrafts
->select('class_section_id')
->whereIn('class_section_id', $sectionIds);
if ($schoolYear !== '') {
$draftBuilder->where('school_year', $schoolYear);
}
if (!empty($semesterCandidates)) {
$draftBuilder->whereIn('semester', $semesterCandidates);
}
if ($this->db->fieldExists('is_legacy', 'exam_drafts')) {
$draftBuilder->where('is_legacy', 0);
}
$draftRows = $draftBuilder->findAll();
foreach ($draftRows as $draft) {
$sectionId = (int) ($draft['class_section_id'] ?? 0);
if ($sectionId <= 0) {
continue;
}
$examDraftCounts[$sectionId] = ($examDraftCounts[$sectionId] ?? 0) + 1;
}
$homeworkBuilder = $homeworkModel
->select('class_section_id, homework_index')
->whereIn('class_section_id', $sectionIds);
if ($schoolYear !== '') {
$homeworkBuilder->where('school_year', $schoolYear);
}
if (!empty($semesterCandidates)) {
$homeworkBuilder->whereIn('semester', $semesterCandidates);
}
$homeworkRows = $homeworkBuilder
->where('score IS NOT NULL', null, false)
->where('score !=', '')
->groupBy('class_section_id, homework_index')
->findAll();
foreach ($homeworkRows as $row) {
$sectionId = (int) ($row['class_section_id'] ?? 0);
if ($sectionId <= 0) {
continue;
}
$homeworkCounts[$sectionId] = ($homeworkCounts[$sectionId] ?? 0) + 1;
}
}
if (empty($lowProgressSectionIds)) {
$lowProgressSectionIds = $this->resolveLowProgressSectionIds($sectionIds);
}
$teachersBySection = []; $teachersBySection = [];
foreach ($assignmentRows as $assignment) { foreach ($assignmentRows as $assignment) {
@@ -745,7 +844,7 @@ class AdministratorController extends BaseController
$entry = &$teachersBySection[$sectionId]; $entry = &$teachersBySection[$sectionId];
if (!isset($entry)) { if (!isset($entry)) {
$entry = [ $entry = [
'class_section' => $assignment['class_section_name'] ?? "Section {$sectionId}", 'class_section' => $assignment['class_section_name'] ?? ($sectionMap[$sectionId] ?? "Section {$sectionId}"),
'teachers' => [], 'teachers' => [],
]; ];
} }
@@ -765,35 +864,49 @@ class AdministratorController extends BaseController
$missingItemCount = 0; $missingItemCount = 0;
$allTeacherIds = []; $allTeacherIds = [];
$allClassSectionIds = []; $allClassSectionIds = [];
foreach ($teachersBySection as $classSectionId => $section) { $examTerm = $this->resolveExamTermLabel($semester);
$examScoreField = $examTerm === 'final' ? 'final_exam_score' : 'midterm_exam_score';
foreach ($sectionMap as $classSectionId => $sectionName) {
$classSectionId = (int)$classSectionId; $classSectionId = (int)$classSectionId;
if ($classSectionId <= 0) { if ($classSectionId <= 0) {
continue; continue;
} }
$studentEntries = $this->studentClassModel $studentQuery = $this->studentClassModel
->select('student_id') ->select('student_id')
->where('class_section_id', $classSectionId) ->where('class_section_id', $classSectionId)
->where('semester', $semester) ->where('school_year', $schoolYear);
->where('school_year', $schoolYear) if (!empty($semesterCandidates)) {
->findAll(); $studentQuery->whereIn('semester', $semesterCandidates);
}
$studentEntries = $studentQuery->findAll();
if (empty($studentEntries)) {
$studentEntries = $this->studentClassModel
->select('student_id')
->where('class_section_id', $classSectionId)
->where('school_year', $schoolYear)
->findAll();
}
$studentIds = array_filter(array_map(static fn($entry) => (int)($entry['student_id'] ?? 0), $studentEntries)); $studentIds = array_filter(array_map(static fn($entry) => (int)($entry['student_id'] ?? 0), $studentEntries));
$expected = count($studentIds); $expected = count($studentIds);
$midtermStudents = []; $midtermStudents = [];
$participationStudents = []; $participationStudents = [];
if ($classSectionId > 0) { if ($classSectionId > 0) {
$scoreRecords = $semesterScores $scoreQuery = $semesterScores
->where('class_section_id', $classSectionId) ->where('class_section_id', $classSectionId)
->where('semester', $semester) ->where('school_year', $schoolYear);
->where('school_year', $schoolYear) if (!empty($semesterCandidates)) {
->findAll(); $scoreQuery->whereIn('semester', $semesterCandidates);
}
$scoreRecords = $scoreQuery->findAll();
foreach ($scoreRecords as $score) { foreach ($scoreRecords as $score) {
$sid = (int)($score['student_id'] ?? 0); $sid = (int)($score['student_id'] ?? 0);
if ($sid <= 0 || ($expected > 0 && !in_array($sid, $studentIds, true))) { if ($sid <= 0 || ($expected > 0 && !in_array($sid, $studentIds, true))) {
continue; continue;
} }
$midtermValue = trim((string)($score['midterm_exam_score'] ?? '')); $midtermValue = trim((string)($score[$examScoreField] ?? ''));
if ($midtermValue !== '') { if ($midtermValue !== '') {
$midtermStudents[$sid] = true; $midtermStudents[$sid] = true;
} }
@@ -807,13 +920,15 @@ class AdministratorController extends BaseController
$midtermCommentStudents = []; $midtermCommentStudents = [];
$ptapCommentStudents = []; $ptapCommentStudents = [];
if (!empty($studentIds)) { if (!empty($studentIds)) {
$comments = $scoreComments $commentQuery = $scoreComments
->select('student_id, score_type, comment') ->select('student_id, score_type, comment')
->whereIn('student_id', $studentIds) ->whereIn('student_id', $studentIds)
->where('semester', $semester)
->where('school_year', $schoolYear) ->where('school_year', $schoolYear)
->whereIn('score_type', ['midterm', 'ptap']) ->whereIn('score_type', [$examTerm, 'ptap']);
->findAll(); if (!empty($semesterCandidates)) {
$commentQuery->whereIn('semester', $semesterCandidates);
}
$comments = $commentQuery->findAll();
foreach ($comments as $comment) { foreach ($comments as $comment) {
$sid = (int)($comment['student_id'] ?? 0); $sid = (int)($comment['student_id'] ?? 0);
if ($sid <= 0) { if ($sid <= 0) {
@@ -824,7 +939,7 @@ class AdministratorController extends BaseController
continue; continue;
} }
$type = strtolower(trim((string)($comment['score_type'] ?? ''))); $type = strtolower(trim((string)($comment['score_type'] ?? '')));
if ($type === 'midterm') { if ($type === $examTerm) {
$midtermCommentStudents[$sid] = true; $midtermCommentStudents[$sid] = true;
} }
if ($type === 'ptap') { if ($type === 'ptap') {
@@ -833,14 +948,17 @@ class AdministratorController extends BaseController
} }
} }
$attendanceRow = $attendanceDays $attendanceQuery = $attendanceDays
->where('class_section_id', $classSectionId) ->where('class_section_id', $classSectionId)
->where('semester', $semester)
->where('school_year', $schoolYear) ->where('school_year', $schoolYear)
->where('date', $today) ->where('date', $today);
->first(); if (!empty($semesterCandidates)) {
$attendanceQuery->whereIn('semester', $semesterCandidates);
}
$attendanceRow = $attendanceQuery->first();
$attendanceSubmitted = $attendanceRow && in_array(strtolower((string)($attendanceRow['status'] ?? '')), ['submitted', 'published', 'finalized'], true); $attendanceSubmitted = $attendanceRow && in_array(strtolower((string)($attendanceRow['status'] ?? '')), ['submitted', 'published', 'finalized'], true);
$section = $teachersBySection[$classSectionId] ?? ['teachers' => []];
$teacherList = $section['teachers'] ?? []; $teacherList = $section['teachers'] ?? [];
if (!empty($teacherList)) { if (!empty($teacherList)) {
usort($teacherList, function ($a, $b) { usort($teacherList, function ($a, $b) {
@@ -861,18 +979,27 @@ class AdministratorController extends BaseController
$participationStatus = $this->submissionStatus(count($participationStudents), $expected); $participationStatus = $this->submissionStatus(count($participationStudents), $expected);
$ptapCommentStatus = $this->submissionStatus(count($ptapCommentStudents), $expected); $ptapCommentStatus = $this->submissionStatus(count($ptapCommentStudents), $expected);
$attendanceStatus = $this->attendanceStatus($attendanceSubmitted); $attendanceStatus = $this->attendanceStatus($attendanceSubmitted);
$progressSubmitted = (int) ($progressSubmittedBySection[$classSectionId] ?? 0);
$classProgressStatus = $this->progressStatus($progressSubmitted, $progressExpectedWeeks);
$draftSubmitted = (int) ($examDraftCounts[$classSectionId] ?? 0);
$examDraftStatus = $this->draftStatus($draftSubmitted, $examDraftDeadline);
$homeworkSubmitted = (int) ($homeworkCounts[$classSectionId] ?? 0);
$homeworkStatus = $this->homeworkStatus($homeworkSubmitted);
$statusDetails = [ $statusDetails = [
'midterm_score_status' => $midtermScoreStatus, 'midterm_score_status' => $midtermScoreStatus,
'midterm_comment_status' => $midtermCommentStatus, 'midterm_comment_status' => $midtermCommentStatus,
'participation_status' => $participationStatus, 'participation_status' => $participationStatus,
'ptap_comment_status' => $ptapCommentStatus, 'ptap_comment_status' => $ptapCommentStatus,
'class_progress_status' => $classProgressStatus,
'exam_draft_status' => $examDraftStatus,
'homework_status' => $homeworkStatus,
]; ];
$missingItemsForSection = $this->buildMissingItems($statusDetails); $missingItemsForSection = $this->buildMissingItems($statusDetails, $semester);
$missingItemCount += count($missingItemsForSection); $missingItemCount += count($missingItemsForSection);
$totalStatuses += count($statusDetails); $totalStatuses += count($statusDetails);
$rows[] = [ $rows[] = [
'class_section' => $section['class_section'] ?? "Section {$classSectionId}", 'class_section' => $sectionMap[$classSectionId] ?? ($section['class_section'] ?? "Section {$classSectionId}"),
'class_section_id' => $classSectionId, 'class_section_id' => $classSectionId,
'teachers' => $teacherList, 'teachers' => $teacherList,
'midterm_score_status' => $midtermScoreStatus, 'midterm_score_status' => $midtermScoreStatus,
@@ -880,6 +1007,9 @@ class AdministratorController extends BaseController
'participation_status' => $participationStatus, 'participation_status' => $participationStatus,
'ptap_comment_status' => $ptapCommentStatus, 'ptap_comment_status' => $ptapCommentStatus,
'attendance_status' => $attendanceStatus, 'attendance_status' => $attendanceStatus,
'class_progress_status' => $classProgressStatus,
'exam_draft_status' => $examDraftStatus,
'homework_status' => $homeworkStatus,
'missing_items' => $missingItemsForSection, 'missing_items' => $missingItemsForSection,
'student_count' => $expected, 'student_count' => $expected,
]; ];
@@ -941,15 +1071,183 @@ class AdministratorController extends BaseController
'schoolYear' => $schoolYear, 'schoolYear' => $schoolYear,
'notificationHistory' => $historyMap, 'notificationHistory' => $historyMap,
'summary' => $summary, 'summary' => $summary,
'lowProgressSectionIds' => $lowProgressSectionIds,
'examDraftDeadlineConfig' => $examDraftDeadlineConfig,
'examDraftDeadlineFormatted' => $examDraftDeadlineFormatted,
]); ]);
} }
private function resolveLowProgressSectionIds(array $sectionIds): array
{
[$expectedWeeks, $submittedBySection] = $this->buildClassProgressStats($sectionIds);
if ($expectedWeeks <= 0) {
return [];
}
$lowProgressSectionIds = [];
foreach ($sectionIds as $sectionId) {
$submitted = (int) ($submittedBySection[$sectionId] ?? 0);
$percent = ($submitted / $expectedWeeks) * 100;
if ($percent < 50) {
$lowProgressSectionIds[] = $sectionId;
}
}
return $lowProgressSectionIds;
}
private function buildClassProgressStats(array $sectionIds): array
{
$sectionIds = array_values(array_unique(array_filter(array_map('intval', $sectionIds))));
if (empty($sectionIds)) {
return [0, []];
}
$semesterResolver = new SemesterRangeService($this->configModel);
$schoolYear = (string)($this->configModel->getConfig('school_year') ?? '');
$semester = (string)($this->configModel->getConfig('semester') ?? '');
$schoolYearForRange = $schoolYear !== '' ? $schoolYear : (string)($this->configModel->getConfig('school_year') ?? '');
[$rangeStart, $rangeEnd] = $semesterResolver->getSchoolYearRange($schoolYearForRange);
$semesterNorm = $semesterResolver->normalizeSemester($semester);
if ($semesterNorm !== '' && $schoolYearForRange !== '') {
$semRange = $semesterResolver->getSemesterRange($schoolYearForRange, $semesterNorm);
if ($semRange) {
[$rangeStart, $rangeEnd] = $semRange;
}
}
$dateList = [];
try {
$start = new \DateTimeImmutable($rangeStart);
$end = new \DateTimeImmutable($rangeEnd);
$cursor = $start;
$w = (int) $cursor->format('w');
if ($w !== 0) {
$cursor = $cursor->modify('next sunday');
}
while ($cursor <= $end) {
$dateList[] = $cursor->format('Y-m-d');
$cursor = $cursor->modify('+7 days');
}
} catch (\Throwable $e) {
$dateList = [];
}
$noSchoolDays = [];
$events = [];
try {
$calendarModel = new \App\Models\CalendarModel();
$events = $calendarModel->getEvents();
} catch (\Throwable $e) {
$events = [];
}
foreach ($events as $event) {
$d = substr((string) ($event['date'] ?? ''), 0, 10);
if ($d === '' || empty($event['no_school'])) {
continue;
}
if ($d < $rangeStart || $d > $rangeEnd) {
continue;
}
$eventYear = trim((string) ($event['school_year'] ?? ''));
if ($schoolYearForRange !== '' && $eventYear !== '' && $eventYear !== $schoolYearForRange) {
continue;
}
$noSchoolDays[$d] = true;
}
$anchorSundayYmd = '';
try {
$tzName = (string) (config('School')->attendance['timezone'] ?? user_timezone());
$tzObj = new \DateTimeZone($tzName ?: 'UTC');
} catch (\Throwable $e) {
try {
$tzObj = new \DateTimeZone(user_timezone() ?: 'UTC');
} catch (\Throwable $e2) {
$tzObj = new \DateTimeZone('UTC');
}
}
try {
$nowDate = new \DateTime('now', $tzObj);
} catch (\Throwable $e) {
$nowDate = new \DateTime('now');
}
$weekday = (int) $nowDate->format('w');
$anchorSundayYmd = $weekday === 0
? $nowDate->format('Y-m-d')
: $nowDate->modify('next sunday')->format('Y-m-d');
$activeDatesSet = [];
if (! empty($dateList) && $anchorSundayYmd !== '') {
foreach ($dateList as $d) {
if ($d <= $anchorSundayYmd && empty($noSchoolDays[$d])) {
$activeDatesSet[$d] = true;
}
}
}
$expectedWeeks = count($activeDatesSet);
if ($expectedWeeks === 0) {
return [0, []];
}
$builder = $this->db->table('class_progress_reports')
->select('class_section_id, week_start')
->whereIn('class_section_id', $sectionIds);
if (! empty($activeDatesSet)) {
$builder->whereIn('week_start', array_keys($activeDatesSet));
}
$rows = $builder->get()->getResultArray();
$submittedBySection = [];
foreach ($rows as $row) {
$sectionId = (int) ($row['class_section_id'] ?? 0);
$weekStart = (string) ($row['week_start'] ?? '');
if ($sectionId === 0 || $weekStart === '' || empty($activeDatesSet[$weekStart])) {
continue;
}
$submittedBySection[$sectionId][$weekStart] = true;
}
$counts = [];
foreach ($sectionIds as $sectionId) {
$counts[$sectionId] = isset($submittedBySection[$sectionId])
? count($submittedBySection[$sectionId])
: 0;
}
return [$expectedWeeks, $counts];
}
public function sendTeacherSubmissionNotifications() public function sendTeacherSubmissionNotifications()
{$notify = $this->request->getPost('notify'); {$notify = $this->request->getPost('notify');
if (!is_array($notify)) { if (!is_array($notify)) {
return redirect()->back()->with('info', 'Select at least one teacher to notify.'); return redirect()->back()->with('info', 'Select at least one teacher to notify.');
} }
$semester = (string)($this->configModel->getConfig('semester') ?? $this->semester ?? '');
$missingItemsPayload = $this->request->getPost('missing_items') ?? []; $missingItemsPayload = $this->request->getPost('missing_items') ?? [];
$homeworkNotifyAll = (bool) $this->request->getPost('homework_notify_all');
$examTerm = $this->resolveExamTermLabel($semester);
$examScoreLabel = $examTerm === 'final' ? 'final scores' : 'midterm scores';
$examCommentLabel = $examTerm === 'final' ? 'final comments' : 'midterm comments';
$forcedItems = [];
if ($this->request->getPost('notify_midterm_score')) {
$forcedItems[] = $examScoreLabel;
}
if ($this->request->getPost('notify_midterm_comment')) {
$forcedItems[] = $examCommentLabel;
}
if ($this->request->getPost('notify_participation')) {
$forcedItems[] = 'participation';
}
if ($this->request->getPost('notify_ptap_comment')) {
$forcedItems[] = 'PTAP comments';
}
if ($this->request->getPost('notify_class_progress')) {
$forcedItems[] = 'class progress';
}
if ($this->request->getPost('notify_exam_draft')) {
$forcedItems[] = 'exam draft';
}
$targets = []; $targets = [];
foreach ($notify as $sectionIdRaw => $teachers) { foreach ($notify as $sectionIdRaw => $teachers) {
@@ -1006,6 +1304,10 @@ class AdministratorController extends BaseController
$historyModel = new TeacherSubmissionNotificationHistoryModel(); $historyModel = new TeacherSubmissionNotificationHistoryModel();
$scoreUrl = site_url('/'); $scoreUrl = site_url('/');
$progressUrl = site_url('teacher/progress/history');
$examDraftUrl = site_url('teacher/exam-drafts');
$homeworkUrl = site_url('teacher/addHomework');
$examDraftDeadlineEmailHtml = $this->buildExamDraftDeadlineEmailHtml();
$sentCount = 0; $sentCount = 0;
$failCount = 0; $failCount = 0;
@@ -1021,6 +1323,13 @@ class AdministratorController extends BaseController
$subject = "Reminder: Complete submissions for {$sectionName}"; $subject = "Reminder: Complete submissions for {$sectionName}";
$missingPayload = $missingItemsPayload[$classSectionId][$teacherId] ?? ''; $missingPayload = $missingItemsPayload[$classSectionId][$teacherId] ?? '';
$missingItems = $this->parseMissingItemsPayload((string)$missingPayload); $missingItems = $this->parseMissingItemsPayload((string)$missingPayload);
$selectedItems = $forcedItems;
if ($homeworkNotifyAll && !in_array('homework', $selectedItems, true)) {
$selectedItems[] = 'homework';
}
if (!empty($selectedItems)) {
$missingItems = array_values(array_unique($selectedItems));
}
if (!empty($missingItems)) { if (!empty($missingItems)) {
$missingText = htmlspecialchars( $missingText = htmlspecialchars(
$this->formatMissingItemsText($missingItems), $this->formatMissingItemsText($missingItems),
@@ -1033,10 +1342,46 @@ class AdministratorController extends BaseController
} }
$subject = "Reminder: Complete submissions for {$sectionName}"; $subject = "Reminder: Complete submissions for {$sectionName}";
$progressNote = '';
if (in_array('class progress', $missingItems, true)) {
$progressNote = "<p>Class progress submissions can be updated at <a href=\"{$progressUrl}\">Teacher Progress History</a>.</p>";
}
$examDraftNote = '';
if (in_array('exam draft', $missingItems, true)) {
$semesterLabel = strtolower(trim((string) $semester));
if ($semesterLabel === 'fall') {
$draftLabel = 'midterm exam draft';
} elseif ($semesterLabel === 'spring') {
$draftLabel = 'final exam draft';
} else {
$draftLabel = 'exam draft';
}
$examDraftNote = "<p>" . ucfirst($draftLabel) . " submissions can be updated at <a href=\"{$examDraftUrl}\">Teacher Exam Drafts</a>.</p>"
. $examDraftDeadlineEmailHtml;
}
$homeworkNote = '';
if (in_array('homework', $missingItems, true)) {
$homeworkNote = "<p>Homework scores can be submitted at <a href=\"{$homeworkUrl}\">Teacher Homework</a>.</p>";
}
$hasScoreItems = (bool) array_intersect($missingItems, [
'midterm scores',
'midterm comments',
'final scores',
'final comments',
'participation',
'PTAP comments',
'homework',
]);
$nonScoreOnly = ! empty($missingItems) && ! $hasScoreItems;
$body = "<p>Dear {$teacherName},</p>" $body = "<p>Dear {$teacherName},</p>"
. "<p>Administration is gently reminding you to wrap up any remaining score submissions and/or comments for {$sectionName}.</p>" . "<p>Administration is gently reminding you to wrap up any remaining "
. ($nonScoreOnly ? "submissions for {$sectionName}." : "score submissions, comments, and related items for {$sectionName}.")
. "</p>"
. $missingNote . $missingNote
. "<p>Visit <a href=\"{$scoreUrl}\">Teacher Score Submission</a> to address any remaining items.</p>" . $progressNote
. $examDraftNote
. $homeworkNote
. ($nonScoreOnly ? '' : "<p>Visit <a href=\"{$scoreUrl}\">Teacher Score Submission</a> to address any remaining items.</p>")
. "<p>Thank you,<br>Al Rahma Administration</p>"; . "<p>Thank you,<br>Al Rahma Administration</p>";
$email = $teacher['email'] ?? ''; $email = $teacher['email'] ?? '';
@@ -1098,6 +1443,170 @@ class AdministratorController extends BaseController
]; ];
} }
private function progressStatus(int $submitted, int $expected): array
{
if ($expected <= 0) {
return [
'label' => 'N/A',
'badge' => 'bg-secondary',
'detail' => '',
'completed' => true,
];
}
$completed = $submitted >= $expected;
return [
'label' => $completed ? 'Submitted' : 'Missing',
'badge' => $completed ? 'bg-success' : 'bg-danger',
'detail' => "{$submitted}/{$expected}",
'completed' => $completed,
];
}
private function homeworkStatus(int $submitted): array
{
$completed = $submitted > 0;
return [
'label' => $completed ? 'Submitted' : 'Missing',
'badge' => $completed ? 'bg-success' : 'bg-danger',
'detail' => $completed ? (string) $submitted : '0',
'completed' => $completed,
];
}
private function draftStatus(int $submitted, ?\DateTimeImmutable $deadline): array
{
if ($deadline !== null) {
$today = new \DateTimeImmutable('today');
if ($today < $deadline) {
return [
'label' => 'Pending',
'badge' => 'bg-secondary',
'detail' => 'Not due',
'completed' => true,
];
}
}
$completed = $submitted > 0;
return [
'label' => $completed ? 'Submitted' : 'Missing',
'badge' => $completed ? 'bg-success' : 'bg-danger',
'detail' => $completed ? (string) $submitted : '0',
'completed' => $completed,
];
}
/**
* Exam draft due date for the teacher submissions dashboard: prefers the configuration key
* `exam_draft_deadline` (same as automated reminders); otherwise fall/spring exam deadlines.
*/
private function resolveTeacherDashboardExamDraftDeadline(string $semester, string $schoolYear): ?\DateTimeImmutable
{
$fromExamDraftKey = $this->parseExamDraftDeadlineConfigValue();
if ($fromExamDraftKey !== null) {
return $fromExamDraftKey;
}
return $this->resolveExamDraftDeadline($semester, $schoolYear);
}
/**
* Parses the `exam_draft_deadline` configuration value using the application timezone (midnight that calendar day).
*/
private function parseExamDraftDeadlineConfigValue(): ?\DateTimeImmutable
{
$raw = trim((string) ($this->configModel->getConfig('exam_draft_deadline') ?? ''));
if ($raw === '') {
return null;
}
$tz = new \DateTimeZone(config('App')->appTimezone ?? 'UTC');
try {
$deadline = new \DateTimeImmutable($raw, $tz);
} catch (\Throwable $e) {
return null;
}
return $deadline->setTime(0, 0, 0);
}
/**
* HTML snippet for reminder emails when exam draft is included (deadline from exam_draft_deadline config).
*/
private function buildExamDraftDeadlineEmailHtml(): string
{
$raw = trim((string) ($this->configModel->getConfig('exam_draft_deadline') ?? ''));
if ($raw === '') {
return '';
}
$parsed = $this->parseExamDraftDeadlineConfigValue();
$display = $parsed !== null
? htmlspecialchars($parsed->format('l, F j, Y'), ENT_QUOTES, 'UTF-8')
: htmlspecialchars($raw, ENT_QUOTES, 'UTF-8');
$rawEsc = htmlspecialchars($raw, ENT_QUOTES, 'UTF-8');
return '<p><strong>Exam draft submission deadline</strong> (<code>exam_draft_deadline</code>): '
. "<strong>{$display}</strong>"
. ($parsed !== null && $rawEsc !== $display ? " <span style=\"color:#555;\">(configured value: {$rawEsc})</span>" : '')
. '.</p>';
}
private function resolveExamDraftDeadline(string $semester, string $schoolYear): ?\DateTimeImmutable
{
$semesterKey = strtolower(trim($semester));
if ($semesterKey === 'fall') {
$deadlineValue = (string)($this->configModel->getConfig('fall_exam_deadline') ?? '');
} elseif ($semesterKey === 'spring') {
$deadlineValue = (string)($this->configModel->getConfig('spring_exam_deadline') ?? '');
} else {
return null;
}
$deadlineValue = trim($deadlineValue);
if ($deadlineValue === '') {
return null;
}
try {
$deadline = new \DateTimeImmutable($deadlineValue);
} catch (\Throwable $e) {
return null;
}
if ($schoolYear !== '' && preg_match('/^\d{4}-\d{4}$/', $schoolYear)) {
$deadlineYear = $deadline->format('Y');
if ($deadlineYear === '1970') {
return null;
}
}
return $deadline->setTime(0, 0, 0);
}
private function resolveExamTermLabel(string $semester): string
{
$semesterKey = strtolower(trim($semester));
if ($semesterKey === '') {
return 'midterm';
}
if (str_contains($semesterKey, 'spring')) {
return 'final';
}
if (str_contains($semesterKey, 'fall')) {
return 'midterm';
}
return 'midterm';
}
private function buildSemesterCandidates(string $semester): array
{
$semester = trim((string) $semester);
if ($semester === '') {
return [];
}
$candidates = [
$semester,
strtolower($semester),
strtoupper($semester),
ucfirst(strtolower($semester)),
];
$candidates = array_values(array_unique(array_filter($candidates, static fn ($v) => $v !== '')));
return $candidates;
}
private function attendanceStatus(bool $submitted): array private function attendanceStatus(bool $submitted): array
{ {
return [ return [
@@ -1107,14 +1616,20 @@ class AdministratorController extends BaseController
]; ];
} }
private function buildMissingItems(array $statusMap): array private function buildMissingItems(array $statusMap, string $semester): array
{ {
$examTerm = $this->resolveExamTermLabel($semester);
$examScoreLabel = $examTerm === 'final' ? 'final scores' : 'midterm scores';
$examCommentLabel = $examTerm === 'final' ? 'final comments' : 'midterm comments';
$labels = [ $labels = [
'midterm_score_status' => 'midterm scores', 'midterm_score_status' => $examScoreLabel,
'midterm_comment_status' => 'midterm comments', 'midterm_comment_status' => $examCommentLabel,
'participation_status' => 'participation', 'participation_status' => 'participation',
'ptap_comment_status' => 'PTAP comments', 'ptap_comment_status' => 'PTAP comments',
'attendance_status' => 'attendance', 'attendance_status' => 'attendance',
'class_progress_status' => 'class progress',
'exam_draft_status' => 'exam draft',
'homework_status' => 'homework',
]; ];
$items = []; $items = [];
@@ -119,7 +119,12 @@ class AssignmentController extends BaseController
} }
$students = []; $students = [];
$seenStudentIds = [];
foreach ($studentClasses as $studentClass) { foreach ($studentClasses as $studentClass) {
$sid = (int)($studentClass['student_id'] ?? 0);
if ($sid <= 0 || isset($seenStudentIds[$sid])) {
continue;
}
if ($sectionSemester === '' && !empty($studentClass['semester'])) { if ($sectionSemester === '' && !empty($studentClass['semester'])) {
$sectionSemester = (string)$studentClass['semester']; $sectionSemester = (string)$studentClass['semester'];
} }
@@ -149,6 +154,7 @@ class AssignmentController extends BaseController
'tuition_paid' => esc($student['tuition_paid'] ? 'Yes' : 'No'), 'tuition_paid' => esc($student['tuition_paid'] ? 'Yes' : 'No'),
'school_id' => esc($student['school_id']), 'school_id' => esc($student['school_id']),
]; ];
$seenStudentIds[$sid] = true;
} }
$sectionSemesterDisplay = $sectionSemester !== '' ? $sectionSemester : ((string)($this->semester ?? '')); $sectionSemesterDisplay = $sectionSemester !== '' ? $sectionSemester : ((string)($this->semester ?? ''));
@@ -1004,9 +1004,13 @@ public function showUpdateAttendanceForm()
} }
$hasRoster = false; $hasRoster = false;
$seenStudents = [];
foreach ($students as $sc) { foreach ($students as $sc) {
$studentId = (int)$sc['student_id']; $studentId = (int)$sc['student_id'];
if ($studentId <= 0 || isset($seenStudents[$studentId])) {
continue;
}
$student = $this->studentModel $student = $this->studentModel
->select('id, firstname, lastname, school_id') ->select('id, firstname, lastname, school_id')
->find($studentId); ->find($studentId);
@@ -1014,6 +1018,7 @@ public function showUpdateAttendanceForm()
$studentsBySection[$secCode][] = $student; $studentsBySection[$secCode][] = $student;
$hasRoster = true; $hasRoster = true;
$seenStudents[$studentId] = true;
// Attendance history // Attendance history
$qb = $this->attendanceDataModel $qb = $this->attendanceDataModel
@@ -2003,6 +2003,58 @@ class AttendanceTrackingController extends BaseController
return [$subject, $body]; return [$subject, $body];
} }
private function buildFallbackTemplate(string $code, string $variant, array $context): array
{
$studentName = (string) ($context['{{student_name}}'] ?? 'the student');
$incident = (string) ($context['{{incident_date}}'] ?? date('Y-m-d'));
$parentName = (string) ($context['{{parent_name}}'] ?? 'Parent/Guardian');
$phone = (string) ($context['{{school_phone}}'] ?? 'the school office');
$voicemail = (string) ($context['{{voicemail_phone}}'] ?? 'your voicemail');
$subject = match (true) {
str_starts_with($code, 'ABS_1') => 'Attendance Notice: Unreported Absence',
str_starts_with($code, 'ABS_2') => 'Attendance Follow-Up: Two Consecutive Absences',
str_starts_with($code, 'ABS_3') => 'Attendance Follow-Up: Three Absences',
str_starts_with($code, 'LATE_2') => 'Attendance Notice: Repeated Lateness',
str_starts_with($code, 'LATE_3'),
str_starts_with($code, 'LATE_4'),
str_starts_with($code, 'MIX') => 'Attendance Follow-Up: Repeated Lateness and Absence',
default => 'Attendance Notice',
};
$intro = "<p>Insha Allah this email finds you well";
if ($variant === 'answered') {
$intro .= ", <strong>{$parentName}</strong>. Jazakum Allahu khayran for taking the time to speak with us today.</p>";
} elseif ($variant === 'no_answer') {
$intro .= ".</p><p>We tried to reach you but could not connect and left a voice message at <strong>{$voicemail}</strong>.</p>";
} else {
$intro .= ".</p>";
}
$details = match (true) {
str_starts_with($code, 'ABS_1')
=> "<p>This is to let you know that <strong>{$studentName}</strong> was absent on <strong>{$incident}</strong> without prior notice.</p>",
str_starts_with($code, 'ABS_2')
=> "<p>This is a reminder that <strong>{$studentName}</strong> has had repeated absences, most recently on <strong>{$incident}</strong>, without prior notice.</p>",
str_starts_with($code, 'ABS_3')
=> "<p>This is a reminder that <strong>{$studentName}</strong> has been absent three times, most recently on <strong>{$incident}</strong>, without prior notice.</p>",
str_starts_with($code, 'LATE_2')
=> "<p>This is a reminder that <strong>{$studentName}</strong> has been late multiple times, most recently on <strong>{$incident}</strong>.</p>",
str_starts_with($code, 'LATE_3'),
str_starts_with($code, 'LATE_4')
=> "<p>This is a follow-up that <strong>{$studentName}</strong> has had repeated lateness concerns, most recently on <strong>{$incident}</strong>.</p>",
str_starts_with($code, 'MIX')
=> "<p>This is a follow-up that <strong>{$studentName}</strong> has had a mix of repeated lateness and absence concerns, most recently on <strong>{$incident}</strong>.</p>",
default
=> "<p>We'd like to inform you about <strong>{$studentName}</strong>'s recent attendance concern dated <strong>{$incident}</strong>.</p>",
};
$closing = "<p>If your child will be absent or late due to illness or family commitments, please let us know ahead of time.</p>"
. "<p>You can email/call/text us at <strong>{$phone}</strong>.</p>";
return [$subject, $intro . $details . $closing];
}
public function compose() public function compose()
{ {
@@ -2033,8 +2085,8 @@ class AttendanceTrackingController extends BaseController
$rendered = $this->renderTemplate($code, $variant, $ctx); $rendered = $this->renderTemplate($code, $variant, $ctx);
if (!$rendered) { if (!$rendered) {
return redirect()->to(site_url('attendance/violations')) log_message('warning', 'Attendance email template missing; using fallback compose body. code=' . $code . ' variant=' . $variant);
->with('error', 'Template not found for ' . $code . ' (' . $variant . ').'); $rendered = $this->buildFallbackTemplate($code, $variant, $ctx);
} }
[$subject, $body] = $rendered; [$subject, $body] = $rendered;
@@ -10,6 +10,8 @@ use CodeIgniter\I18n\Time;
class AuthorizedUsersController extends ResourceController class AuthorizedUsersController extends ResourceController
{ {
private const TOKEN_TTL_HOURS = 24;
protected $userModel; protected $userModel;
protected $authorizedUserModel; protected $authorizedUserModel;
@@ -18,6 +20,30 @@ class AuthorizedUsersController extends ResourceController
$this->userModel = new UserModel(); $this->userModel = new UserModel();
$this->authorizedUserModel = new AuthorizedUserModel(); $this->authorizedUserModel = new AuthorizedUserModel();
} }
private function requireLogin()
{
if (!session()->get('is_logged_in')) {
return $this->failUnauthorized('Authentication required.');
}
return null;
}
private function requireOwnership(array $authorizedUser)
{
$userId = (int) session()->get('user_id');
if ($userId <= 0 || (int) ($authorizedUser['user_id'] ?? 0) !== $userId) {
return $this->failForbidden('You do not have access to this resource.');
}
return null;
}
private function hashToken(string $token): string
{
return hash('sha256', $token);
}
/** /**
* Return a list of authorized users for the logged-in main user. * Return a list of authorized users for the logged-in main user.
* *
@@ -25,7 +51,10 @@ class AuthorizedUsersController extends ResourceController
*/ */
public function index() public function index()
{ {
if ($resp = $this->requireLogin()) {
return $resp;
}
$userId = session()->get('user_id'); $userId = session()->get('user_id');
$authorizedUsers = $this->authorizedUserModel->where('user_id', $userId)->findAll(); $authorizedUsers = $this->authorizedUserModel->where('user_id', $userId)->findAll();
@@ -40,12 +69,20 @@ class AuthorizedUsersController extends ResourceController
*/ */
public function show($id = null) public function show($id = null)
{ {
if ($resp = $this->requireLogin()) {
return $resp;
}
$authorizedUser = $this->authorizedUserModel->find($id); $authorizedUser = $this->authorizedUserModel->find($id);
if (!$authorizedUser) { if (!$authorizedUser) {
return $this->failNotFound('Authorized user not found.'); return $this->failNotFound('Authorized user not found.');
} }
if ($resp = $this->requireOwnership($authorizedUser)) {
return $resp;
}
return $this->respond($authorizedUser); return $this->respond($authorizedUser);
} }
@@ -56,6 +93,10 @@ class AuthorizedUsersController extends ResourceController
*/ */
public function create() public function create()
{ {
if ($resp = $this->requireLogin()) {
return $resp;
}
$email = strtolower($this->request->getPost('email')); $email = strtolower($this->request->getPost('email'));
// Validate email // Validate email
@@ -66,19 +107,20 @@ class AuthorizedUsersController extends ResourceController
$user = $this->userModel->where('email', $email)->first(); $user = $this->userModel->where('email', $email)->first();
if (!$user) { if (!$user) {
return $this->failNotFound('No user found with this email.'); return $this->respondCreated(['message' => 'Authorized user added. A confirmation email has been sent.']);
} }
// Generate a token for confirmation // Generate a token for confirmation
helper('text'); helper('text');
$token = bin2hex(random_bytes(48)); $token = bin2hex(random_bytes(48));
$tokenHash = $this->hashToken($token);
// Add entry to the authorized_users table // Add entry to the authorized_users table
$this->authorizedUserModel->insert([ $this->authorizedUserModel->insert([
'user_id' => session()->get('user_id'), // Main user ID 'user_id' => session()->get('user_id'), // Main user ID
'authorized_user_id' => $user['id'], 'authorized_user_id' => $user['id'],
'email' => $email, 'email' => $email,
'token' => $token, 'token' => $tokenHash,
'status' => 'Pending' 'status' => 'Pending'
]); ]);
@@ -96,6 +138,10 @@ class AuthorizedUsersController extends ResourceController
*/ */
public function update($id = null) public function update($id = null)
{ {
if ($resp = $this->requireLogin()) {
return $resp;
}
// Fetch the authorized user // Fetch the authorized user
$authorizedUser = $this->authorizedUserModel->find($id); $authorizedUser = $this->authorizedUserModel->find($id);
@@ -103,6 +149,10 @@ class AuthorizedUsersController extends ResourceController
return $this->failNotFound('Authorized user not found.'); return $this->failNotFound('Authorized user not found.');
} }
if ($resp = $this->requireOwnership($authorizedUser)) {
return $resp;
}
// Update the authorized users information (e.g., email) // Update the authorized users information (e.g., email)
$email = strtolower($this->request->getPost('email')); $email = strtolower($this->request->getPost('email'));
if ($email && filter_var($email, FILTER_VALIDATE_EMAIL)) { if ($email && filter_var($email, FILTER_VALIDATE_EMAIL)) {
@@ -122,12 +172,20 @@ class AuthorizedUsersController extends ResourceController
*/ */
public function delete($id = null) public function delete($id = null)
{ {
if ($resp = $this->requireLogin()) {
return $resp;
}
$authorizedUser = $this->authorizedUserModel->find($id); $authorizedUser = $this->authorizedUserModel->find($id);
if (!$authorizedUser) { if (!$authorizedUser) {
return $this->failNotFound('Authorized user not found.'); return $this->failNotFound('Authorized user not found.');
} }
if ($resp = $this->requireOwnership($authorizedUser)) {
return $resp;
}
// Delete the authorized user record // Delete the authorized user record
$this->authorizedUserModel->delete($id); $this->authorizedUserModel->delete($id);
@@ -147,16 +205,28 @@ class AuthorizedUsersController extends ResourceController
return $this->fail('Invalid confirmation link.'); return $this->fail('Invalid confirmation link.');
} }
$authorizedUser = $this->authorizedUserModel->where('token', $token)->first(); $tokenHash = $this->hashToken($token);
$authorizedUser = $this->authorizedUserModel
->groupStart()
->where('token', $tokenHash)
->orWhere('token', $token)
->groupEnd()
->where('created_at >=', Time::now()->subHours(self::TOKEN_TTL_HOURS)->toDateTimeString())
->first();
if (!$authorizedUser) { if (!$authorizedUser) {
return $this->fail('Invalid or expired confirmation link.'); return $this->fail('Invalid or expired confirmation link.');
} }
// Mark the authorized user as active // Mark the authorized user as active and rotate token for password setup
$this->authorizedUserModel->update($authorizedUser['id'], ['status' => 'Active', 'token' => null]); $nextToken = bin2hex(random_bytes(48));
$nextTokenHash = $this->hashToken($nextToken);
$this->authorizedUserModel->update($authorizedUser['id'], [
'status' => 'Active',
'token' => $nextTokenHash,
]);
return redirect()->to('/set_authorized_user_password/' . $authorizedUser['authorized_user_id']); return redirect()->to('/set_authorized_user_password/' . $authorizedUser['authorized_user_id'] . '?token=' . $nextToken);
} }
/** /**
@@ -167,13 +237,36 @@ class AuthorizedUsersController extends ResourceController
*/ */
public function setPassword($authorizedUserId) public function setPassword($authorizedUserId)
{ {
$token = (string) $this->request->getGet('token');
if ($token === '') {
return $this->fail('Invalid confirmation link.');
}
$tokenHash = $this->hashToken($token);
$authorizedUser = $this->authorizedUserModel
->groupStart()
->where('token', $tokenHash)
->orWhere('token', $token)
->groupEnd()
->where('authorized_user_id', $authorizedUserId)
->where('status', 'Active')
->where('updated_at >=', Time::now()->subHours(self::TOKEN_TTL_HOURS)->toDateTimeString())
->first();
if (!$authorizedUser) {
return $this->fail('Invalid or expired confirmation link.');
}
$user = $this->userModel->find($authorizedUserId); $user = $this->userModel->find($authorizedUserId);
if (!$user) { if (!$user) {
return $this->failNotFound('User not found.'); return $this->failNotFound('User not found.');
} }
return view('user/set_authorized_user_password', ['userId' => $authorizedUserId]); return view('user/set_authorized_user_password', [
'userId' => $authorizedUserId,
'token' => $token,
]);
} }
/** /**
@@ -181,38 +274,59 @@ class AuthorizedUsersController extends ResourceController
* *
* @return ResponseInterface * @return ResponseInterface
*/ */
/* public function savePassword($authorizedUserId = null)
public function savePassword()
{ {
// Validate the request
$validation = \Config\Services::validation(); $validation = \Config\Services::validation();
$validation->setRules([ $validation->setRules([
'password' => 'required|min_length[6]', 'password' => [
'label' => 'Password',
'rules' => 'required|min_length[8]|regex_match[/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@\\-=\\+*#$%&!?])[A-Za-z\\d@\\-=\\+*#$%&!?]{8,}$/]',
],
'password_confirm' => 'required|matches[password]', 'password_confirm' => 'required|matches[password]',
'user_id' => 'required|integer' 'user_id' => 'required|integer',
'token' => 'required',
]); ]);
if (!$this->validate($validation->getRules())) { if (!$this->validate($validation->getRules())) {
return $this->failValidationErrors($validation->getErrors()); return $this->failValidationErrors($validation->getErrors());
} }
// Get the validated input $userId = (int) $this->request->getPost('user_id');
$userId = $this->request->getPost('user_id'); $token = (string) $this->request->getPost('token');
$password = $this->request->getPost('password'); $authorizedUserId = $authorizedUserId !== null ? (int) $authorizedUserId : $userId;
$model = new UserModel(); if ($userId <= 0 || $authorizedUserId <= 0 || $userId !== $authorizedUserId) {
$user = $model->find($userId); return $this->fail('Invalid request.');
}
$tokenHash = $this->hashToken($token);
$authorizedUser = $this->authorizedUserModel
->groupStart()
->where('token', $tokenHash)
->orWhere('token', $token)
->groupEnd()
->where('authorized_user_id', $authorizedUserId)
->where('status', 'Active')
->where('updated_at >=', Time::now()->subHours(self::TOKEN_TTL_HOURS)->toDateTimeString())
->first();
if (!$authorizedUser) {
return $this->fail('Invalid or expired confirmation link.');
}
$user = $this->userModel->find($authorizedUserId);
if (!$user) { if (!$user) {
return $this->failNotFound('User not found.'); return $this->failNotFound('User not found.');
} }
// Save the password $password = (string) $this->request->getPost('password');
$model->update($userId, ['password' => password_hash($password, PASSWORD_DEFAULT)]); $hashedPassword = pbkdf2_hash($password);
$this->userModel->update($authorizedUserId, ['password' => $hashedPassword]);
$this->authorizedUserModel->update($authorizedUser['id'], ['token' => null]);
return $this->respond(['message' => 'Password has been successfully set.']); return $this->respond(['message' => 'Password has been successfully set.']);
} }
*/
/** /**
* Sends a confirmation email to the authorized user. * Sends a confirmation email to the authorized user.
* *
@@ -242,4 +356,4 @@ class AuthorizedUsersController extends ResourceController
log_message('error', 'Failed to send authorized user confirmation email to ' . $email); log_message('error', 'Failed to send authorized user confirmation email to ' . $email);
} }
} }
} }
@@ -0,0 +1,557 @@
<?php
namespace App\Controllers\View;
use App\Controllers\BaseController;
use App\Models\ClassSectionModel;
use App\Models\ConfigurationModel;
use App\Models\CertificateRecordModel;
use App\Models\StudentDecisionModel;
class CertificateController extends BaseController
{
protected $classSectionModel;
protected $configModel;
protected $certRecordModel;
protected $schoolYear;
public function __construct()
{
$this->classSectionModel = new ClassSectionModel();
$this->configModel = new ConfigurationModel();
$this->certRecordModel = new CertificateRecordModel();
$this->schoolYear = $this->configModel->getConfig('school_year');
}
// ─── Admin UI ──────────────────────────────────────────────────────────────
public function index()
{
$db = \Config\Database::connect();
$selectedCsid = $this->request->getGet('class_section_id');
$schoolYear = $this->request->getGet('school_year') ?? $this->schoolYear;
// ── All enrolled students across every class section ───────────────────
$allEnrolled = $db->table('student_class sc')
->select('s.id AS student_id, s.firstname, s.lastname, sc.class_section_id, cs.class_section_name')
->join('students s', 's.id = sc.student_id')
->join('classSection cs', 'cs.class_section_id = sc.class_section_id')
->where('s.is_active', 1)
->where('sc.school_year', $schoolYear)
->orderBy('s.firstname', 'ASC')
->orderBy('s.lastname', 'ASC')
->get()->getResultArray();
$allIds = array_unique(array_column($allEnrolled, 'student_id'));
// ── Semester scores ────────────────────────────────────────────────────
$allScoreMap = [];
if (!empty($allIds)) {
foreach ($db->table('semester_scores')
->select('student_id, semester, semester_score')
->whereIn('student_id', $allIds)
->where('school_year', $schoolYear)
->where('semester_score IS NOT NULL', null, false)
->get()->getResultArray() as $sr) {
$allScoreMap[(int)$sr['student_id']][ucfirst(strtolower($sr['semester']))] =
is_numeric($sr['semester_score']) ? (float)$sr['semester_score'] : null;
}
}
// ── Below-60 manual decisions ──────────────────────────────────────────
$allBelowMap = [];
if (!empty($allIds)) {
foreach ($db->table('below_sixty_decisions')
->whereIn('student_id', $allIds)
->where('school_year', $schoolYear)
->get()->getResultArray() as $b) {
$allBelowMap[(int)$b['student_id']][ucfirst(strtolower($b['semester']))] = (string)$b['decision'];
}
}
// ── Certificate records (most recent per student) ──────────────────────
$certsByStudent = [];
if (!empty($allIds)) {
foreach ($db->table('certificate_records')
->select('student_id, certificate_number, issued_at')
->whereIn('student_id', $allIds)
->where('school_year', $schoolYear)
->orderBy('issued_at', 'DESC')
->get()->getResultArray() as $c) {
$sid = (int)$c['student_id'];
if (!isset($certsByStudent[$sid])) {
$certsByStudent[$sid] = $c['certificate_number'];
}
}
}
// ── Build per-student decisions + per-class buckets ────────────────────
$decisionsByStudent = [];
$studentsByClass = []; // [csid => [student rows...]]
$statsPerClass = []; // [csid => {name, total, pass, cert}]
foreach ($allEnrolled as $row) {
$sid = (int)$row['student_id'];
$csid = (int)$row['class_section_id'];
// Decisions per semester
foreach ($allScoreMap[$sid] ?? [] as $sem => $score) {
if ($score === null) continue;
if ($score >= 60) {
$dec = 'Pass'; $src = 'auto';
} elseif (!empty($allBelowMap[$sid][$sem])) {
$dec = $allBelowMap[$sid][$sem]; $src = 'manual';
} else {
$dec = ''; $src = 'pending';
}
$decisionsByStudent[$sid][$sem] = ['decision' => $dec, 'source' => $src];
}
// Per-class stats
if (!isset($statsPerClass[$csid])) {
$statsPerClass[$csid] = ['name' => $row['class_section_name'], 'total' => 0, 'pass' => 0, 'cert' => 0];
}
$statsPerClass[$csid]['total']++;
$sems = $allScoreMap[$sid] ?? [];
$isPass = !empty($sems);
foreach ($sems as $sem => $score) {
if ($score === null) { $isPass = false; break; }
if ($score >= 60) continue;
$md = $allBelowMap[$sid][$sem] ?? '';
if ($md === '' || $md !== 'Pass') { $isPass = false; break; }
}
if ($isPass) $statsPerClass[$csid]['pass']++;
if (isset($certsByStudent[$sid])) $statsPerClass[$csid]['cert']++;
// Group students by class
$studentsByClass[$csid][] = $row;
}
// ── Determine default active tab ───────────────────────────────────────
$firstCsid = !empty($allEnrolled) ? (int)$allEnrolled[0]['class_section_id'] : null;
if ($selectedCsid === null && $firstCsid !== null) {
$selectedCsid = (string)$firstCsid;
}
return view('admin/certificates/index', [
'studentsByClass' => $studentsByClass,
'selectedClassId' => $selectedCsid,
'schoolYear' => $schoolYear,
'certDate' => date('m/d/Y'),
'decisionsByStudent' => $decisionsByStudent,
'certsByStudent' => $certsByStudent,
'statsPerClass' => $statsPerClass,
]);
}
public function auditLog()
{
$schoolYear = $this->request->getGet('school_year') ?? $this->schoolYear;
$records = $this->certRecordModel->getAuditLog($schoolYear);
$yearSummary = $this->certRecordModel->yearSummary();
return view('admin/certificates/audit_log', [
'records' => $records,
'schoolYear' => $schoolYear,
'yearSummary' => $yearSummary,
]);
}
public function csrfToken()
{
return $this->response
->setHeader('Cache-Control', 'no-store, no-cache, must-revalidate, max-age=0')
->setHeader('Pragma', 'no-cache')
->setJSON([
'csrf_token' => csrf_token(),
'csrf_hash' => csrf_hash(),
]);
}
// ─── Public verification page ──────────────────────────────────────────────
public function verify(string $certNumber)
{
$record = \Config\Database::connect()
->table('certificate_records cr')
->select('cr.*, u.firstname AS admin_firstname, u.lastname AS admin_lastname')
->join('users u', 'u.id = cr.issued_by', 'left')
->where('cr.certificate_number', strtoupper($certNumber))
->get()->getRowArray();
return view('certificates/verify', ['record' => $record ?: null]);
}
// ─── Reprint an existing certificate ──────────────────────────────────────
public function reprint(string $certNumber)
{
$record = \Config\Database::connect()
->table('certificate_records')
->where('certificate_number', strtoupper($certNumber))
->get()->getRowArray();
if (!$record) {
return redirect()->to('administrator/certificates/log')
->with('error', 'Certificate not found: ' . $certNumber);
}
$certDateFormatted = '';
if (!empty($record['cert_date'])) {
$ts = strtotime((string)$record['cert_date']);
if ($ts) {
$certDateFormatted = date('m/d/Y', $ts);
}
}
$student = [
'firstname' => (string)($record['student_name'] ?? ''),
'lastname' => '',
'grade' => (string)($record['grade'] ?? ''),
'cert_number' => (string)($record['certificate_number'] ?? ''),
];
// student_name is stored as "Firstname Lastname" — split for the PDF builder
$parts = explode(' ', trim($student['firstname']), 2);
if (count($parts) === 2) {
$student['firstname'] = $parts[0];
$student['lastname'] = $parts[1];
}
$pdfData = $this->buildPdf([$student], $certDateFormatted ?: date('m/d/Y'));
$filename = 'Certificate_' . strtoupper($certNumber) . '.pdf';
return $this->response
->setHeader('Content-Type', 'application/pdf')
->setHeader('Content-Disposition', 'inline; filename="' . $filename . '"')
->setBody($pdfData);
}
// ─── PDF generation ────────────────────────────────────────────────────────
public function generate()
{
$studentIds = $this->request->getPost('student_ids') ?? [];
$certDate = trim($this->request->getPost('cert_date') ?? date('m/d/Y'));
$classSectionId = $this->request->getPost('class_section_id');
$schoolYear = $this->request->getPost('school_year') ?? $this->schoolYear;
if (empty($studentIds)) {
if ($this->request->isAJAX()) {
return $this->response
->setStatusCode(422)
->setJSON([
'ok' => false,
'error' => 'Please select at least one student.',
'csrf_token' => csrf_token(),
'csrf_hash' => csrf_hash(),
]);
}
return redirect()->to('administrator/certificates')->with('error', 'Please select at least one student.');
}
$studentIds = array_filter(array_map('intval', $studentIds));
$certDate = preg_replace('/[^0-9\/\-]/', '', $certDate);
if (empty($studentIds)) {
if ($this->request->isAJAX()) {
return $this->response
->setStatusCode(422)
->setJSON([
'ok' => false,
'error' => 'Invalid student selection.',
'csrf_token' => csrf_token(),
'csrf_hash' => csrf_hash(),
]);
}
return redirect()->to('administrator/certificates')->with('error', 'Invalid student selection.');
}
$db = \Config\Database::connect();
$students = [];
foreach ($studentIds as $id) {
$row = null;
if ($classSectionId) {
$row = $db->table('student_class sc')
->select('s.id, s.firstname, s.lastname, cs.class_section_name AS grade')
->join('students s', 's.id = sc.student_id')
->join('classSection cs', 'cs.class_section_id = sc.class_section_id')
->where('sc.class_section_id', (int) $classSectionId)
->where('s.id', $id)
->get()->getRowArray();
}
if (!$row) {
$s = $db->table('students')
->select('id, firstname, lastname, registration_grade AS grade')
->where('id', $id)
->get()->getRowArray();
$row = $s ?: null;
}
if ($row) {
$students[] = $row;
}
}
if (empty($students)) {
if ($this->request->isAJAX()) {
return $this->response
->setStatusCode(422)
->setJSON([
'ok' => false,
'error' => 'No valid students found.',
'csrf_token' => csrf_token(),
'csrf_hash' => csrf_hash(),
]);
}
return redirect()->to('administrator/certificates')->with('error', 'No valid students found.');
}
$issuedBy = session()->get('user_id');
$issuedAt = date('Y-m-d H:i:s');
$certDateDb = $this->parseCertDate($certDate);
// Load any existing certificates for these students this school year
$db = \Config\Database::connect();
$existingCerts = $db->table('certificate_records')
->select('student_id, certificate_number')
->whereIn('student_id', array_column($students, 'id'))
->where('school_year', $schoolYear)
->get()->getResultArray();
$existingCertMap = [];
foreach ($existingCerts as $ec) {
$existingCertMap[(int)$ec['student_id']] = $ec['certificate_number'];
}
foreach ($students as &$student) {
$sid = (int)$student['id'];
if (isset($existingCertMap[$sid])) {
// Reuse existing certificate number — do not create a new record
$student['cert_number'] = $existingCertMap[$sid];
} else {
$certNumber = $this->certRecordModel->nextNumber($schoolYear);
$this->certRecordModel->insert([
'certificate_number' => $certNumber,
'student_id' => $sid,
'student_name' => $student['firstname'] . ' ' . $student['lastname'],
'grade' => $this->formatGrade($student['grade'] ?? ''),
'cert_date' => $certDateDb,
'school_year' => $schoolYear,
'class_section_id' => $classSectionId ?: null,
'issued_by' => $issuedBy,
'issued_at' => $issuedAt,
]);
$student['cert_number'] = $certNumber;
}
}
unset($student);
$pdfData = $this->buildPdf($students, $certDate);
$filename = 'Certificates_' . date('Ymd_His') . '.pdf';
return $this->response
->setHeader('Content-Type', 'application/pdf')
->setHeader('Content-Disposition', 'inline; filename="' . $filename . '"')
->setHeader('X-CSRF-TOKEN-NAME', csrf_token())
->setHeader('X-CSRF-TOKEN', csrf_hash())
->setBody($pdfData);
}
// ─── Helpers ───────────────────────────────────────────────────────────────
private function parseCertDate(string $certDate): ?string
{
if (preg_match('#^(\d{2})/(\d{2})/(\d{4})$#', $certDate, $m)) {
return $m[3] . '-' . $m[1] . '-' . $m[2];
}
if (preg_match('#^\d{4}-\d{2}-\d{2}$#', $certDate)) {
return $certDate;
}
return null;
}
private function formatGrade(string $raw): string
{
$clean = trim($raw);
$lower = strtolower($clean);
// Strip section suffix: "Grade 1-A" → "Grade 1", "Grade 2-B" → "Grade 2"
if (preg_match('/^grade\s*(\d+)/i', $clean, $m)) {
return 'Grade ' . (int)$m[1];
}
if ($lower === 'youth') {
return 'Youth';
}
if ($lower === 'kg' || $lower === 'kindergarten') {
return 'Kindergarten';
}
// Raw number or number-section (e.g. "1", "1-A", "2-B") → keep number only
if (preg_match('/^(\d+)([- ][A-Za-z0-9]+)?$/', $clean, $m)) {
return 'Grade ' . (int)$m[1];
}
return $clean;
}
// ─── PDF rendering ─────────────────────────────────────────────────────────
private function buildPdf(array $students, string $certDate): string
{
$fontDir = FCPATH . 'assets' . DIRECTORY_SEPARATOR . 'certificates' . DIRECTORY_SEPARATOR . 'fonts' . DIRECTORY_SEPARATOR;
$imgDir = FCPATH . 'assets' . DIRECTORY_SEPARATOR . 'certificates' . DIRECTORY_SEPARATOR . 'images' . DIRECTORY_SEPARATOR;
$edwardianFont = \TCPDF_FONTS::addTTFfont($fontDir . 'Edwardian Script ITC Regular.ttf', 'TrueTypeUnicode', '', 32);
$garamondBold = \TCPDF_FONTS::addTTFfont($fontDir . 'Garamond Bold.ttf', 'TrueTypeUnicode', '', 32);
$ebGaramond = \TCPDF_FONTS::addTTFfont($fontDir . 'EBGaramond-Regular.ttf', 'TrueTypeUnicode', '', 32);
$pdf = new \TCPDF('L', 'pt', 'A4', true, 'UTF-8', false);
$pdf->SetCreator('Al Rahma Sunday School');
$pdf->SetTitle('Student Certificates');
$pdf->SetMargins(0, 0, 0, true);
$pdf->SetAutoPageBreak(false, 0);
$pdf->setPrintHeader(false);
$pdf->setPrintFooter(false);
$pdf->SetHeaderMargin(0);
$pdf->SetFooterMargin(0);
$W = $pdf->getPageWidth();
$H = $pdf->getPageHeight();
foreach ($students as $student) {
$pdf->AddPage();
$name = $student['firstname'] . ' ' . $student['lastname'];
$grade = $this->formatGrade($student['grade'] ?? '');
$certNumber = $student['cert_number'] ?? '';
// Build verification URL for an inline TCPDF QR code.
$verifyUrl = site_url('verify/' . rawurlencode($certNumber));
$this->drawCertificate(
$pdf, $W, $H,
$name, $grade, $certDate, $certNumber,
$verifyUrl,
$imgDir, $edwardianFont, $garamondBold, $ebGaramond
);
}
return $pdf->Output('', 'S');
}
/**
* Coordinate mapping: iTextSharp origin bottom-left → TCPDF origin top-left.
* y_tcpdf ≈ H y_iTextSharp
*/
private function drawCertificate(
\TCPDF $pdf,
float $W,
float $H,
string $name,
string $grade,
string $certDate,
string $certNumber,
?string $verifyUrl,
string $imgDir,
string $edwardianFont,
string $garamondBold,
string $ebGaramond
): void {
// ── Images
$pdf->Image($imgDir . 'title.png', 126, 0, 600);
$pdf->Image($imgDir . 'background.png', 280, 176, 291, 340);
$pdf->Image($imgDir . 'signature.png', 140, 410, 90, 80);
// ── "Presented to:"
$pdf->SetFont('times', 'B', 24);
$pdf->SetTextColor(0, 0, 0);
$pdf->SetXY(0, 151);
$pdf->Cell($W, 24, 'Presented to:', 0, 0, 'C');
// ── QR code — left-aligned with "Presented to:", vertically centred on that line
$qrSize = 42; // pt
if (!empty($verifyUrl)) {
$qrX = 120; // ~1 cm from left edge
$qrY = 171 + (24 - $qrSize) / 2; // vertically centred on "Presented to:" row
$style = [
'border' => false,
'padding' => 0,
'fgcolor' => [0, 0, 0],
'bgcolor' => false,
];
$pdf->write2DBarcode($verifyUrl, 'QRCODE,L', $qrX, $qrY, $qrSize, $qrSize, $style, 'N');
}
// ── Student name — center based on actual string width
$pdf->SetFont($edwardianFont, '', 38);
$nameX = ($W - $pdf->GetStringWidth($name)) / 2;
$this->drawGradientText($pdf, $edwardianFont, 38, $name, $nameX, 229.5);
// ── Line under name
$pdf->SetFont('times', '', 20);
$pdf->SetXY(0, 243);
$pdf->Cell(600, 20, '___________________________________', 0, 0, 'R');
// ── Description
$pdf->SetFont($ebGaramond, '', 20);
$pdf->SetXY(0, 273);
$pdf->Cell($W, 20, 'for successfully completing the requirements of', 0, 0, 'C');
// ── Grade
$pdf->SetFont($garamondBold, '', 20);
$pdf->SetXY(0, 310);
$pdf->Cell($W, 20, $grade, 0, 0, 'C');
// ── "at"
$pdf->SetFont('times', '', 20);
$pdf->SetXY(0, 343);
$pdf->Cell($W, 20, 'at', 0, 0, 'C');
// ── School name
$pdf->SetFont($garamondBold, '', 20);
$pdf->SetXY(0, 375);
$pdf->Cell($W, 20, 'Al Rahma Sunday School', 0, 0, 'C');
// ── Date (gradient script)
$this->drawGradientText($pdf, $edwardianFont, 26, $certDate, 586, 456);
// ── Date underline + label
$pdf->SetFont('times', '', 20);
$pdf->SetXY(0, 463);
$pdf->Cell(742, 20, '_________________', 0, 0, 'R');
$pdf->SetXY(650, 492);
$pdf->Cell(80, 20, 'Date', 0, 0, 'C');
// ── Signature underline + label
$pdf->SetXY(106, 463);
$pdf->Cell(200, 20, '_________________', 0, 0, 'L');
$pdf->SetXY(106, 492);
$pdf->Cell(168, 20, 'Signature', 0, 0, 'C');
// ── Certificate number — 1.4 cm from bottom, 2.5 cm from left
if ($certNumber !== '') {
$pdf->SetFont('helvetica', '', 8);
$pdf->SetTextColor(150, 150, 150);
$pdf->SetXY(70.86, $H - 39.68);
$pdf->Cell(200, 12, 'Certificate No. ' . $certNumber, 0, 0, 'L');
$pdf->SetTextColor(0, 0, 0);
}
}
private function drawGradientText(\TCPDF $pdf, string $fontName, float $fontSize, string $text, float $x, float $y): void
{
$pdf->SetFont($fontName, '', $fontSize);
for ($i = 0; $i < 6; $i++) {
$pdf->setAlpha(($i + 1) * 25 / 255);
$pdf->SetTextColor(0, 0, 0);
$pdf->Text($x + $i / 4, $y + $i / 4, $text);
}
$pdf->setAlpha(1);
$pdf->SetTextColor(0, 0, 0);
$pdf->Text($x, $y, $text);
}
}
+9 -9
View File
@@ -24,10 +24,10 @@ class ContactController extends BaseController
// Define validation rules // Define validation rules
$validation->setRules([ $validation->setRules([
'name' => 'required|min_length[3]', 'name' => "required|regex_match[/^[\\p{L}\\s'\\-]+$/u]|min_length[3]|max_length[100]",
'email' => 'required|valid_email', 'email' => 'required|valid_email|max_length[254]',
'subject' => 'required|min_length[3]', 'subject' => 'required|min_length[3]|max_length[150]',
'message' => 'required|min_length[10]' 'message' => 'required|min_length[10]|max_length[5000]'
]); ]);
if (!$validation->withRequest($this->request)->run()) { if (!$validation->withRequest($this->request)->run()) {
@@ -37,10 +37,10 @@ class ContactController extends BaseController
} }
// Process form data // Process form data
$name = $this->request->getPost('name'); $name = esc((string) $this->request->getPost('name'));
$email = strtolower($this->request->getPost('email')); $email = esc(strtolower((string) $this->request->getPost('email')));
$subject = $this->request->getPost('subject'); $subject = esc((string) $this->request->getPost('subject'));
$message = $this->request->getPost('message'); $message = nl2br(esc((string) $this->request->getPost('message')));
// Initialize the EmailController // Initialize the EmailController
$emailController = new \App\Controllers\View\EmailController(); $emailController = new \App\Controllers\View\EmailController();
@@ -63,4 +63,4 @@ class ContactController extends BaseController
return redirect()->to('/parent/contact'); return redirect()->to('/parent/contact');
} }
} }
+5 -2
View File
@@ -750,7 +750,9 @@ class DiscountController extends BaseController
} }
} catch (\Throwable $e) {} } catch (\Throwable $e) {}
$newTotal = round($tuitionSubtotal + $eventSubtotal + $additionalSubtotal, 2); $discountableTotal = $tuitionSubtotal + $additionalSubtotal;
$nonDiscountableTotal = $eventSubtotal;
$newTotal = round($discountableTotal + $nonDiscountableTotal, 2);
// ---- Payments / Discounts / Refunds ---- // ---- Payments / Discounts / Refunds ----
$db = $this->db; $db = $this->db;
@@ -794,7 +796,8 @@ class DiscountController extends BaseController
->get()->getRowArray(); ->get()->getRowArray();
$totalRefundPaid = (float)($refundRow['total_refund_paid'] ?? 0); $totalRefundPaid = (float)($refundRow['total_refund_paid'] ?? 0);
$newBalance = max(0.0, $newTotal - $totalDisc - $totalPaid - $totalRefundPaid); $appliedDiscount = min($totalDisc, $discountableTotal);
$newBalance = max(0.0, $newTotal - $appliedDiscount - $totalPaid - $totalRefundPaid);
$newStatus = ($newBalance <= 0.00001) ? 'Paid' : (($totalPaid > 0) ? 'Partially Paid' : 'Unpaid'); $newStatus = ($newBalance <= 0.00001) ? 'Paid' : (($totalPaid > 0) ? 'Partially Paid' : 'Unpaid');
$updateData = [ $updateData = [
+157
View File
@@ -170,6 +170,163 @@ class EmailController extends Controller
} }
} }
/**
* Send one email with a single To recipient and many CC recipients.
*
* @param string $recipient
* @param string[] $ccRecipients
* @param string $subject
* @param string $htmlMessage
* @param string|null $profile
* @param string|null $replyToEmail
* @param string|null $replyToName
* @param array $attachments
*/
public function sendEmailWithCc(
string $recipient,
array $ccRecipients,
string $subject,
string $htmlMessage,
?string $profile = null,
?string $replyToEmail = null,
?string $replyToName = null,
array $attachments = []
): bool {
$ccRecipients = array_values(array_unique(array_filter(array_map(static function ($email) {
$email = trim((string) $email);
return filter_var($email, FILTER_VALIDATE_EMAIL) ? $email : null;
}, $ccRecipients))));
if ($ccRecipients === []) {
return $this->sendEmail($recipient, $subject, $htmlMessage, $profile, $replyToEmail, $replyToName, $attachments);
}
$autoload = APPPATH . '../vendor/autoload.php';
if (is_file($autoload)) {
require_once $autoload;
}
$profile = $this->resolveProfile($profile);
$cfg = $this->getProfileConfig($profile);
if (empty($cfg['host']) || empty($cfg['user']) || $cfg['pass'] === '') {
log_message('error', "[mail:$profile] Missing SMTP config (host/user/pass). Check .env MAIL_{$this->envKeyFromProfile($profile)}_* or MAIL_DEFAULT_*.");
return false;
}
$debugEnabled = (bool) env('MAIL_DEBUG', false);
$timeout = (int) env('MAIL_TIMEOUT', 15);
$keepAlive = (bool) env('MAIL_KEEPALIVE', false);
$verifyPeer = filter_var(env('MAIL_VERIFY_PEER', 'true'), FILTER_VALIDATE_BOOLEAN);
$targetHost = $cfg['host'];
$targetPort = (int) $cfg['port'];
$resolved = @gethostbyname($targetHost);
if (!$resolved || $resolved === $targetHost) {
log_message('debug', "[mail:$profile] DNS resolve note: host=$targetHost, resolved=$resolved");
}
$sockOk = @fsockopen($targetHost, $targetPort, $errno, $errstr, 5);
if (!$sockOk) {
log_message('error', "[mail:$profile] Socket preflight failed to {$targetHost}:{$targetPort} (errno=$errno, err=$errstr). Likely firewall/port/encryption mismatch or wrong host.");
} else {
fclose($sockOk);
}
$mail = new PHPMailer(true);
try {
if ($debugEnabled) {
ob_start();
}
$mail->isSMTP();
$mail->Host = $cfg['host'];
$mail->Port = $cfg['port'];
$mail->SMTPAuth = true;
$mail->Username = $cfg['user'];
$mail->Password = $cfg['pass'];
$mail->CharSet = 'UTF-8';
$mail->Timeout = $timeout;
$mail->SMTPKeepAlive = $keepAlive;
$mail->SMTPAutoTLS = true;
if ($cfg['encryption'] === 'ssl') {
$mail->SMTPSecure = PHPMailer::ENCRYPTION_SMTPS;
} else {
$mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS;
}
$mail->SMTPOptions = [
'ssl' => [
'verify_peer' => $verifyPeer,
'verify_peer_name' => $verifyPeer,
'allow_self_signed' => !$verifyPeer,
],
];
$mail->SMTPDebug = $debugEnabled ? 3 : 0;
$mail->Debugoutput = 'error_log';
$mail->setFrom($cfg['fromEmail'], $cfg['fromName']);
if (!empty($cfg['returnPath'])) {
$mail->Sender = $cfg['returnPath'];
}
$mail->clearReplyTos();
$rtEmail = env('MAIL_DEFAULT_REPLY_TO');
$rtName = env('MAIL_DEFAULT_REPLY_TO_NAME');
if (!$rtEmail || !filter_var($rtEmail, FILTER_VALIDATE_EMAIL)) {
$rtEmail = $replyToEmail ?: ($cfg['replyTo'] ?: $cfg['fromEmail']);
}
if (!$rtName) {
$rtName = $replyToName ?: ($cfg['replyToName'] ?: $cfg['fromName']);
}
$rtName = $this->sanitizeReplyToName($rtName, $cfg['fromName']);
if ($rtEmail) {
$mail->addReplyTo($rtEmail, $rtName);
}
if (!empty($cfg['dkim']['domain']) && !empty($cfg['dkim']['private']) && !empty($cfg['dkim']['selector'])) {
$mail->DKIM_domain = $cfg['dkim']['domain'];
$mail->DKIM_private = $cfg['dkim']['private'];
$mail->DKIM_selector = $cfg['dkim']['selector'];
$mail->DKIM_identity = $cfg['fromEmail'];
}
$mail->addAddress($recipient);
foreach ($ccRecipients as $ccRecipient) {
$mail->addCC($ccRecipient);
}
foreach ($attachments as $att) {
if (!empty($att['path']) && is_file($att['path'])) {
$mail->addAttachment($att['path'], $att['name'] ?? '');
}
}
$mail->isHTML(true);
$mail->Subject = $subject;
$mail->Body = $htmlMessage;
$ok = $mail->send();
$dbg = $debugEnabled ? (ob_get_clean() ?: '') : '';
if ($ok) {
log_message('info', "[mail:$profile] Sent to {$recipient} with " . count($ccRecipients) . " CC recipient(s), subj='{$subject}' via {$cfg['host']}:{$cfg['port']}/{$cfg['encryption']}");
return true;
}
log_message('error', "[mail:$profile] Failed: {$mail->ErrorInfo}. Debug: {$dbg}");
return false;
} catch (Exception $e) {
$dbg = $debugEnabled ? (ob_get_clean() ?: '') : '';
log_message('error', "[mail:$profile] Exception: {$e->getMessage()} | PHPMailer: {$mail->ErrorInfo} | Debug: {$dbg}");
return false;
}
}
/** Resolve null/alias profile names to a canonical env prefix. */ /** Resolve null/alias profile names to a canonical env prefix. */
private function resolveProfile(?string $profile): string private function resolveProfile(?string $profile): string
{ {
File diff suppressed because it is too large Load Diff
File diff suppressed because it is too large Load Diff
+125 -1
View File
@@ -224,6 +224,10 @@ class FilesController extends Controller
throw PageNotFoundException::forPageNotFound(); throw PageNotFoundException::forPageNotFound();
} }
if (!$this->canAccessExamDraftFile($name, $subdir)) {
return $this->response->setStatusCode(403, 'You are not allowed to access this file.');
}
$mime = 'application/octet-stream'; $mime = 'application/octet-stream';
if (function_exists('finfo_open')) { if (function_exists('finfo_open')) {
$fi = finfo_open(FILEINFO_MIME_TYPE); $fi = finfo_open(FILEINFO_MIME_TYPE);
@@ -271,8 +275,8 @@ class FilesController extends Controller
private function buildDraftDownloadName(string $filename, string $subdir): string private function buildDraftDownloadName(string $filename, string $subdir): string
{ {
$column = $subdir === 'finals' ? 'final_file' : 'teacher_file';
$db = Database::connect(); $db = Database::connect();
$column = $subdir === 'finals' ? 'final_file' : $this->resolveExamDraftFileColumn($db);
$row = $db->table('exam_drafts ed') $row = $db->table('exam_drafts ed')
->select('ed.version, ed.exam_type, ed.class_section_id, cs.class_section_name') ->select('ed.version, ed.exam_type, ed.class_section_id, cs.class_section_name')
->join('classSection cs', 'cs.class_section_id = ed.class_section_id', 'left') ->join('classSection cs', 'cs.class_section_id = ed.class_section_id', 'left')
@@ -301,4 +305,124 @@ class FilesController extends Controller
$value = trim($value, '_'); $value = trim($value, '_');
return $value === '' ? 'Exam' : mb_strtolower($value); return $value === '' ? 'Exam' : mb_strtolower($value);
} }
private function resolveExamDraftFileColumn($db): string
{
try {
$fields = $db->getFieldNames('exam_drafts');
if (in_array('teacher_file', $fields, true)) {
return 'teacher_file';
}
if (in_array('author_file', $fields, true)) {
return 'author_file';
}
} catch (\Throwable $e) {
log_message('error', 'FilesController::resolveExamDraftFileColumn error: ' . $e->getMessage());
}
return 'teacher_file';
}
private function resolveExamDraftAuthorIdColumn($db): string
{
try {
$fields = $db->getFieldNames('exam_drafts');
if (in_array('teacher_id', $fields, true)) {
return 'teacher_id';
}
if (in_array('author_id', $fields, true)) {
return 'author_id';
}
} catch (\Throwable $e) {
log_message('error', 'FilesController::resolveExamDraftAuthorIdColumn error: ' . $e->getMessage());
}
return 'teacher_id';
}
private function canAccessExamDraftFile(string $filename, string $subdir): bool
{
$userId = (int) (session()->get('user_id') ?? 0);
if ($userId <= 0) {
return false;
}
$role = strtolower((string) (session()->get('role') ?? ''));
if (in_array($role, ['admin', 'administrator', 'principal'], true)) {
return true;
}
$db = Database::connect();
$fileColumn = $subdir === 'finals' ? 'final_file' : $this->resolveExamDraftFileColumn($db);
$authorIdColumn = $this->resolveExamDraftAuthorIdColumn($db);
$draft = $db->table('exam_drafts ed')
->select('ed.class_section_id, ed.school_year, ed.semester, ed.status, ed.' . $authorIdColumn . ' AS draft_author_id')
->where('ed.' . $fileColumn, $filename)
->limit(1)
->get()
->getRowArray();
if (empty($draft)) {
return false;
}
$authorId = (int) ($draft['draft_author_id'] ?? 0);
if ($authorId > 0 && $authorId === $userId) {
return true;
}
$classSectionId = (int) ($draft['class_section_id'] ?? 0);
if ($classSectionId <= 0) {
return false;
}
$status = strtolower(trim((string) ($draft['status'] ?? '')));
if ($subdir === 'drafts' && $status === 'draft') {
return false;
}
$currentSchoolYear = trim((string) (session()->get('school_year') ?? ''));
$currentSemester = trim((string) (session()->get('semester') ?? ''));
$draftSchoolYear = trim((string) ($draft['school_year'] ?? ''));
$draftSemester = trim((string) ($draft['semester'] ?? ''));
$hasCurrentAssignment = $db->table('teacher_class')
->select('id')
->where('teacher_id', $userId)
->where('class_section_id', $classSectionId);
if ($currentSchoolYear !== '') {
$hasCurrentAssignment->where('school_year', $currentSchoolYear);
}
$hasCurrentAssignment = $hasCurrentAssignment->limit(1)->countAllResults() > 0;
if ($hasCurrentAssignment) {
if ($subdir === 'finals') {
return true;
}
return $draftSchoolYear === '' || $currentSchoolYear === '' || $draftSchoolYear === $currentSchoolYear;
}
$assignmentQuery = $db->table('teacher_class')
->select('id')
->where('teacher_id', $userId)
->where('class_section_id', $classSectionId);
if ($draftSchoolYear !== '') {
$assignmentQuery->where('school_year', $draftSchoolYear);
}
$hasDraftYearAssignment = $assignmentQuery->limit(1)->countAllResults() > 0;
if (!$hasDraftYearAssignment) {
return false;
}
if ($subdir === 'finals') {
return true;
}
return $draftSemester === '' || $currentSemester === '' || $draftSemester === $currentSemester;
}
} }
+103 -22
View File
@@ -68,17 +68,45 @@ public function financialReport()
} }
// === Invoices === // === Invoices ===
$invoices = $invoiceModel // Business rule: one active invoice per parent per school year.
->select("invoices.*, CONCAT(users.firstname, ' ', users.lastname) AS parent_name") // If legacy data has multiple invoices, show only the latest one to avoid reporting older invoices as "Unpaid"
->join('users', 'users.id = invoices.parent_id') // after new charges/payments update the current invoice.
->findAll(); $db = \Config\Database::connect();
if (!empty($schoolYear)) {
$latestSub = $db->table('invoices')
->select('parent_id, MAX(id) AS max_id')
->where('school_year', $schoolYear)
->groupBy('parent_id')
->getCompiledSelect();
$invBuilder = $db->table('invoices')
->select("invoices.*, CONCAT(users.firstname, ' ', users.lastname) AS parent_name", false)
->join("($latestSub) latest", 'latest.max_id = invoices.id', 'inner', false)
->join('users', 'users.id = invoices.parent_id', 'left');
if ($hasFrom) {
$invBuilder->where('DATE(COALESCE(invoices.issue_date, invoices.created_at)) >=', $dateFrom);
}
if ($hasTo) {
$invBuilder->where('DATE(COALESCE(invoices.issue_date, invoices.created_at)) <=', $dateTo);
}
$invoices = $invBuilder->get()->getResultArray();
} else {
$invoices = $invoiceModel
->select("invoices.*, CONCAT(users.firstname, ' ', users.lastname) AS parent_name")
->join('users', 'users.id = invoices.parent_id')
->findAll();
}
$invoiceIds = array_values(array_unique(array_filter(array_map(static function ($inv) {
$id = (int)($inv['id'] ?? 0);
return $id > 0 ? $id : null;
}, $invoices))));
// Helper to build a fresh, filtered PaymentModel each time (so filters don't get lost between queries) // Helper to build a fresh, filtered PaymentModel each time (so filters don't get lost between queries)
$buildPaymentModel = function () use ($schoolYear, $dateFrom, $dateTo) { $buildPaymentModel = function () use ($schoolYear, $dateFrom, $dateTo) {
$pm = new PaymentModel(); $pm = new PaymentModel();
if ($schoolYear) {
$pm->where('school_year', $schoolYear);
}
if (!empty($dateFrom)) { if (!empty($dateFrom)) {
$pm->where('DATE(payment_date) >=', $dateFrom); $pm->where('DATE(payment_date) >=', $dateFrom);
} }
@@ -114,7 +142,13 @@ public function financialReport()
}; };
// === Payments aggregated by invoice_id (for the "Paid" column) === // === Payments aggregated by invoice_id (for the "Paid" column) ===
$payments = $applyPaymentFilters($buildPaymentModel()) $paymentsQuery = $applyPaymentFilters($buildPaymentModel());
if (!empty($invoiceIds)) {
$paymentsQuery->whereIn('invoice_id', $invoiceIds);
} else {
$paymentsQuery->where('invoice_id', -1);
}
$payments = $paymentsQuery
->select('invoice_id, SUM(paid_amount) AS paid_amount') ->select('invoice_id, SUM(paid_amount) AS paid_amount')
->where('invoice_id IS NOT NULL') ->where('invoice_id IS NOT NULL')
->groupBy('invoice_id') ->groupBy('invoice_id')
@@ -138,6 +172,7 @@ public function financialReport()
SUM(paid_amount) AS amount SUM(paid_amount) AS amount
") ")
->where('invoice_id IS NOT NULL') ->where('invoice_id IS NOT NULL')
->whereIn('invoice_id', $invoiceIds ?: [-1])
->groupBy('invoice_id, method') ->groupBy('invoice_id, method')
->findAll(); ->findAll();
@@ -161,6 +196,7 @@ public function financialReport()
SUM(CASE WHEN LOWER(TRIM(payment_method)) IN ('credit','card','credit card','debit','debit card','visa','mastercard') THEN paid_amount ELSE 0 END) AS total_credit SUM(CASE WHEN LOWER(TRIM(payment_method)) IN ('credit','card','credit card','debit','debit card','visa','mastercard') THEN paid_amount ELSE 0 END) AS total_credit
") ")
->where('invoice_id IS NOT NULL') ->where('invoice_id IS NOT NULL')
->whereIn('invoice_id', $invoiceIds ?: [-1])
->first() ?? []; ->first() ?? [];
$paymentTotals = [ $paymentTotals = [
@@ -216,25 +252,28 @@ public function financialReport()
$schoolYears[] = (string)$schoolYear; $schoolYears[] = (string)$schoolYear;
} }
$eventFeesTotal = $this->getEventFeesTotal($schoolYear, $dateFrom, $dateTo);
// JSON API support // JSON API support
if ($this->wantsJson() || strtolower((string)($this->request->getGet('format') ?? '')) === 'json') { if ($this->wantsJson() || strtolower((string)($this->request->getGet('format') ?? '')) === 'json') {
return $this->response->setJSON([ return $this->response->setJSON([
'ok' => true, 'ok' => true,
'selectedYear' => $schoolYear, 'selectedYear' => $schoolYear,
'dateFrom' => $dateFrom, 'dateFrom' => $dateFrom,
'dateTo' => $dateTo, 'dateTo' => $dateTo,
'schoolYears' => $schoolYears, 'schoolYears' => $schoolYears,
'invoices' => $invoices, 'invoices' => $invoices,
'payments' => $payments, 'payments' => $payments,
'paymentBreakdown' => $paymentBreakdown, 'paymentBreakdown' => $paymentBreakdown,
'paymentTotals' => $paymentTotals, 'paymentTotals' => $paymentTotals,
'refunds' => $refunds, 'refunds' => $refunds,
'expenses' => $expenses, 'expenses' => $expenses,
'reimbursements' => $reimbursements, 'reimbursements' => $reimbursements,
'discounts' => $discounts, 'discounts' => $discounts,
'csrf_token' => csrf_token(), 'eventFeesTotal' => $eventFeesTotal,
'csrf_hash' => csrf_hash(), 'csrf_token' => csrf_token(),
]); 'csrf_hash' => csrf_hash(),
]);
} }
return view('payment/financial_report', [ return view('payment/financial_report', [
@@ -246,6 +285,7 @@ public function financialReport()
'expenses' => $expenses, 'expenses' => $expenses,
'reimbursements' => $reimbursements, 'reimbursements' => $reimbursements,
'discounts' => $discounts, 'discounts' => $discounts,
'eventFeesTotal' => $eventFeesTotal,
'selectedYear' => $schoolYear, 'selectedYear' => $schoolYear,
'schoolYears' => $schoolYears, 'schoolYears' => $schoolYears,
'dateFrom' => $dateFrom, 'dateFrom' => $dateFrom,
@@ -1058,6 +1098,7 @@ public function financialReport()
$amountCollected = $totalPaid; $amountCollected = $totalPaid;
$netAmount = ($totalCharges - $totalDiscounts - $totalRefunds); $netAmount = ($totalCharges - $totalDiscounts - $totalRefunds);
$totalEventFees = $this->getEventFeesTotal($schoolYear, $invoiceDateFrom, $invoiceDateTo);
return [ return [
'schoolYear' => $schoolYear, 'schoolYear' => $schoolYear,
'dateFrom' => $dateFrom, 'dateFrom' => $dateFrom,
@@ -1073,9 +1114,28 @@ public function financialReport()
'amountCollected' => $amountCollected, 'amountCollected' => $amountCollected,
'totalUnpaid' => $totalUnpaid, 'totalUnpaid' => $totalUnpaid,
'netAmount' => $netAmount, 'netAmount' => $netAmount,
'totalEventFees' => $totalEventFees,
]; ];
} }
private function getEventFeesTotal(?string $schoolYear, ?string $dateFrom, ?string $dateTo): float
{
$db = \Config\Database::connect();
$builder = $db->table('event_charges ec')
->select('COALESCE(SUM(ec.charged),0) AS amount', false);
if (!empty($schoolYear)) {
$builder->where('ec.school_year', $schoolYear);
}
if (!empty($dateFrom)) {
$builder->where('DATE(ec.created_at) >=', $dateFrom);
}
if (!empty($dateTo)) {
$builder->where('DATE(ec.created_at) <=', $dateTo);
}
$row = $builder->get()->getRowArray();
return $row ? (float)($row['amount'] ?? 0) : 0.0;
}
/** /**
* Management page: list parents with outstanding balances (> 0) for a school year. * Management page: list parents with outstanding balances (> 0) for a school year.
@@ -1226,6 +1286,23 @@ public function financialReport()
$byParent[$pid]['total_balance'] += $extra; $byParent[$pid]['total_balance'] += $extra;
} }
$eventFeesPerParent = [];
try {
$eventFeesRows = $db->table('event_charges ec')
->select('ec.parent_id, COALESCE(SUM(ec.charged),0) AS event_fees', false)
->where('ec.school_year', $schoolYear)
->groupBy('ec.parent_id')
->get()
->getResultArray();
foreach ($eventFeesRows as $row) {
$pid = (int)($row['parent_id'] ?? 0);
if ($pid <= 0) continue;
$eventFeesPerParent[$pid] = (float)($row['event_fees'] ?? 0);
}
} catch (\Throwable $e) {
// ignore, fallback to no event fees data
}
// Reduce into rows list; only parents with positive balance // Reduce into rows list; only parents with positive balance
// Also compute remaining installments and suggested monthly amount // Also compute remaining installments and suggested monthly amount
$rows = []; $rows = [];
@@ -1283,10 +1360,11 @@ public function financialReport()
$parentIds = array_values(array_unique(array_map(static fn($r) => (int)($r['parent_id'] ?? 0), $rows))); $parentIds = array_values(array_unique(array_map(static fn($r) => (int)($r['parent_id'] ?? 0), $rows)));
$hasPayments = []; $hasPayments = [];
$paidTotals = []; $paidTotals = [];
$paymentCounts = [];
if (!empty($parentIds)) { if (!empty($parentIds)) {
try { try {
$pRows = $db->table('payments') $pRows = $db->table('payments')
->select('parent_id, SUM(paid_amount) AS total_paid') ->select('parent_id, SUM(paid_amount) AS total_paid, COUNT(*) AS payment_count')
->whereIn('parent_id', $parentIds) ->whereIn('parent_id', $parentIds)
->where('school_year', $schoolYear) ->where('school_year', $schoolYear)
->groupBy('parent_id') ->groupBy('parent_id')
@@ -1296,6 +1374,7 @@ public function financialReport()
if ($pid > 0) { if ($pid > 0) {
$hasPayments[$pid] = true; $hasPayments[$pid] = true;
$paidTotals[$pid] = (float)($pr['total_paid'] ?? 0); $paidTotals[$pid] = (float)($pr['total_paid'] ?? 0);
$paymentCounts[$pid] = (int)($pr['payment_count'] ?? 0);
} }
} }
} catch (\Throwable $e) { } catch (\Throwable $e) {
@@ -1303,7 +1382,7 @@ public function financialReport()
} }
} }
$dataRows = array_map(function(array $r) use ($hasPayments, $paidTotals, $nextInstallmentYmd) { $dataRows = array_map(function(array $r) use ($hasPayments, $paidTotals, $paymentCounts, $nextInstallmentYmd, $eventFeesPerParent) {
$pid = (int)($r['parent_id'] ?? 0); $pid = (int)($r['parent_id'] ?? 0);
$name = trim((string)($r['firstname'] ?? '') . ' ' . (string)($r['lastname'] ?? '')); $name = trim((string)($r['firstname'] ?? '') . ' ' . (string)($r['lastname'] ?? ''));
return [ return [
@@ -1317,8 +1396,10 @@ public function financialReport()
'installment_amount' => (float)($r['installment_amount'] ?? 0), 'installment_amount' => (float)($r['installment_amount'] ?? 0),
'type' => isset($hasPayments[$pid]) ? 'installment' : 'no_payment', 'type' => isset($hasPayments[$pid]) ? 'installment' : 'no_payment',
'total_paid' => isset($paidTotals[$pid]) ? (float)$paidTotals[$pid] : 0.0, 'total_paid' => isset($paidTotals[$pid]) ? (float)$paidTotals[$pid] : 0.0,
'payment_count' => isset($paymentCounts[$pid]) ? (int)$paymentCounts[$pid] : 0,
'has_installment'=> isset($hasPayments[$pid]) ? 1 : 0, 'has_installment'=> isset($hasPayments[$pid]) ? 1 : 0,
'next_installment' => $nextInstallmentYmd, 'next_installment' => $nextInstallmentYmd,
'event_fees' => (float)($eventFeesPerParent[$pid] ?? 0),
]; ];
}, $rows); }, $rows);
+29 -1
View File
@@ -421,17 +421,45 @@ class FlagController extends Controller
log_message('debug', 'Flag state: ' . $this->request->getPost('flag_state')); log_message('debug', 'Flag state: ' . $this->request->getPost('flag_state'));
$currentFlagModel = new CurrentFlagModel(); $currentFlagModel = new CurrentFlagModel();
$userId = session()->get('user_id');
// Get the new flag state from the form // Get the new flag state from the form
$newState = $this->request->getPost('flag_state'); $newState = $this->request->getPost('flag_state');
$stateDescription = (string) ($this->request->getPost('state_description') ?? '');
$actionTaken = (string) ($this->request->getPost('action_taken') ?? '');
if (!$newState) { if (!$newState) {
session()->setFlashdata('error', 'incident state not provided.'); session()->setFlashdata('error', 'incident state not provided.');
return $this->index(); return $this->index();
} }
$update = ['flag_state' => $newState];
if ($newState === 'Closed') {
$update['updated_by_closed'] = $userId;
if ($stateDescription !== '') {
$update['close_description'] = $stateDescription;
}
if ($actionTaken !== '') {
$update['action_taken'] = $actionTaken;
}
} elseif ($newState === 'Canceled') {
$update['updated_by_canceled'] = $userId;
if ($stateDescription !== '') {
$update['cancel_description'] = $stateDescription;
}
if ($actionTaken !== '') {
$update['action_taken'] = $actionTaken;
}
}
// Update the flag state in the database // Update the flag state in the database
if ($currentFlagModel->update($id, ['flag_state' => $newState])) { if ($currentFlagModel->update($id, $update)) {
if ($newState === 'Closed' || $newState === 'Canceled') {
$flagData = $currentFlagModel->find($id);
if ($flagData) {
return $this->moveToHistory($flagData);
}
}
session()->setFlashdata('success', 'Incident state updated successfully!'); session()->setFlashdata('success', 'Incident state updated successfully!');
} else { } else {
$errors = $currentFlagModel->errors(); $errors = $currentFlagModel->errors();
+717 -7
View File
@@ -28,6 +28,9 @@ use App\Models\PlacementLevelModel;
use App\Models\PlacementBatchModel; use App\Models\PlacementBatchModel;
use App\Models\PlacementScoreModel; use App\Models\PlacementScoreModel;
use App\Models\GradingLockModel; use App\Models\GradingLockModel;
use App\Models\BelowSixtyDecisionModel;
use App\Models\StudentDecisionModel;
use App\Services\NavbarService;
//use App\Models\ScoreModel; //use App\Models\ScoreModel;
@@ -277,7 +280,7 @@ class GradingController extends Controller
$semEsc = $this->db->escape($semester); $semEsc = $this->db->escape($semester);
$yrEsc = $this->db->escape($schoolYear); $yrEsc = $this->db->escape($schoolYear);
$rows = $this->buildGradingRows($semEsc, $yrEsc, $schoolYear); $rows = $this->buildGradingRows($semEsc, $yrEsc, $schoolYear, $semester);
// Preload quiz/homework/project/participation/midterm score counts to distinguish true zeros from empty scores // Preload quiz/homework/project/participation/midterm score counts to distinguish true zeros from empty scores
$quizCounts = []; $quizCounts = [];
@@ -423,7 +426,7 @@ class GradingController extends Controller
} }
} }
// Reload rows after refresh // Reload rows after refresh
$rows = $this->buildGradingRows($semEsc, $yrEsc, $schoolYear); $rows = $this->buildGradingRows($semEsc, $yrEsc, $schoolYear, $semester);
} }
// Build structures keyed by BUSINESS section id // Build structures keyed by BUSINESS section id
@@ -1079,11 +1082,14 @@ class GradingController extends Controller
$schoolYears = $this->getSchoolYearsForScores($schoolYear); $schoolYears = $this->getSchoolYearsForScores($schoolYear);
$rows = $this->fetchBelowSixtyRows($schoolYear, $semester); $rows = $this->fetchBelowSixtyRows($schoolYear, $semester);
$canViewGrading = $this->userHasMenuUrl('grading');
return view('grading/below_sixty', [ return view('grading/below_sixty', [
'rows' => $rows, 'rows' => $rows,
'semester' => $semester, 'semester' => $semester,
'schoolYear' => $schoolYear, 'schoolYear' => $schoolYear,
'schoolYears' => $schoolYears, 'schoolYears' => $schoolYears,
'canViewGrading' => $canViewGrading,
]); ]);
} }
@@ -1212,6 +1218,14 @@ class GradingController extends Controller
$flagModel = new CurrentFlagModel(); $flagModel = new CurrentFlagModel();
$semKey = strtolower(trim($semester)); $semKey = strtolower(trim($semester));
$redirectUrl = base_url('grading/below-60');
$query = http_build_query([
'semester' => $semester,
'school_year' => $schoolYear,
]);
if ($query !== '') {
$redirectUrl .= '?' . $query;
}
$existing = $flagModel $existing = $flagModel
->where('student_id', $studentId) ->where('student_id', $studentId)
@@ -1222,11 +1236,14 @@ class GradingController extends Controller
$userId = (int)(session()->get('user_id') ?? 0) ?: null; $userId = (int)(session()->get('user_id') ?? 0) ?: null;
$now = utc_now(); $now = utc_now();
$ok = true;
if ($existing) { if ($existing) {
$data = [ $data = [
'flag_state' => $status, 'flag_state' => $status,
'flag_datetime' => $now, 'flag_datetime' => $now,
'semester' => $semester,
'school_year' => $schoolYear,
'updated_at' => $now, 'updated_at' => $now,
]; ];
if ($status === 'Open') { if ($status === 'Open') {
@@ -1242,7 +1259,7 @@ class GradingController extends Controller
$data['close_description'] = trim($prev . PHP_EOL . $note); $data['close_description'] = trim($prev . PHP_EOL . $note);
} }
} }
$flagModel->update((int)$existing['id'], $data); $ok = (bool) $flagModel->update((int)$existing['id'], $data);
} else { } else {
$row = $this->fetchBelowSixtyEmailRow($studentId, $schoolYear, $semester); $row = $this->fetchBelowSixtyEmailRow($studentId, $schoolYear, $semester);
$studentName = trim((string)($row['firstname'] ?? '') . ' ' . (string)($row['lastname'] ?? '')); $studentName = trim((string)($row['firstname'] ?? '') . ' ' . (string)($row['lastname'] ?? ''));
@@ -1265,10 +1282,21 @@ class GradingController extends Controller
$data['updated_by_closed'] = $userId; $data['updated_by_closed'] = $userId;
if ($note !== '') $data['close_description'] = $note; if ($note !== '') $data['close_description'] = $note;
} }
$flagModel->insert($data); $ok = (bool) $flagModel->insert($data);
} }
return redirect()->back()->with('status', 'Status updated.'); if (!$ok) {
log_message('error', 'updateBelowSixtyStatus failed', [
'student_id' => $studentId,
'semester' => $semester,
'school_year' => $schoolYear,
'status' => $status,
'errors' => $flagModel->errors(),
]);
return redirect()->to($redirectUrl)->with('error', 'Failed to update status.');
}
return redirect()->to($redirectUrl)->with('status', 'Status updated.');
} }
public function scheduleBelowSixty() public function scheduleBelowSixty()
@@ -1551,7 +1579,7 @@ class GradingController extends Controller
* @param string $schoolYear Raw school year value for filtering student_class * @param string $schoolYear Raw school year value for filtering student_class
* @return array * @return array
*/ */
private function buildGradingRows(string $semEsc, string $yrEsc, string $schoolYear): array private function buildGradingRows(string $semEsc, string $yrEsc, string $schoolYear, string $semesterRaw): array
{ {
$builder = $this->db->table('student_class sc') $builder = $this->db->table('student_class sc')
->select([ ->select([
@@ -1579,6 +1607,7 @@ class GradingController extends Controller
'ss_b.class_section_id AS matched_biz_csid', 'ss_b.class_section_id AS matched_biz_csid',
'ss_p.class_section_id AS matched_pk_csid' 'ss_p.class_section_id AS matched_pk_csid'
]) ])
->distinct()
->join('`classSection` cs', 'cs.class_section_id = sc.class_section_id', 'left') ->join('`classSection` cs', 'cs.class_section_id = sc.class_section_id', 'left')
->join('students s', 's.id = sc.student_id', 'inner') ->join('students s', 's.id = sc.student_id', 'inner')
->join( ->join(
@@ -1793,9 +1822,10 @@ class GradingController extends Controller
} }
$statusMap = []; $statusMap = [];
$noteMap = [];
if (!empty($studentIds)) { if (!empty($studentIds)) {
$flagRows = $this->db->table('current_flag') $flagRows = $this->db->table('current_flag')
->select('student_id, flag_state') ->select('student_id, flag_state, open_description, close_description')
->where('flag', 'grade') ->where('flag', 'grade')
->where('school_year', $schoolYear) ->where('school_year', $schoolYear)
->where("LOWER(TRIM(semester))", $semesterKey) ->where("LOWER(TRIM(semester))", $semesterKey)
@@ -1806,6 +1836,12 @@ class GradingController extends Controller
$sid = (int)($row['student_id'] ?? 0); $sid = (int)($row['student_id'] ?? 0);
if ($sid <= 0) continue; if ($sid <= 0) continue;
$statusMap[$sid] = (string)($row['flag_state'] ?? ''); $statusMap[$sid] = (string)($row['flag_state'] ?? '');
$openNote = trim((string)($row['open_description'] ?? ''));
$closeNote = trim((string)($row['close_description'] ?? ''));
$noteMap[$sid] = [
'open' => $openNote,
'closed' => $closeNote,
];
} }
} }
@@ -1814,6 +1850,15 @@ class GradingController extends Controller
$row['comment'] = $commentMap[$sid] ?? ''; $row['comment'] = $commentMap[$sid] ?? '';
$flagState = strtolower(trim((string)($statusMap[$sid] ?? ''))); $flagState = strtolower(trim((string)($statusMap[$sid] ?? '')));
$row['status'] = ($flagState === 'closed' || $flagState === 'canceled') ? 'Closed' : 'Open'; $row['status'] = ($flagState === 'closed' || $flagState === 'canceled') ? 'Closed' : 'Open';
$noteBag = $noteMap[$sid] ?? ['open' => '', 'closed' => ''];
$rawNote = $row['status'] === 'Closed' ? (string)$noteBag['closed'] : (string)$noteBag['open'];
if ($rawNote !== '') {
$lines = preg_split('/\R/', $rawNote);
$lines = array_values(array_filter(array_map('trim', $lines), static fn($val) => $val !== ''));
$row['note'] = $lines ? end($lines) : '';
} else {
$row['note'] = '';
}
} }
unset($row); unset($row);
@@ -1863,6 +1908,121 @@ class GradingController extends Controller
return $row; return $row;
} }
private function userHasMenuUrl(string $needle): bool
{
$needle = strtolower(trim($needle));
if ($needle === '') {
return false;
}
$rawRole = session()->get('role');
$roles = is_array($rawRole) ? $rawRole : [$rawRole ?? 'guest'];
$roles = array_values(array_filter(array_map('strval', $roles)));
if (empty($roles)) {
return false;
}
$service = new NavbarService();
$menu = $service->getMenuForRoles($roles);
if (empty($menu)) {
return false;
}
$normalize = static function (string $url) use ($needle): string {
$url = strtolower(trim($url));
if ($url === '') return '';
$url = preg_replace('#^https?://[^/]+/#i', '', $url);
$url = ltrim($url, '/');
return $url;
};
$target = $normalize($needle);
$stack = $menu;
while (!empty($stack)) {
$node = array_shift($stack);
if (!empty($node['url'])) {
$url = $normalize((string)$node['url']);
if ($url !== '' && $url === $target) {
return true;
}
}
if (!empty($node['children']) && is_array($node['children'])) {
foreach ($node['children'] as $child) {
$stack[] = $child;
}
}
}
return false;
}
private function fetchAllSemestersForStudent(int $studentId, string $schoolYear): array
{
$rows = $this->db->table('semester_scores ss')
->select([
'ss.semester',
'cs.class_section_name',
'ss.homework_avg',
'ss.project_avg',
'ss.participation_score',
'COALESCE(ss.test_avg, ss.quiz_avg) AS test_avg',
'ss.ptap_score',
'ss.attendance_score',
'ss.midterm_exam_score',
'ss.final_exam_score',
'ss.semester_score',
])
->join('classSection cs', 'cs.class_section_id = ss.class_section_id', 'left')
->where('ss.student_id', $studentId)
->where('ss.school_year', $schoolYear)
->orderBy('ss.semester', 'ASC')
->get()
->getResultArray();
$semesters = [];
foreach ($rows as $sr) {
$sem = ucfirst(strtolower(trim((string)($sr['semester'] ?? ''))));
$semesters[$sem] = [
'semester' => $sem,
'class_section_name' => $sr['class_section_name'] ?? '',
'homework_avg' => $sr['homework_avg'] ?? null,
'project_avg' => $sr['project_avg'] ?? null,
'participation_score' => $sr['participation_score'] ?? null,
'test_avg' => $sr['test_avg'] ?? null,
'ptap_score' => $sr['ptap_score'] ?? null,
'attendance_score' => $sr['attendance_score'] ?? null,
'midterm_exam_score' => $sr['midterm_exam_score'] ?? null,
'final_exam_score' => $sr['final_exam_score'] ?? null,
'semester_score' => $sr['semester_score'] ?? null,
'comments' => [],
];
}
if (!empty($semesters)) {
$commentRows = $this->db->table('score_comments')
->select('semester, score_type, comment, created_at')
->where('student_id', $studentId)
->where('school_year', $schoolYear)
->where('comment IS NOT NULL', null, false)
->where('comment !=', '')
->orderBy('semester', 'ASC')
->orderBy('score_type', 'ASC')
->orderBy('created_at', 'DESC')
->get()
->getResultArray();
foreach ($commentRows as $c) {
$sem = ucfirst(strtolower(trim((string)($c['semester'] ?? ''))));
$type = strtolower(trim((string)($c['score_type'] ?? 'general')));
if (isset($semesters[$sem]) && !isset($semesters[$sem]['comments'][$type])) {
$semesters[$sem]['comments'][$type] = (string)($c['comment'] ?? '');
}
}
}
return array_values($semesters);
}
private function fetchBelowSixtyParentName(int $studentId): string private function fetchBelowSixtyParentName(int $studentId): string
{ {
$parentName = 'Parent/Guardian'; $parentName = 'Parent/Guardian';
@@ -2033,6 +2193,556 @@ class GradingController extends Controller
} }
public function belowSixtyDecisions()
{
$configuredSemester = (string) $this->semester;
$configuredYear = (string) $this->schoolYear;
$semester = trim((string)($this->request->getGet('semester') ?? ''));
$schoolYear = trim((string)($this->request->getGet('school_year') ?? ''));
if ($semester === '') $semester = $configuredSemester !== '' ? $configuredSemester : 'Fall';
if ($schoolYear === '') $schoolYear = $configuredYear;
$schoolYears = $this->getSchoolYearsForScores($schoolYear);
$rows = $this->fetchBelowSixtyRows($schoolYear, $semester);
$decisionModel = new BelowSixtyDecisionModel();
$studentIds = array_values(array_unique(array_filter(
array_map(static fn($r) => (int)($r['student_id'] ?? 0), $rows),
static fn($id) => $id > 0
)));
$decisionMap = [];
if (!empty($studentIds)) {
$dRows = $decisionModel
->whereIn('student_id', $studentIds)
->where('semester', $semester)
->where('school_year', $schoolYear)
->findAll();
foreach ($dRows as $d) {
$decisionMap[(int)$d['student_id']] = $d;
}
}
foreach ($rows as &$row) {
$sid = (int)($row['student_id'] ?? 0);
$row['decision'] = $decisionMap[$sid]['decision'] ?? '';
$row['decision_notes'] = $decisionMap[$sid]['notes'] ?? '';
}
unset($row);
// Load consolidated decisions from student_decisions for this term
$sdModel = new StudentDecisionModel();
$sdRows = $sdModel
->where('semester', $semester)
->where('school_year', $schoolYear)
->findAll();
$sdMap = [];
foreach ($sdRows as $sd) {
$sdMap[(int)$sd['student_id']] = $sd;
}
// Load the most recent certificate per student for this school_year
$studentIds = array_values(array_unique(array_filter(
array_map(static fn($r) => (int)($r['student_id'] ?? 0), $rows),
static fn($id) => $id > 0
)));
$certMap = [];
if (!empty($studentIds)) {
$certRows = $this->db->table('certificate_records')
->select('student_id, certificate_number, issued_at')
->where('school_year', $schoolYear)
->whereIn('student_id', $studentIds)
->orderBy('issued_at', 'DESC')
->get()->getResultArray();
foreach ($certRows as $cr) {
$sid = (int)($cr['student_id'] ?? 0);
if ($sid > 0 && !isset($certMap[$sid])) {
$certMap[$sid] = (string)($cr['certificate_number'] ?? '');
}
}
}
foreach ($rows as &$row) {
$sid = (int)($row['student_id'] ?? 0);
$row['consolidated_decision'] = $sdMap[$sid]['decision'] ?? null;
$row['certificate_number'] = $certMap[$sid] ?? '';
}
unset($row);
$canViewGrading = $this->userHasMenuUrl('grading');
return view('grading/below_sixty_decisions', [
'rows' => $rows,
'semester' => $semester,
'schoolYear' => $schoolYear,
'schoolYears' => $schoolYears,
'canViewGrading' => $canViewGrading,
]);
}
public function saveBelowSixtyDecision()
{
$studentId = (int)$this->request->getPost('student_id');
$semester = trim((string)$this->request->getPost('semester'));
$schoolYear = trim((string)$this->request->getPost('school_year'));
$decision = trim((string)$this->request->getPost('decision'));
$notes = trim((string)$this->request->getPost('notes'));
if ($studentId <= 0 || $semester === '' || $schoolYear === '') {
return redirect()->back()->with('error', 'Missing required data.');
}
$allowed = ['', 'Pass', 'Repeat Class', 'Make-up exam in fall', 'Deferred decision', 'Expel', 'Withdrawn'];
if (!in_array($decision, $allowed, true)) {
return redirect()->back()->with('error', 'Invalid decision value.');
}
$decisionModel = new BelowSixtyDecisionModel();
$existing = $decisionModel
->where('student_id', $studentId)
->where('semester', $semester)
->where('school_year', $schoolYear)
->first();
$userId = (int)(session()->get('user_id') ?? 0) ?: null;
$payload = [
'decision' => $decision !== '' ? $decision : null,
'notes' => $notes !== '' ? $notes : null,
'decided_by' => $userId,
];
if ($existing) {
$decisionModel->update((int)$existing['id'], $payload);
} else {
$payload['student_id'] = $studentId;
$payload['semester'] = $semester;
$payload['school_year'] = $schoolYear;
$decisionModel->insert($payload);
}
$query = http_build_query(['semester' => $semester, 'school_year' => $schoolYear]);
return redirect()->to(base_url('grading/below-60/decisions') . ($query ? '?' . $query : ''))
->with('status', 'Decision saved.');
}
public function studentDecisionDetails()
{
$studentId = (int)$this->request->getGet('student_id');
$schoolYear = trim((string)$this->request->getGet('school_year'));
if ($studentId <= 0 || $schoolYear === '') {
return $this->response->setJSON(['error' => 'Missing student or school year.'])->setStatusCode(400);
}
return $this->response->setJSON([
'semesters' => $this->fetchAllSemestersForStudent($studentId, $schoolYear),
]);
}
public function previewDecisionEmail()
{
$studentId = (int)$this->request->getGet('student_id');
$semester = trim((string)$this->request->getGet('semester'));
$schoolYear = trim((string)$this->request->getGet('school_year'));
if ($studentId <= 0 || $semester === '' || $schoolYear === '') {
return $this->response->setJSON(['error' => 'Missing student or term.'])->setStatusCode(400);
}
$row = $this->fetchBelowSixtyEmailRow($studentId, $schoolYear, $semester);
if (empty($row)) {
return $this->response->setJSON(['error' => 'Student not found.'])->setStatusCode(404);
}
$decisionModel = new BelowSixtyDecisionModel();
$decisionRow = $decisionModel
->where('student_id', $studentId)
->where('semester', $semester)
->where('school_year', $schoolYear)
->first();
$decision = (string)($decisionRow['decision'] ?? '');
$notes = (string)($decisionRow['notes'] ?? '');
$studentName = trim((string)($row['firstname'] ?? '') . ' ' . (string)($row['lastname'] ?? ''));
$parentName = $this->fetchBelowSixtyParentName($studentId);
$subject = 'Academic Decision';
if ($studentName !== '') $subject .= ' — ' . $studentName;
if ($semester !== '' || $schoolYear !== '') {
$subject .= ' (' . trim($semester . ' ' . $schoolYear) . ')';
}
$scores = [
'homework_avg' => $row['homework_avg'] ?? null,
'project_avg' => $row['project_avg'] ?? null,
'participation_score' => $row['participation_score'] ?? null,
'test_avg' => $row['test_avg'] ?? null,
'ptap_score' => $row['ptap_score'] ?? null,
'attendance_score' => $row['attendance_score'] ?? null,
'midterm_exam_score' => $row['midterm_exam_score'] ?? null,
'semester_score' => $row['semester_score'] ?? null,
];
// Fetch all semesters' scores + comments for the email
$allSemesters = $this->fetchAllSemestersForStudent($studentId, $schoolYear);
$html = view('emails/below_sixty_decision', [
'title' => $subject,
'parent_name' => $parentName,
'student_name' => $studentName !== '' ? $studentName : 'your student',
'class_section_name' => $row['class_section_name'] ?? '',
'semester' => $semester,
'school_year' => $schoolYear,
'decision' => $decision,
'notes' => $notes,
'scores' => $scores,
'all_semesters' => array_values($allSemesters),
], ['saveData' => true]);
return $this->response->setJSON([
'subject' => $subject,
'html' => $html,
'student_id' => $studentId,
]);
}
public function editDecisionEmail()
{
$studentId = (int)$this->request->getGet('student_id');
$semester = trim((string)$this->request->getGet('semester'));
$schoolYear = trim((string)$this->request->getGet('school_year'));
if ($studentId <= 0 || $semester === '' || $schoolYear === '') {
return redirect()->back()->with('error', 'Missing student or term.');
}
$row = $this->fetchBelowSixtyEmailRow($studentId, $schoolYear, $semester);
if (empty($row)) {
return redirect()->back()->with('error', 'Student record not found for the selected term.');
}
$decisionModel = new BelowSixtyDecisionModel();
$decisionRow = $decisionModel
->where('student_id', $studentId)
->where('semester', $semester)
->where('school_year', $schoolYear)
->first();
$decision = (string)($decisionRow['decision'] ?? '');
$notes = (string)($decisionRow['notes'] ?? '');
$studentName = trim((string)($row['firstname'] ?? '') . ' ' . (string)($row['lastname'] ?? ''));
$parentName = $this->fetchBelowSixtyParentName($studentId);
$subject = 'Academic Decision';
if ($studentName !== '') $subject .= ' — ' . $studentName;
if ($semester !== '' || $schoolYear !== '') {
$subject .= ' (' . trim($semester . ' ' . $schoolYear) . ')';
}
$scores = [
'homework_avg' => $row['homework_avg'] ?? null,
'project_avg' => $row['project_avg'] ?? null,
'participation_score' => $row['participation_score'] ?? null,
'test_avg' => $row['test_avg'] ?? null,
'ptap_score' => $row['ptap_score'] ?? null,
'attendance_score' => $row['attendance_score'] ?? null,
'midterm_exam_score' => $row['midterm_exam_score'] ?? null,
'semester_score' => $row['semester_score'] ?? null,
];
$html = view('emails/below_sixty_decision', [
'title' => $subject,
'parent_name' => $parentName,
'student_name' => $studentName !== '' ? $studentName : 'your student',
'class_section_name' => $row['class_section_name'] ?? '',
'semester' => $semester,
'school_year' => $schoolYear,
'decision' => $decision,
'notes' => $notes,
'scores' => $scores,
], ['saveData' => true]);
return view('grading/below_sixty_decision_email_editor', [
'studentId' => $studentId,
'studentName' => $studentName,
'semester' => $semester,
'schoolYear' => $schoolYear,
'subject' => $subject,
'html' => $html,
'decision' => $decision,
]);
}
public function sendDecisionEmail()
{
$studentId = (int)$this->request->getPost('student_id');
$semester = trim((string)$this->request->getPost('semester'));
$schoolYear = trim((string)$this->request->getPost('school_year'));
$subjectInput= trim((string)$this->request->getPost('subject'));
$htmlInput = (string)($this->request->getPost('html') ?? '');
if ($studentId <= 0 || $semester === '' || $schoolYear === '') {
return redirect()->back()->with('error', 'Missing student or term.');
}
$row = $this->fetchBelowSixtyEmailRow($studentId, $schoolYear, $semester);
if (empty($row)) {
return redirect()->back()->with('error', 'Student record not found for the selected term.');
}
$decisionModel = new BelowSixtyDecisionModel();
$decisionRow = $decisionModel
->where('student_id', $studentId)
->where('semester', $semester)
->where('school_year', $schoolYear)
->first();
$studentName = trim((string)($row['firstname'] ?? '') . ' ' . (string)($row['lastname'] ?? ''));
$subject = $subjectInput !== '' ? $subjectInput : ('Academic Decision — ' . $studentName . ' (' . trim($semester . ' ' . $schoolYear) . ')');
$allSemesters = $this->fetchAllSemestersForStudent($studentId, $schoolYear);
$payload = [
'student_id' => $studentId,
'student_name' => $studentName,
'class_section_name' => $row['class_section_name'] ?? '',
'semester' => $semester,
'school_year' => $schoolYear,
'decision' => (string)($decisionRow['decision'] ?? ''),
'notes' => (string)($decisionRow['notes'] ?? ''),
'subject' => $subject,
'all_semesters' => $allSemesters,
'scores' => [
'homework_avg' => $row['homework_avg'] ?? null,
'project_avg' => $row['project_avg'] ?? null,
'participation_score' => $row['participation_score'] ?? null,
'test_avg' => $row['test_avg'] ?? null,
'ptap_score' => $row['ptap_score'] ?? null,
'attendance_score' => $row['attendance_score'] ?? null,
'midterm_exam_score' => $row['midterm_exam_score'] ?? null,
'semester_score' => $row['semester_score'] ?? null,
],
];
if (trim($htmlInput) !== '') {
$payload['html'] = $htmlInput;
}
\CodeIgniter\Events\Events::trigger('below60.decision_email', $payload);
$query = http_build_query(['semester' => $semester, 'school_year' => $schoolYear]);
return redirect()->to(base_url('grading/below-60/decisions') . ($query ? '?' . $query : ''))
->with('status', 'Decision email sent to parent(s).');
}
public function allDecisions()
{
$configuredSemester = (string)$this->semester;
$configuredYear = (string)$this->schoolYear;
$semester = trim((string)($this->request->getGet('semester') ?? ''));
$schoolYear = trim((string)($this->request->getGet('school_year') ?? ''));
if ($semester === '') $semester = $configuredSemester !== '' ? $configuredSemester : 'Fall';
if ($schoolYear === '') $schoolYear = $configuredYear;
$schoolYears = $this->getSchoolYearsForScores($schoolYear);
// Load saved decisions for this term
$decModel = new StudentDecisionModel();
$saved = $decModel
->where('semester', $semester)
->where('school_year', $schoolYear)
->findAll();
$savedMap = [];
foreach ($saved as $s) {
$savedMap[(int)$s['student_id']] = $s;
}
// All semester_scores rows for this term (one per student)
$semKey = strtolower(trim($semester));
$scoreRows = $this->db->table('semester_scores ss')
->select([
's.id AS student_id',
's.school_id',
's.firstname',
's.lastname',
'cs.class_section_name',
'ss.semester_score',
])
->join('students s', 's.id = ss.student_id', 'inner')
->join('classSection cs', 'cs.class_section_id = ss.class_section_id', 'left')
->where('s.is_active', 1)
->where('ss.school_year', $schoolYear)
->where("LOWER(TRIM(ss.semester))", $semKey)
->where('ss.semester_score IS NOT NULL', null, false)
->orderBy('cs.class_section_name', 'ASC')
->orderBy('s.lastname', 'ASC')
->orderBy('s.firstname', 'ASC')
->get()->getResultArray();
// Pull below-60 decisions
$belowDecModel = new BelowSixtyDecisionModel();
$belowRows = $belowDecModel
->where('semester', $semester)
->where('school_year', $schoolYear)
->findAll();
$belowMap = [];
foreach ($belowRows as $b) {
$belowMap[(int)$b['student_id']] = $b;
}
// Build rows combining live scores with saved/computed decisions
$rows = [];
foreach ($scoreRows as $sr) {
$sid = (int)$sr['student_id'];
$score = is_numeric($sr['semester_score']) ? (float)$sr['semester_score'] : null;
if (isset($savedMap[$sid])) {
$decision = (string)($savedMap[$sid]['decision'] ?? '');
$source = (string)($savedMap[$sid]['source'] ?? 'auto');
$notes = (string)($savedMap[$sid]['notes'] ?? '');
} elseif ($score !== null && $score >= 60) {
$decision = 'Pass';
$source = 'auto';
$notes = '';
} elseif ($score !== null && isset($belowMap[$sid])) {
$decision = (string)($belowMap[$sid]['decision'] ?? '');
$source = $decision !== '' ? 'manual' : 'pending';
$notes = (string)($belowMap[$sid]['notes'] ?? '');
} else {
$decision = $score !== null ? '' : '';
$source = 'pending';
$notes = '';
}
$rows[] = [
'student_id' => $sid,
'school_id' => $sr['school_id'] ?? '',
'firstname' => $sr['firstname'] ?? '',
'lastname' => $sr['lastname'] ?? '',
'class_section_name' => $sr['class_section_name'] ?? '',
'semester_score' => $score,
'decision' => $decision,
'source' => $source,
'notes' => $notes,
'saved' => isset($savedMap[$sid]),
];
}
$generated = !empty($saved);
return view('grading/all_decisions', [
'rows' => $rows,
'semester' => $semester,
'schoolYear' => $schoolYear,
'schoolYears' => $schoolYears,
'generated' => $generated,
]);
}
public function generateAllDecisions()
{
$semester = trim((string)$this->request->getPost('semester'));
$schoolYear = trim((string)$this->request->getPost('school_year'));
if ($semester === '' || $schoolYear === '') {
return redirect()->back()->with('error', 'Missing semester or school year.');
}
$semKey = strtolower(trim($semester));
$scoreRows = $this->db->table('semester_scores ss')
->select([
's.id AS student_id',
's.firstname',
's.lastname',
'cs.class_section_name',
'ss.semester_score',
])
->join('students s', 's.id = ss.student_id', 'inner')
->join('classSection cs', 'cs.class_section_id = ss.class_section_id', 'left')
->where('s.is_active', 1)
->where('ss.school_year', $schoolYear)
->where("LOWER(TRIM(ss.semester))", $semKey)
->where('ss.semester_score IS NOT NULL', null, false)
->get()->getResultArray();
if (empty($scoreRows)) {
return redirect()->back()->with('error', 'No semester scores found for this selection.');
}
// Pull all below-60 decisions for this term
$belowDecModel = new BelowSixtyDecisionModel();
$belowRows = $belowDecModel
->where('semester', $semester)
->where('school_year', $schoolYear)
->findAll();
$belowMap = [];
foreach ($belowRows as $b) {
$belowMap[(int)$b['student_id']] = $b;
}
// Load existing saved decisions to upsert
$decModel = new StudentDecisionModel();
$existing = $decModel
->where('semester', $semester)
->where('school_year', $schoolYear)
->findAll();
$existingMap = [];
foreach ($existing as $e) {
$existingMap[(int)$e['student_id']] = $e;
}
$userId = (int)(session()->get('user_id') ?? 0) ?: null;
$now = utc_now();
$saved = 0;
foreach ($scoreRows as $sr) {
$sid = (int)$sr['student_id'];
$score = is_numeric($sr['semester_score']) ? (float)$sr['semester_score'] : null;
if ($score === null) continue;
if ($score >= 60) {
$decision = 'Pass';
$source = 'auto';
$notes = null;
} elseif (isset($belowMap[$sid]) && (string)($belowMap[$sid]['decision'] ?? '') !== '') {
$decision = (string)$belowMap[$sid]['decision'];
$source = 'manual';
$notes = ($belowMap[$sid]['notes'] ?? '') !== '' ? (string)$belowMap[$sid]['notes'] : null;
} else {
$decision = null;
$source = 'pending';
$notes = null;
}
$payload = [
'student_id' => $sid,
'semester' => $semester,
'school_year' => $schoolYear,
'class_section_name' => $sr['class_section_name'] ?? null,
'semester_score' => $score,
'decision' => $decision,
'source' => $source,
'notes' => $notes,
'generated_by' => $userId,
];
if (isset($existingMap[$sid])) {
$decModel->update($existingMap[$sid]['id'], $payload);
} else {
$decModel->insert($payload);
}
$saved++;
}
$query = http_build_query(['semester' => $semester, 'school_year' => $schoolYear]);
return redirect()->to(base_url('grading/decisions') . '?' . $query)
->with('status', "Decisions generated for {$saved} students.");
}
public function getScoreComment() public function getScoreComment()
{ {
// Get all students for the current semester and school year // Get all students for the current semester and school year
+2 -4
View File
@@ -482,6 +482,7 @@ class HomeworkController extends Controller
// Step 1: Get student IDs from student_class table // Step 1: Get student IDs from student_class table
$studentClassRows = $this->studentClassModel $studentClassRows = $this->studentClassModel
->select('student_id') ->select('student_id')
->distinct()
->where('class_section_id', $classSectionId) ->where('class_section_id', $classSectionId)
->where('school_year', $schoolYear) ->where('school_year', $schoolYear)
->findAll(); ->findAll();
@@ -534,10 +535,7 @@ class HomeworkController extends Controller
private function getStudentsWithHomeworkScores($classSectionId, $homeworkHeaders, $semester, $schoolYear) private function getStudentsWithHomeworkScores($classSectionId, $homeworkHeaders, $semester, $schoolYear)
{ {
$semVariants = $this->getSemesterVariants($semester); $semVariants = $this->getSemesterVariants($semester);
$studentClasses = $this->studentClassModel $studentClasses = $this->studentClassModel->getClassStudents($classSectionId, $schoolYear, null);
->active()
->where('student_class.class_section_id', $classSectionId)
->findAll();
$students = []; $students = [];
foreach ($studentClasses as $sc) { foreach ($studentClasses as $sc) {
@@ -86,6 +86,7 @@ class HomeworkTrackingController extends BaseController
$hasHomework = []; $hasHomework = [];
$hwEnteredAt = []; $hwEnteredAt = [];
$homeworkSubmissionCounts = [];
foreach ($rows as $r) { foreach ($rows as $r) {
$csid = (int)($r['class_section_id'] ?? 0); $csid = (int)($r['class_section_id'] ?? 0);
$hi = (int)($r['homework_index'] ?? 0); $hi = (int)($r['homework_index'] ?? 0);
@@ -94,6 +95,7 @@ class HomeworkTrackingController extends BaseController
$hasHomework[$csid][$hi] = true; $hasHomework[$csid][$hi] = true;
$dateStr = substr((string)($r['first_created'] ?? ''), 0, 10); $dateStr = substr((string)($r['first_created'] ?? ''), 0, 10);
$hwEnteredAt[$csid][$hi] = $dateStr ?: null; $hwEnteredAt[$csid][$hi] = $dateStr ?: null;
$homeworkSubmissionCounts[$csid] = ($homeworkSubmissionCounts[$csid] ?? 0) + 1;
} }
} }
@@ -217,6 +219,7 @@ class HomeworkTrackingController extends BaseController
'teachers' => $teachersPage, 'teachers' => $teachersPage,
'hasHomework' => $hasHomework, 'hasHomework' => $hasHomework,
'hwEnteredAt' => $hwEnteredAt, 'hwEnteredAt' => $hwEnteredAt,
'homeworkSubmissionCounts' => $homeworkSubmissionCounts,
'hasHomeworkByDate' => $hasHomeworkByDate, 'hasHomeworkByDate' => $hasHomeworkByDate,
'hwEnteredAtByDate' => $hwEnteredAtByDate, 'hwEnteredAtByDate' => $hwEnteredAtByDate,
'page' => $page, 'page' => $page,
+125 -29
View File
@@ -381,18 +381,24 @@ class InvoiceController extends ResourceController
return false; return false;
} }
public function generateInvoice(string $parentId = null) public function generateInvoice(
string $parentId = null,
?string $schoolYearOverride = null,
?string $semesterOverride = null,
bool $recalculateDiscounts = true
)
{ {
$isAjax = $this->request->isAJAX() || str_contains(strtolower($this->request->getHeaderLine('Accept')), 'application/json'); $isAjax = $this->request->isAJAX() || str_contains(strtolower($this->request->getHeaderLine('Accept')), 'application/json');
if ($parentId == null) { if ($parentId == null) {
$parentId = (int)$this->request->getPost('parent_id'); $parentId = (int)$this->request->getPost('parent_id');
} }
$schoolYear = (string) $this->schoolYear; $schoolYear = (string) ($schoolYearOverride ?: $this->schoolYear);
$semester = (string) ($semesterOverride ?: $this->semester);
// Fetch enrolled + withdrawn students // Fetch enrolled + withdrawn students
$enrollments = $this->enrollmentModel $enrollments = $this->enrollmentModel
->where('parent_id', $parentId) ->where('parent_id', $parentId)
->where('school_year', $this->schoolYear) ->where('school_year', $schoolYear)
->findAll(); ->findAll();
if (empty($enrollments)) { if (empty($enrollments)) {
@@ -444,21 +450,23 @@ class InvoiceController extends ResourceController
$tuitionFee = $fees['tuition_fee']; $tuitionFee = $fees['tuition_fee'];
// ✅ Fetch event charges // ✅ Fetch event charges
$eventsList = $this->chargesModel->getChargesWithEventInfo($parentId, $this->schoolYear); $eventsList = $this->chargesModel->getChargesWithEventInfo($parentId, $schoolYear);
$eventchargeTotal = array_sum(array_column($eventsList, 'charged')); $eventchargeTotal = array_sum(array_column($eventsList, 'charged'));
$totalDiscount = $this->recalculateAndUpdateDiscount( $totalDiscount = 0.0;
$parentId, if ($recalculateDiscounts) {
$this->schoolYear, $totalDiscount = $this->recalculateAndUpdateDiscount(
$tuitionFee, $parentId,
$enrollments $schoolYear,
); $tuitionFee,
$enrollments
);
}
$semester = $this->semester;
// ✅ Refunds PAID to the parent for this year (Partial/Paid) // ✅ Refunds PAID to the parent for this year (Partial/Paid)
$refundPaid = (float) $this->refundModel->getTotalApprovedRefundByParentIdAndSchoolYear($parentId, $this->schoolYear); $refundPaid = (float) $this->refundModel->getTotalApprovedRefundByParentIdAndSchoolYear($parentId, $schoolYear);
$totalPaid = $this->paymentModel->getTotalPaidByParentId($parentId, $this->schoolYear); $totalPaid = $this->paymentModel->getTotalPaidByParentId($parentId, $schoolYear);
$discountedTuition = max(0, $tuitionFee); $discountedTuition = max(0, $tuitionFee);
$totalAmount = $discountedTuition + $eventchargeTotal; $totalAmount = $discountedTuition + $eventchargeTotal;
@@ -469,17 +477,22 @@ class InvoiceController extends ResourceController
- $refundPaid // approved refunds paid to parent - $refundPaid // approved refunds paid to parent
- $totalPaid; // payments received - $totalPaid; // payments received
// Your invoice fetch // Business rule: single invoice per parent per school year.
$existingInvoices = $this->invoiceModel->getInvoicesByParentId($parentId, $this->schoolYear); // If legacy duplicates exist, prefer the invoice that already has a discount applied,
// otherwise use the latest invoice for the parent/year.
$invoice = $this->selectActiveInvoiceForParentYear((int)$parentId, $schoolYear);
$updated = false; $updated = false;
$updatedIds = []; $updatedIds = [];
if (!empty($existingInvoices)) { if (!empty($invoice) && isset($invoice['id'])) {
foreach ($existingInvoices as $invoice) { $paymentExclude = ['void', 'voided', 'refunded', 'failed', 'chargeback', 'declined', 'reversed', 'canceled', 'cancelled'];
if (!isset($invoice['id'])) { $paymentsHasStatus = false;
continue; $paymentsHasVoid = false;
} try {
$paymentsHasStatus = $this->db->fieldExists('status', 'payments');
$paymentsHasVoid = $this->db->fieldExists('is_void', 'payments');
} catch (\Throwable $e) {
}
// Preserve applied additional charges and recalc this invoice only // Preserve applied additional charges and recalc this invoice only
$extrasSum = 0.0; $extrasSum = 0.0;
@@ -487,7 +500,7 @@ class InvoiceController extends ResourceController
$rows = $this->db->table('additional_charges') $rows = $this->db->table('additional_charges')
->select('charge_type, amount') ->select('charge_type, amount')
->where('invoice_id', (int)$invoice['id']) ->where('invoice_id', (int)$invoice['id'])
->where('school_year', $this->schoolYear) ->where('school_year', $schoolYear)
->where('status', 'applied') ->where('status', 'applied')
->get()->getResultArray(); ->get()->getResultArray();
foreach ($rows as $r) { foreach ($rows as $r) {
@@ -520,7 +533,7 @@ class InvoiceController extends ResourceController
$r = $this->db->table('refunds') $r = $this->db->table('refunds')
->select('COALESCE(SUM(refund_paid_amount),0) AS tot') ->select('COALESCE(SUM(refund_paid_amount),0) AS tot')
->where('invoice_id', (int)$invoice['id']) ->where('invoice_id', (int)$invoice['id'])
->where('school_year', $this->schoolYear) ->where('school_year', $schoolYear)
->whereIn('status', ['Partial','Paid']) ->whereIn('status', ['Partial','Paid'])
->get()->getRowArray(); ->get()->getRowArray();
$invRefunds = (float)($r['tot'] ?? 0.0); $invRefunds = (float)($r['tot'] ?? 0.0);
@@ -528,8 +541,33 @@ class InvoiceController extends ResourceController
log_message('error', 'refund sum failed for invoice ' . (int)$invoice['id'] . ': ' . $e->getMessage()); log_message('error', 'refund sum failed for invoice ' . (int)$invoice['id'] . ': ' . $e->getMessage());
} }
// Payments recorded on this invoice (denormalized field kept in sync by PaymentController) // Payments recorded on this invoice (sum payments to avoid stale invoice.paid_amount)
$paidOnInv = (float)($invoice['paid_amount'] ?? 0.0); $paidOnInv = 0.0;
try {
$qb = $this->db->table('payments')
->select('COALESCE(SUM(paid_amount),0) AS tot')
->where('invoice_id', (int)$invoice['id'])
->where('paid_amount >', 0);
if ($paymentsHasStatus) {
$qb->groupStart()
->whereNotIn('status', $paymentExclude)
->orWhere('status IS NULL', null, false)
->groupEnd();
}
if ($paymentsHasVoid) {
$qb->groupStart()
->where('is_void', 0)
->orWhere('is_void IS NULL', null, false)
->groupEnd();
}
$row = $qb->get()->getRowArray();
$paidOnInv = (float)($row['tot'] ?? 0.0);
} catch (\Throwable $e) {
log_message('error', 'payment sum failed for invoice ' . (int)$invoice['id'] . ': ' . $e->getMessage());
$paidOnInv = (float)($invoice['paid_amount'] ?? 0.0);
}
$newBalance = $newTotal - $invDiscount - $invRefunds - $paidOnInv; $newBalance = $newTotal - $invDiscount - $invRefunds - $paidOnInv;
$newStatus = ($newBalance <= 0.00001) $newStatus = ($newBalance <= 0.00001)
@@ -547,7 +585,6 @@ class InvoiceController extends ResourceController
$updatedIds[] = (int)$invoice['id']; $updatedIds[] = (int)$invoice['id'];
log_message('info', "Updated invoice ID {$invoice['id']} for parent ID {$parentId}."); log_message('info', "Updated invoice ID {$invoice['id']} for parent ID {$parentId}.");
$updated = true; $updated = true;
}
} else { } else {
// Generate invoice number // Generate invoice number
$schoolId = $this->userModel->getSchoolIdByUserId($parentId); $schoolId = $this->userModel->getSchoolIdByUserId($parentId);
@@ -578,7 +615,7 @@ class InvoiceController extends ResourceController
// Initial balance equals the created total; discounts/refunds/payments will adjust later // Initial balance equals the created total; discounts/refunds/payments will adjust later
'balance' => $totalAmount, 'balance' => $totalAmount,
'status' => 'Unpaid', 'status' => 'Unpaid',
'school_year' => $this->schoolYear, 'school_year' => $schoolYear,
'semester' => $semester, 'semester' => $semester,
'issue_date' => $issueUtc, 'issue_date' => $issueUtc,
'due_date' => $dueUtc, 'due_date' => $dueUtc,
@@ -615,6 +652,47 @@ class InvoiceController extends ResourceController
->with('success', $updated ? 'Invoice updated.' : 'Invoice created.'); ->with('success', $updated ? 'Invoice updated.' : 'Invoice created.');
} }
private function selectActiveInvoiceForParentYear(int $parentId, string $schoolYear): ?array
{
if ($parentId <= 0 || $schoolYear === '') {
return null;
}
// Prefer invoices flagged as having discounts.
$invoice = $this->invoiceModel
->where('parent_id', $parentId)
->where('school_year', $schoolYear)
->where('has_discount', 1)
->orderBy('id', 'DESC')
->first();
if (!empty($invoice)) {
return $invoice;
}
// Fallback: prefer invoices with discount_usages rows.
try {
$row = $this->db->table('invoices i')
->select('i.*')
->join('discount_usages du', 'du.invoice_id = i.id', 'inner')
->where('i.parent_id', $parentId)
->where('i.school_year', $schoolYear)
->orderBy('i.id', 'DESC')
->get()
->getRowArray();
if (!empty($row)) {
return $row;
}
} catch (\Throwable $e) {
}
// Final fallback: latest invoice for parent/year.
return $this->invoiceModel
->where('parent_id', $parentId)
->where('school_year', $schoolYear)
->orderBy('id', 'DESC')
->first();
}
private function recalculateAndUpdateDiscount( private function recalculateAndUpdateDiscount(
int $parentId, int $parentId,
string $schoolYear, string $schoolYear,
@@ -678,7 +756,7 @@ class InvoiceController extends ResourceController
log_message('error', 'additional_charges sum failed for discount recalculation invoice ' . (int)$invoice['id'] . ': ' . $e->getMessage()); log_message('error', 'additional_charges sum failed for discount recalculation invoice ' . (int)$invoice['id'] . ': ' . $e->getMessage());
} }
$baseTotal = round($tuitionFee + $eventchargeTotal + $extrasSum, 2); $baseTotal = round($tuitionFee + $extrasSum, 2);
// Recalculate discount // Recalculate discount
if ($discountUsage['discount_type'] === 'percent') { if ($discountUsage['discount_type'] === 'percent') {
@@ -1266,6 +1344,12 @@ class InvoiceController extends ResourceController
} }
} }
} }
if ($studentName === 'N/A') {
$externalName = trim((string)($event['external_firstname'] ?? '') . ' ' . (string)($event['external_lastname'] ?? ''));
if ($externalName !== '') {
$studentName = $externalName . ' (external)';
}
}
$dt = $toLocal($event['created_at'] ?? null, false); $dt = $toLocal($event['created_at'] ?? null, false);
$amount = (float)($event['charged'] ?? 0.0); $amount = (float)($event['charged'] ?? 0.0);
@@ -1612,12 +1696,24 @@ private function getGradeLevel($grade): array
$invoice['last_payment_date'] = $lastPayments[$invoice['id']]['last_payment_date'] ?? null; $invoice['last_payment_date'] = $lastPayments[$invoice['id']]['last_payment_date'] ?? null;
} }
$invoiceEventCharges = [];
foreach ($invoices as $invoice) {
$year = $invoice['school_year'] ?? $this->schoolYear;
$sem = $invoice['semester'] ?? $this->semester;
$invoiceEventCharges[(int)$invoice['id']] = $this->chargesModel->getChargesWithEventInfo(
$invoice['parent_id'],
$year,
$sem
);
}
return view('/parent/invoice_payment', [ return view('/parent/invoice_payment', [
'invoices' => $invoices, 'invoices' => $invoices,
'schoolYears' => $schoolYears, 'schoolYears' => $schoolYears,
'selectedYear' => $selectedYear, 'selectedYear' => $selectedYear,
'currentSchoolYear' => $currentSchoolYear, 'currentSchoolYear' => $currentSchoolYear,
'dueDate' => $this->dueDate 'dueDate' => $this->dueDate,
'invoiceEventCharges' => $invoiceEventCharges,
]); ]);
} }
+12 -3
View File
@@ -95,6 +95,11 @@ class LandingPageController extends BaseController
return null; return null;
} }
// Teacher class sections only apply to the teacher role; other roles have no teacher_class rows.
if (strtolower(trim((string) $this->getUserRole())) !== 'teacher') {
return null;
}
// Get all class assignments for this teacher in the current term // Get all class assignments for this teacher in the current term
$assignments = $this->teacherClassModel->getClassAssignmentsByUserId( $assignments = $this->teacherClassModel->getClassAssignmentsByUserId(
(int)$user_id, (int)$user_id,
@@ -106,7 +111,7 @@ class LandingPageController extends BaseController
$ids = array_values(array_filter(array_unique($ids))); $ids = array_values(array_filter(array_unique($ids)));
if (empty($ids)) { if (empty($ids)) {
log_message('error', "No class section found for user ID: $user_id"); log_message('warning', "No class section found for user ID: $user_id");
return null; return null;
} }
@@ -868,8 +873,12 @@ class LandingPageController extends BaseController
protected function getUserRole() protected function getUserRole()
{ {
// Assuming you have a session variable storing the user role $active = session()->get('active_role');
return session()->get('user_role', 'guest'); // Default to guest if not set if ($active !== null && $active !== '') {
return (string) $active;
}
return (string) (session()->get('role') ?? 'guest');
} }
protected function getUserRoleFromDatabase($user_id) protected function getUserRoleFromDatabase($user_id)
+27 -7
View File
@@ -717,6 +717,7 @@ class ParentController extends BaseController
// Step 1: Generate a secure token for email verification // Step 1: Generate a secure token for email verification
$token = bin2hex(random_bytes(48)); $token = bin2hex(random_bytes(48));
$tokenHash = hash('sha256', $token);
// Step 2: Determine user type based on relationship // Step 2: Determine user type based on relationship
$userType = in_array(strtolower($relationToStudent), ['wife', 'husband']) ? 'Secondary' : 'Tertiary'; $userType = in_array(strtolower($relationToStudent), ['wife', 'husband']) ? 'Secondary' : 'Tertiary';
@@ -776,7 +777,7 @@ class ParentController extends BaseController
'state' => strtoupper($userData['state']), 'state' => strtoupper($userData['state']),
'zip' => $userData['zip'], 'zip' => $userData['zip'],
'accept_school_policy' => $userData['accept_school_policy'] ?? 0, 'accept_school_policy' => $userData['accept_school_policy'] ?? 0,
'token' => $token, 'token' => $tokenHash,
'is_verified' => 0, 'is_verified' => 0,
'status' => 'Inactive', 'status' => 'Inactive',
'user_type' => $userType, 'user_type' => $userType,
@@ -1796,16 +1797,34 @@ $existing = $this->studentModel
$activeEventCount = is_array($activeEvents) ? count($activeEvents) : 0; $activeEventCount = is_array($activeEvents) ? count($activeEvents) : 0;
// Get charges (participation info) // Get charges (participation info)
$chargesList = $this->chargesModel->getChargesWithEventInfo($parentId, $schoolYear); $chargesList = $this->chargesModel->getChargesWithEventInfo($parentId, $schoolYear, $semester);
// Build a map: "studentId:eventId" => [ 'participation' => ..., 'date' => ... ] // Build a map: "studentId:eventId" => [ 'participation' => ..., 'date' => ... ]
$charges = []; $charges = [];
$externalParticipantsByEvent = [];
foreach ($chargesList as $charge) { foreach ($chargesList as $charge) {
$key = $charge['student_id'] . ':' . $charge['event_id']; $studentId = $charge['student_id'] ?? null;
$charges[$key] = [ $eventId = (int) ($charge['event_id'] ?? 0);
'participation' => $charge['participation'],
'date' => $charge['updated_at'] ?? $charge['created_at'] // Use updated_at if available if (!empty($studentId)) {
]; $key = $studentId . ':' . $eventId;
$charges[$key] = [
'participation' => $charge['participation'],
'date' => $charge['updated_at'] ?? $charge['created_at'], // Use updated_at if available
];
continue;
}
$externalName = trim((string) ($charge['external_firstname'] ?? '') . ' ' . (string) ($charge['external_lastname'] ?? ''));
if ($eventId > 0 && $externalName !== '') {
$externalParticipantsByEvent[$eventId][] = [
'name' => $externalName,
'note' => (string) ($charge['external_note'] ?? ''),
'participation' => (string) ($charge['participation'] ?? ''),
'event_paid' => !empty($charge['event_paid']),
'charged' => (float) ($charge['charged'] ?? ($charge['event_amount'] ?? 0)),
];
}
} }
// Get enrolled students // Get enrolled students
@@ -1814,6 +1833,7 @@ $existing = $this->studentModel
return view('parent/event_participation', [ return view('parent/event_participation', [
'activeEvents' => $activeEvents, 'activeEvents' => $activeEvents,
'charges' => $charges, 'charges' => $charges,
'externalParticipantsByEvent' => $externalParticipantsByEvent,
'yourStudents' => $students, 'yourStudents' => $students,
'activeEventCount' => $activeEventCount, 'activeEventCount' => $activeEventCount,
]); ]);
+2 -4
View File
@@ -438,6 +438,7 @@ class ProjectController extends Controller
// Step 1: Get student IDs from student_class table // Step 1: Get student IDs from student_class table
$studentClassRows = $studentClassModel $studentClassRows = $studentClassModel
->select('student_id') ->select('student_id')
->distinct()
->where('class_section_id', $classSectionId) ->where('class_section_id', $classSectionId)
->where('school_year', $schoolYear) ->where('school_year', $schoolYear)
->findAll(); ->findAll();
@@ -494,10 +495,7 @@ class ProjectController extends Controller
$studentModel = new StudentModel(); $studentModel = new StudentModel();
$projectModel = new ProjectModel(); $projectModel = new ProjectModel();
$studentClasses = $studentClassModel $studentClasses = $studentClassModel->getClassStudents($classSectionId, $this->schoolYear, null);
->active()
->where('student_class.class_section_id', $classSectionId)
->findAll();
$students = []; $students = [];
foreach ($studentClasses as $sc) { foreach ($studentClasses as $sc) {
+5 -12
View File
@@ -173,16 +173,8 @@ class RegisterController extends Controller
$existingUser = $this->userModel->where('email', $post['email'])->first(); $existingUser = $this->userModel->where('email', $post['email'])->first();
if ($existingUser) { if ($existingUser) {
// Step 2: Check if the user has a token (i.e., not verified yet) return redirect()->back()->withInput()->with('error',
if (!empty($existingUser['token']) && $existingUser['is_verified'] == 0) { 'This email address is already registered. Please check your email or log in.');
// User exists and is unverified
return redirect()->back()->withInput()->with('error',
'This email address is already registered and is pending activation. Please check your email to activate your account.');
} else {
// User exists and is already active or has no token
return redirect()->back()->withInput()->with('error',
'The email address you entered is already in use. Please try a different one.');
}
} }
/* ───────────── 6. Determine role ───────────── */ /* ───────────── 6. Determine role ───────────── */
@@ -194,6 +186,7 @@ class RegisterController extends Controller
/* ───────────── 7. Build & insert user ───────────── */ /* ───────────── 7. Build & insert user ───────────── */
$token = bin2hex(random_bytes(48)); $token = bin2hex(random_bytes(48));
$tokenHash = hash('sha256', $token);
$userData = [ $userData = [
'firstname' => $post['firstname'], 'firstname' => $post['firstname'],
'lastname' => $post['lastname'], 'lastname' => $post['lastname'],
@@ -205,7 +198,7 @@ class RegisterController extends Controller
'city' => $post['city'], 'city' => $post['city'],
'state' => $post['state'], 'state' => $post['state'],
'zip' => $post['zip'], 'zip' => $post['zip'],
'token' => $token, 'token' => $tokenHash,
'is_verified'=> 0, 'is_verified'=> 0,
'accept_school_policy' => (int) $post['accept_school_policy'], 'accept_school_policy' => (int) $post['accept_school_policy'],
'status' => 'Inactive', 'status' => 'Inactive',
@@ -357,4 +350,4 @@ class RegisterController extends Controller
} }
+12 -16
View File
@@ -1566,34 +1566,30 @@ class ReportCardsController extends PrintablesBaseController
$semRange = $this->semesterRangeService->getSemesterRange($refYear, ucfirst($normSemester)); $semRange = $this->semesterRangeService->getSemesterRange($refYear, ucfirst($normSemester));
if ($semRange) { if ($semRange) {
try { try {
$events = $this->calendarModel->getEventsBySchoolYearAndSemester($refYear, $normSemester); // Fetch all events for the year (no semester filter) so that
// no-school events stored with a different semester label or
// NULL semester are still picked up. Date-range filtering below.
$events = $this->calendarModel->getEventsBySchoolYearAndSemester($refYear, null);
$noSchoolDays = []; $noSchoolDays = [];
foreach ($events as $event) { foreach ($events as $event) {
if (empty($event['no_school'])) { if (empty($event['no_school'])) {
continue; continue;
} }
$dateStr = substr((string)($event['date'] ?? ''), 0, 10); $dateStr = substr((string)($event['date'] ?? ''), 0, 10);
if ($dateStr === '') { if ($dateStr === '' || $dateStr < $semRange[0] || $dateStr > $semRange[1]) {
continue;
}
try {
$eventDate = new \DateTime($dateStr);
} catch (\Throwable) {
continue;
}
if ($eventDate->format('N') !== '7') {
continue;
}
if ($dateStr < $semRange[0] || $dateStr > $semRange[1]) {
continue; continue;
} }
$noSchoolDays[$dateStr] = true; $noSchoolDays[$dateStr] = true;
} }
$sundays = $this->listSundays($semRange[0], $semRange[1]); $sundays = $this->listSundays($semRange[0], $semRange[1]);
$anchor = $this->resolveAnchorSunday();
$limit = $semRange[1]; $limit = $semRange[1];
if ($anchor !== '' && $anchor >= $semRange[0]) { // Only cap at "today" while the semester is still in progress.
$limit = min($anchor, $semRange[1]); // Once the semester end date has passed, count all its Sundays.
if ($semRange[1] > date('Y-m-d')) {
$anchor = $this->resolveAnchorSunday();
if ($anchor !== '' && $anchor >= $semRange[0]) {
$limit = min($anchor, $semRange[1]);
}
} }
$totalSemesterDays = 0; $totalSemesterDays = 0;
foreach ($sundays as $date) { foreach ($sundays as $date) {
+2 -2
View File
@@ -1287,14 +1287,14 @@ class ScoreController extends Controller
public function viewStudentScore() public function viewStudentScore()
{ {
$parentId = session()->get('user_id'); $parentId = session()->get('user_id');
$userType = $_SESSION['user_type']; $userType = session()->get('user_type') ?? '';
$firstParentId = null; $firstParentId = null;
$releaseFall = $this->getParentScoresReleasedForSemester('Fall'); $releaseFall = $this->getParentScoresReleasedForSemester('Fall');
$releaseSpring = $this->getParentScoresReleasedForSemester('Spring'); $releaseSpring = $this->getParentScoresReleasedForSemester('Spring');
$releaseAny = $releaseFall || $releaseSpring; $releaseAny = $releaseFall || $releaseSpring;
// Identify the firstparent based on user type // Identify the firstparent based on user type
if ($userType === 'primary') { if ($userType === 'primary' || $userType === '') {
$firstParentId = $parentId; $firstParentId = $parentId;
} elseif ($userType === 'secondary') { } elseif ($userType === 'secondary') {
$parentData = $this->db->table('parents') $parentData = $this->db->table('parents')
+4 -4
View File
@@ -81,10 +81,10 @@ class ScorePredictor extends Controller
s.school_id, s.school_id,
s.firstname, s.firstname,
s.lastname, s.lastname,
fall.semester_score as fall_score, MAX(fall.semester_score) as fall_score,
spring.semester_score as spring_score'); MAX(spring.semester_score) as spring_score');
// Also select class section for per-class trophy decision // Reduce duplication from restored students while keeping a stable class section.
$builder->select('sc.class_section_id as class_section_id'); $builder->select('MAX(sc.class_section_id) as class_section_id');
$yearEsc = $this->db->escape($selectedYear); $yearEsc = $this->db->escape($selectedYear);
$builder->join('student_class sc', 'sc.student_id = s.id AND sc.school_year = ' . $yearEsc, 'left'); $builder->join('student_class sc', 'sc.student_id = s.id AND sc.school_year = ' . $yearEsc, 'left');
$builder->join('classSection cs', 'cs.class_section_id = sc.class_section_id', 'left'); $builder->join('classSection cs', 'cs.class_section_id = sc.class_section_id', 'left');
@@ -99,6 +99,7 @@ class SubjectCurriculumController extends BaseController
->orderBy('classes.class_name', 'ASC') ->orderBy('classes.class_name', 'ASC')
->orderBy('subject', 'ASC') ->orderBy('subject', 'ASC')
->orderBy('unit_number', 'ASC') ->orderBy('unit_number', 'ASC')
->orderBy("CAST(SUBSTRING_INDEX(subject_curriculum_items.chapter_name, '.', 1) AS UNSIGNED)", 'ASC', false)
->orderBy('chapter_name', 'ASC') ->orderBy('chapter_name', 'ASC')
->get() ->get()
->getResultArray(); ->getResultArray();
+10 -6
View File
@@ -297,12 +297,16 @@ class TeacherController extends BaseController
$schoolYear = $forYear ?: ((string)($this->schoolYear ?? 'Not Set')); $schoolYear = $forYear ?: ((string)($this->schoolYear ?? 'Not Set'));
$teachers = $this->teacherModel->getTeachersAndTAs(); $teachers = $this->teacherModel->getTeachersAndTAs();
// Prefer class sections for the selected year, fallback to all if none // Prefer class sections for the selected year if the column exists, otherwise fallback to all.
$classSections = $classSectionModel if ($this->db->fieldExists('school_year', 'classSection')) {
->where('school_year', $schoolYear) $classSections = $classSectionModel
->orderBy('class_section_name', 'ASC') ->where('school_year', $schoolYear)
->findAll(); ->orderBy('class_section_name', 'ASC')
if (empty($classSections)) { ->findAll();
if (empty($classSections)) {
$classSections = $classSectionModel->orderBy('class_section_name', 'ASC')->findAll();
}
} else {
$classSections = $classSectionModel->orderBy('class_section_name', 'ASC')->findAll(); $classSections = $classSectionModel->orderBy('class_section_name', 'ASC')->findAll();
} }
+504
View File
@@ -0,0 +1,504 @@
<?php
namespace App\Controllers\View;
use App\Controllers\BaseController;
use App\Models\ConfigurationModel;
class TrophyController extends BaseController
{
private const PERCENTILE = 75.0;
protected ConfigurationModel $configModel;
public function __construct()
{
$this->configModel = new ConfigurationModel();
}
public function index()
{
$db = \Config\Database::connect();
$currentYear = $this->configModel->getConfig('school_year') ?? '';
$selectedYear = $this->request->getGet('school_year') ?? $currentYear;
$percentile = (float) ($this->request->getGet('percentile') ?? 75);
$percentile = max(1.0, min(99.0, $percentile));
// Available school years from class assignments so the current year can
// still appear even if fall scores are not fully entered yet.
$years = $db->table('student_class')
->select('school_year')
->distinct()
->orderBy('school_year', 'DESC')
->get()
->getResultArray();
$years = array_column($years, 'school_year');
// Build a fall-score-based projection. We start from class assignments so
// students without a recorded fall score still appear as "not yet
// projected" rather than disappearing from the page.
$rows = $db->table('student_class sc')
->select([
'sc.student_id',
'sc.class_section_id',
'MAX(ss.semester_score) AS fall_score',
'cs.class_section_name',
'CONCAT(s.firstname, " ", s.lastname) AS student_name',
's.school_id',
's.gender',
])
->join('classSection cs', 'cs.class_section_id = sc.class_section_id', 'left')
->join('students s', 's.id = sc.student_id', 'left')
->join(
'semester_scores ss',
'ss.student_id = sc.student_id'
. ' AND ss.class_section_id = sc.class_section_id'
. ' AND ss.school_year = ' . $db->escape($selectedYear)
. ' AND LOWER(ss.semester) = "fall"',
'left'
)
->where('sc.school_year', $selectedYear)
->orderBy('cs.class_section_name', 'ASC')
->orderBy('fall_score', 'DESC')
->orderBy('student_name', 'ASC')
->groupBy('sc.student_id, sc.class_section_id, cs.class_section_name, s.firstname, s.lastname, s.school_id')
->get()
->getResultArray();
// Group rows by class section
$sections = [];
foreach ($rows as $row) {
$sid = (int) ($row['class_section_id'] ?? 0);
$name = $row['class_section_name'] ?? 'Section ' . $sid;
if (!isset($sections[$sid])) {
$sections[$sid] = ['name' => $name, 'students' => []];
}
$sections[$sid]['students'][] = [
'student_id' => (int) $row['student_id'],
'name' => $row['student_name'],
'school_id' => $row['school_id'],
'gender' => $row['gender'] ?? '',
'fall_score' => is_numeric($row['fall_score']) ? (float) $row['fall_score'] : null,
];
}
// Calculate trophy thresholds from fall scores only, then project who is
// currently on track for a year-end trophy.
$classResults = [];
foreach ($sections as $sid => $section) {
usort($section['students'], static function (array $a, array $b): int {
$aScore = $a['fall_score'];
$bScore = $b['fall_score'];
if ($aScore === null && $bScore === null) {
return strcmp($a['name'], $b['name']);
}
if ($aScore === null) {
return 1;
}
if ($bScore === null) {
return -1;
}
return $bScore <=> $aScore ?: strcmp($a['name'], $b['name']);
});
$scores = array_column($section['students'], 'fall_score');
$calc = $this->calculateThreshold($scores, $percentile);
$threshold = $calc['threshold'];
$students = array_map(function (array $student) use ($threshold): array {
$student['projected_trophy'] = $threshold !== null
&& $student['fall_score'] !== null
&& $student['fall_score'] >= $threshold;
return $student;
}, $section['students']);
$scoredCount = count(array_filter(
array_column($students, 'fall_score'),
static fn ($score) => $score !== null
));
$boys = array_filter($students, static fn ($s) => strtolower($s['gender']) === 'male');
$girls = array_filter($students, static fn ($s) => strtolower($s['gender']) === 'female');
$trophyBoys = array_filter($boys, static fn ($s) => $s['projected_trophy']);
$trophyGirls = array_filter($girls, static fn ($s) => $s['projected_trophy']);
$nBoys = count($boys);
$nGirls = count($girls);
$nTrophyBoys = count($trophyBoys);
$nTrophyGirls = count($trophyGirls);
$total = count($students);
$classResults[] = [
'section_id' => $sid,
'section_name' => $section['name'],
'students' => $students,
'threshold' => $threshold,
'trophy_count' => $calc['winners'],
'student_count' => $total,
'scored_count' => $scoredCount,
'method' => $calc['method'],
'boys' => $nBoys,
'girls' => $nGirls,
'trophy_boys' => $nTrophyBoys,
'trophy_girls' => $nTrophyGirls,
'pct_boys' => $total > 0 ? round($nBoys / $total * 100) : 0,
'pct_girls' => $total > 0 ? round($nGirls / $total * 100) : 0,
'pct_trophy_boys' => $nBoys > 0 ? round($nTrophyBoys / $nBoys * 100) : 0,
'pct_trophy_girls' => $nGirls > 0 ? round($nTrophyGirls / $nGirls * 100) : 0,
'pct_trophy_total' => $total > 0 ? round($calc['winners'] / $total * 100): 0,
];
}
return view('administrator/trophy', [
'classResults' => $classResults,
'selectedYear' => $selectedYear,
'selectedPercentile'=> $percentile,
'years' => $years,
]);
}
public function winners()
{
$db = \Config\Database::connect();
$currentYear = $this->configModel->getConfig('school_year') ?? '';
$selectedYear = $this->request->getGet('school_year') ?? $currentYear;
$percentile = (float) ($this->request->getGet('percentile') ?? 75);
$percentile = max(1.0, min(99.0, $percentile));
$years = $db->table('student_class')
->select('school_year')->distinct()
->orderBy('school_year', 'DESC')
->get()->getResultArray();
$years = array_column($years, 'school_year');
$ey = $db->escape($selectedYear);
$rows = $db->table('student_class sc')
->select([
'sc.student_id',
'sc.class_section_id',
'cs.class_section_name',
'CONCAT(s.firstname, " ", s.lastname) AS student_name',
's.school_id',
's.gender',
'MAX(sf.semester_score) AS fall_score',
'MAX(sp.semester_score) AS spring_score',
])
->join('classSection cs', 'cs.class_section_id = sc.class_section_id', 'left')
->join('students s', 's.id = sc.student_id', 'left')
->join('semester_scores sf',
'sf.student_id = sc.student_id AND sf.class_section_id = sc.class_section_id'
. ' AND sf.school_year = ' . $ey . ' AND LOWER(sf.semester) = "fall"', 'left')
->join('semester_scores sp',
'sp.student_id = sc.student_id AND sp.class_section_id = sc.class_section_id'
. ' AND sp.school_year = ' . $ey . ' AND LOWER(sp.semester) = "spring"', 'left')
->where('sc.school_year', $selectedYear)
->orderBy('cs.class_section_name', 'ASC')
->orderBy('student_name', 'ASC')
->groupBy('sc.student_id, sc.class_section_id, cs.class_section_name, s.firstname, s.lastname, s.school_id, s.gender')
->get()->getResultArray();
$sections = [];
foreach ($rows as $row) {
$sid = (int) ($row['class_section_id'] ?? 0);
$name = $row['class_section_name'] ?? 'Section ' . $sid;
if (!isset($sections[$sid])) $sections[$sid] = ['name' => $name, 'students' => []];
$fall = is_numeric($row['fall_score']) ? (float) $row['fall_score'] : null;
$spring = is_numeric($row['spring_score']) ? (float) $row['spring_score'] : null;
$year = ($fall !== null && $spring !== null)
? round(($fall + $spring) / 2, 1)
: ($fall ?? $spring);
$sections[$sid]['students'][] = [
'name' => $row['student_name'],
'school_id' => $row['school_id'],
'gender' => $row['gender'] ?? '',
'fall_score' => $fall,
'spring_score' => $spring,
'year_score' => $year,
];
}
$classResults = [];
foreach ($sections as $section) {
usort($section['students'], static function ($a, $b) {
if ($a['fall_score'] === null && $b['fall_score'] === null) return strcmp($a['name'], $b['name']);
if ($a['fall_score'] === null) return 1;
if ($b['fall_score'] === null) return -1;
return $b['fall_score'] <=> $a['fall_score'] ?: strcmp($a['name'], $b['name']);
});
$scores = array_column($section['students'], 'fall_score');
$calc = $this->calculateThreshold($scores, $percentile);
$threshold = $calc['threshold'];
$allStudents = $section['students'];
$winners = array_values(array_filter($allStudents, function ($s) use ($threshold) {
return $threshold !== null && $s['fall_score'] !== null && $s['fall_score'] >= $threshold;
}));
if (empty($winners)) continue;
$boys = array_filter($allStudents, static fn($s) => strtolower($s['gender']) === 'male');
$girls = array_filter($allStudents, static fn($s) => strtolower($s['gender']) === 'female');
$trophyBoys = array_filter($winners, static fn($s) => strtolower($s['gender']) === 'male');
$trophyGirls = array_filter($winners, static fn($s) => strtolower($s['gender']) === 'female');
$n = count($allStudents);
$nBoys = count($boys);
$nGirls = count($girls);
$nTB = count($trophyBoys);
$nTG = count($trophyGirls);
$classResults[] = [
'section_name' => $section['name'],
'threshold' => $threshold,
'winners' => $winners,
'student_count' => $n,
'boys' => $nBoys,
'girls' => $nGirls,
'trophy_boys' => $nTB,
'trophy_girls' => $nTG,
'pct_boys' => $n > 0 ? round($nBoys / $n * 100) : 0,
'pct_girls' => $n > 0 ? round($nGirls / $n * 100) : 0,
'pct_trophy_boys' => $nBoys > 0 ? round($nTB / $nBoys * 100) : 0,
'pct_trophy_girls' => $nGirls > 0 ? round($nTG / $nGirls * 100) : 0,
'pct_trophy_total' => $n > 0 ? round(count($winners) / $n * 100) : 0,
];
}
return view('administrator/trophy_winners', [
'classResults' => $classResults,
'selectedYear' => $selectedYear,
'selectedPercentile' => $percentile,
'years' => $years,
]);
}
public function final()
{
$db = \Config\Database::connect();
$currentYear = $this->configModel->getConfig('school_year') ?? '';
$selectedYear = $this->request->getGet('school_year') ?? $currentYear;
$percentile = (float) ($this->request->getGet('percentile') ?? 75);
$percentile = max(1.0, min(99.0, $percentile));
$years = $db->table('student_class')
->select('school_year')->distinct()
->orderBy('school_year', 'DESC')
->get()->getResultArray();
$years = array_column($years, 'school_year');
$ey = $db->escape($selectedYear);
$rows = $db->table('student_class sc')
->select([
'sc.student_id',
'sc.class_section_id',
'cs.class_section_name',
'CONCAT(s.firstname, " ", s.lastname) AS student_name',
's.school_id',
's.gender',
'MAX(sf.semester_score) AS fall_score',
'MAX(sp.semester_score) AS spring_score',
])
->join('classSection cs', 'cs.class_section_id = sc.class_section_id', 'left')
->join('students s', 's.id = sc.student_id', 'left')
->join('semester_scores sf',
'sf.student_id = sc.student_id AND sf.class_section_id = sc.class_section_id'
. ' AND sf.school_year = ' . $ey . ' AND LOWER(sf.semester) = "fall"', 'left')
->join('semester_scores sp',
'sp.student_id = sc.student_id AND sp.class_section_id = sc.class_section_id'
. ' AND sp.school_year = ' . $ey . ' AND LOWER(sp.semester) = "spring"', 'left')
->where('sc.school_year', $selectedYear)
->orderBy('cs.class_section_name', 'ASC')
->orderBy('student_name', 'ASC')
->groupBy('sc.student_id, sc.class_section_id, cs.class_section_name, s.firstname, s.lastname, s.school_id, s.gender')
->get()->getResultArray();
$sections = [];
foreach ($rows as $row) {
$sid = (int) ($row['class_section_id'] ?? 0);
$name = $row['class_section_name'] ?? 'Section ' . $sid;
if (!isset($sections[$sid])) $sections[$sid] = ['name' => $name, 'students' => []];
$fall = is_numeric($row['fall_score']) ? (float) $row['fall_score'] : null;
$spring = is_numeric($row['spring_score']) ? (float) $row['spring_score'] : null;
$year = ($fall !== null && $spring !== null)
? round(($fall + $spring) / 2, 1)
: ($fall ?? $spring);
$sections[$sid]['students'][] = [
'name' => $row['student_name'],
'school_id' => $row['school_id'],
'gender' => $row['gender'] ?? '',
'fall_score' => $fall,
'spring_score' => $spring,
'year_score' => $year,
];
}
$classResults = [];
foreach ($sections as $section) {
$students = $section['students'];
$fallCalc = $this->calculateThreshold(array_column($students, 'fall_score'), $percentile);
$yearCalc = $this->calculateThreshold(array_column($students, 'year_score'), $percentile);
$fallThreshold = $fallCalc['threshold'];
$yearThreshold = $yearCalc['threshold'];
$annotated = array_map(static function (array $s) use ($fallThreshold, $yearThreshold): array {
$predicted = $fallThreshold !== null && $s['fall_score'] !== null && $s['fall_score'] >= $fallThreshold;
$actual = $yearThreshold !== null && $s['year_score'] !== null && $s['year_score'] >= $yearThreshold;
$status = match (true) {
$predicted && $actual => 'confirmed',
!$predicted && $actual => 'surprise',
$predicted && !$actual => 'missed',
default => 'none',
};
return $s + compact('predicted', 'actual', 'status');
}, $students);
usort($annotated, static function (array $a, array $b): int {
if ($a['year_score'] === null && $b['year_score'] === null) return strcmp($a['name'], $b['name']);
if ($a['year_score'] === null) return 1;
if ($b['year_score'] === null) return -1;
return $b['year_score'] <=> $a['year_score'] ?: strcmp($a['name'], $b['name']);
});
$nConfirmed = count(array_filter($annotated, static fn ($s) => $s['status'] === 'confirmed'));
$nSurprise = count(array_filter($annotated, static fn ($s) => $s['status'] === 'surprise'));
$nMissed = count(array_filter($annotated, static fn ($s) => $s['status'] === 'missed'));
$nPredicted = count(array_filter($annotated, static fn ($s) => $s['predicted']));
$nActual = count(array_filter($annotated, static fn ($s) => $s['actual']));
$n = count($annotated);
$classResults[] = [
'section_name' => $section['name'],
'students' => $annotated,
'student_count' => $n,
'fall_threshold' => $fallThreshold,
'year_threshold' => $yearThreshold,
'predicted_count' => $nPredicted,
'actual_count' => $nActual,
'confirmed' => $nConfirmed,
'surprises' => $nSurprise,
'missed' => $nMissed,
'accuracy' => $nPredicted > 0 ? round($nConfirmed / $nPredicted * 100) : ($nActual === 0 ? 100 : 0),
];
}
return view('administrator/trophy_final', [
'classResults' => $classResults,
'selectedYear' => $selectedYear,
'selectedPercentile' => $percentile,
'years' => $years,
]);
}
private function calculateThreshold(array $scores, float $percentile = 75.0): array
{
$scores = array_values(array_filter(
$scores,
static fn ($v) => is_numeric($v) && $v !== null
));
$scores = array_map('floatval', $scores);
sort($scores); // ascending
$n = count($scores);
if ($n === 0) {
return ['threshold' => null, 'winners' => 0, 'method' => 'empty'];
}
$minWinners = 3; // never fewer than 3, regardless of class size or score count
// Hard maximum: top (100 - percentile)% of class, but never below the minimum.
$maxWinners = max($minWinners, (int) floor($n * (1 - $percentile / 100)));
$threshold = $this->empiricalPercentile($scores, $percentile);
$winners = $this->countAtOrAbove($scores, $threshold);
if ($winners < $minWinners) {
// Too few qualify — REDUCE the threshold down to the score of the
// 3rd-ranked student so the minimum of 3 is always met.
// If fewer than 3 students have scores, award all of them.
$target = min($minWinners, $n);
$desc = array_reverse($scores); // descending
$threshold = $desc[$target - 1]; // score at rank $target
$winners = $this->countAtOrAbove($scores, $threshold); // ties included
return ['threshold' => $threshold, 'winners' => $winners, 'method' => 'min3_reduced'];
}
if ($winners <= $maxWinners) {
return ['threshold' => $threshold, 'winners' => $winners, 'method' => 'empirical_percentile'];
}
// Too many winners — raise threshold to respect the cap.
$result = $this->capByRank($scores, $maxWinners);
// capByRank may overshoot and drop below the minimum (e.g. bimodal scores
// where only 2 students are in the top cluster). Enforce min=3 here too.
if ($result['winners'] < $minWinners) {
$target = min($minWinners, $n);
$desc = array_reverse($scores);
$threshold = $desc[$target - 1];
$winners = $this->countAtOrAbove($scores, $threshold);
return ['threshold' => $threshold, 'winners' => $winners, 'method' => 'min3_after_cap'];
}
return $result;
}
/**
* Raise the threshold until at most $max students qualify.
* Returns the result without checking the minimum — caller must do that.
*/
private function capByRank(array $sortedScores, int $max): array
{
$desc = array_reverse($sortedScores);
$threshold = $desc[$max - 1];
$winners = $this->countAtOrAbove($sortedScores, $threshold);
if ($winners <= $max) {
return ['threshold' => $threshold, 'winners' => $winners, 'method' => 'capped_25pct'];
}
// Ties push it over — walk up through distinct scores.
$unique = array_values(array_unique(array_filter(
$sortedScores,
static fn ($s) => $s > $threshold
)));
sort($unique);
foreach ($unique as $candidate) {
$w = $this->countAtOrAbove($sortedScores, $candidate);
if ($w <= $max) {
return ['threshold' => $candidate, 'winners' => $w, 'method' => 'capped_25pct'];
}
}
// All scores are equal.
return ['threshold' => $sortedScores[0], 'winners' => count($sortedScores), 'method' => 'all_equal'];
}
private function empiricalPercentile(array $sortedScores, float $p): float
{
$n = count($sortedScores);
if ($n === 0) return 0.0;
$index = ($p / 100.0) * ($n - 1);
$lower = (int) floor($index);
$upper = (int) ceil($index);
if ($lower === $upper) return $sortedScores[$lower];
return $sortedScores[$lower] + ($index - $lower) * ($sortedScores[$upper] - $sortedScores[$lower]);
}
private function countAtOrAbove(array $scores, float $threshold): int
{
return count(array_filter($scores, static fn ($s) => $s >= $threshold));
}
}
+160 -34
View File
@@ -21,6 +21,7 @@ require_once APPPATH . 'Helpers/pbkdf2_helper.php';
class UserController extends BaseController class UserController extends BaseController
{ {
private const ACTIVATION_TTL_HOURS = 48;
protected $userModel; protected $userModel;
protected $roleModel; protected $roleModel;
protected $userRoleModel; protected $userRoleModel;
@@ -49,6 +50,37 @@ class UserController extends BaseController
$this->resetRequestModel = new PasswordResetRequestModel(); $this->resetRequestModel = new PasswordResetRequestModel();
} }
private function denyAccess(string $message)
{
if ($this->request->isAJAX() || $this->request->getHeaderLine('Accept') === 'application/json') {
return service('response')
->setStatusCode(403)
->setJSON(['status' => 'error', 'message' => $message]);
}
session()->setFlashdata('error', $message);
return redirect()->to('/access_denied');
}
private function requirePermission(string $permission)
{
if (!session()->get('is_logged_in')) {
return redirect()->to('/login');
}
$userId = (int) session()->get('user_id');
if ($userId <= 0 || !has_permission($userId, $permission)) {
return $this->denyAccess("You don't have permission to use this feature.");
}
return null;
}
private function hashToken(string $token): string
{
return hash('sha256', $token);
}
// Method to show the home page // Method to show the home page
public function home() public function home()
{ {
@@ -75,6 +107,10 @@ class UserController extends BaseController
public function userList() public function userList()
{ {
if ($resp = $this->requirePermission('read_user')) {
return $resp;
}
helper('url'); helper('url');
return view('user/user_list', [ return view('user/user_list', [
@@ -85,6 +121,10 @@ class UserController extends BaseController
// Method to show the list of users // Method to show the list of users
public function index() public function index()
{ {
if ($resp = $this->requirePermission('read_user')) {
return $resp;
}
// Fetch users along with their assigned roles // Fetch users along with their assigned roles
$builder = $this->db->table('users'); $builder = $this->db->table('users');
$builder->select('users.id, users.firstname, users.lastname, users.email, user_roles.role_id, roles.name as role, users.status, users.updated_at'); $builder->select('users.id, users.firstname, users.lastname, users.email, user_roles.role_id, roles.name as role, users.status, users.updated_at');
@@ -122,6 +162,10 @@ class UserController extends BaseController
public function userListData() public function userListData()
{ {
if ($resp = $this->requirePermission('read_user')) {
return $resp;
}
return $this->response->setJSON([ return $this->response->setJSON([
'users' => $this->buildUsersWithRoles(), 'users' => $this->buildUsersWithRoles(),
]); ]);
@@ -253,6 +297,10 @@ class UserController extends BaseController
// Method to store a new user // Method to store a new user
public function store() public function store()
{ {
if ($resp = $this->requirePermission('edit_user')) {
return $resp;
}
// Validate input data // Validate input data
$validation = \Config\Services::validation(); $validation = \Config\Services::validation();
$validation->setRules([ $validation->setRules([
@@ -315,6 +363,10 @@ class UserController extends BaseController
// Method to show the form for editing an existing user // Method to show the form for editing an existing user
public function edit($id) public function edit($id)
{ {
if ($resp = $this->requirePermission('edit_user')) {
return $resp;
}
$data['user'] = $this->userModel->find($id); $data['user'] = $this->userModel->find($id);
$data['roles'] = $this->roleModel->findAll(); $data['roles'] = $this->roleModel->findAll();
$userRoles = $this->userRoleModel->where('user_id', $id)->findAll(); $userRoles = $this->userRoleModel->where('user_id', $id)->findAll();
@@ -327,6 +379,10 @@ class UserController extends BaseController
// Method to delete an existing user // Method to delete an existing user
public function delete($id) public function delete($id)
{ {
if ($resp = $this->requirePermission('edit_user')) {
return $resp;
}
$this->userModel->delete($id); $this->userModel->delete($id);
// Delete the user's roles from the user_roles table // Delete the user's roles from the user_roles table
@@ -369,27 +425,21 @@ class UserController extends BaseController
$email = strtolower($this->request->getPost('email')); $email = strtolower($this->request->getPost('email'));
$user = $this->userModel->where('email', $email)->first(); $user = $this->userModel->where('email', $email)->first();
// --- Handle unknown email --- // --- Handle unknown or unverified email ---
if (!$user) { if (!$user || (int) $user['is_verified'] === 0) {
session()->setFlashdata('error', 'If this email is registered, you will receive a reset link.'); session()->setFlashdata('success', 'If this email is registered, you will receive a reset link.');
log_message('info', "Password reset requested for non-existing user {$email}"); log_message('info', "Password reset requested for {$email} (user missing or unverified).");
return redirect()->back();
}
// --- Handle unverified accounts ---
if ((int) $user['is_verified'] === 0) {
session()->setFlashdata('error', 'Please check your email and complete the account activation process before resetting your password.');
log_message('info', "Password reset blocked for unverified user {$email}");
return redirect()->back(); return redirect()->back();
} }
// --- Verified user: continue with reset --- // --- Verified user: continue with reset ---
$token = bin2hex(random_bytes(48)); $token = bin2hex(random_bytes(48));
$tokenHash = $this->hashToken($token);
$expires_at = Time::now()->addHours(1); $expires_at = Time::now()->addHours(1);
$this->passwordResetModel->insert([ $this->passwordResetModel->insert([
'email' => $email, 'email' => $email,
'token' => $token, 'token' => $tokenHash,
'created_at' => Time::now(), 'created_at' => Time::now(),
'expires_at' => $expires_at, 'expires_at' => $expires_at,
]); ]);
@@ -447,7 +497,12 @@ class UserController extends BaseController
} }
// You may want to validate the token here // You may want to validate the token here
$resetEntry = $this->passwordResetModel->where('token', $token) $tokenHash = $this->hashToken($token);
$resetEntry = $this->passwordResetModel
->groupStart()
->where('token', $tokenHash)
->orWhere('token', $token)
->groupEnd()
->where('expires_at >=', Time::now()) ->where('expires_at >=', Time::now())
->first(); ->first();
@@ -462,6 +517,10 @@ class UserController extends BaseController
//This function processes the new password submission, validating the token, updating the user's password, and cleaning up the reset entry. //This function processes the new password submission, validating the token, updating the user's password, and cleaning up the reset entry.
public function processResetPassword() public function processResetPassword()
{ {
if (strtolower($this->request->getMethod()) !== 'post') {
return redirect()->to('/')->with('error', 'Invalid request.');
}
$token = $this->request->getPost('token'); $token = $this->request->getPost('token');
$newPassword = $this->request->getPost('password'); $newPassword = $this->request->getPost('password');
$passConfirm = $this->request->getPost('pass_confirm'); $passConfirm = $this->request->getPost('pass_confirm');
@@ -490,7 +549,12 @@ class UserController extends BaseController
} }
// Find the password reset entry // Find the password reset entry
$resetEntry = $this->passwordResetModel->where('token', $token) $tokenHash = $this->hashToken($token);
$resetEntry = $this->passwordResetModel
->groupStart()
->where('token', $tokenHash)
->orWhere('token', $token)
->groupEnd()
->where('expires_at >=', Time::now()) ->where('expires_at >=', Time::now())
->first(); ->first();
@@ -519,7 +583,12 @@ class UserController extends BaseController
]); ]);
// Delete the used token from the password reset table // Delete the used token from the password reset table
$this->passwordResetModel->where('token', $token)->delete(); $this->passwordResetModel
->groupStart()
->where('token', $tokenHash)
->orWhere('token', $token)
->groupEnd()
->delete();
// Retrieve the user's IP address from the request // Retrieve the user's IP address from the request
$ipAddress = $this->request->getIPAddress(); $ipAddress = $this->request->getIPAddress();
@@ -546,10 +615,16 @@ class UserController extends BaseController
public function confirm($token) public function confirm($token)
{ {
log_message('info', 'Processing email confirmation with token: ' . $token); log_message('info', 'Processing email confirmation.');
$tokenHash = $this->hashToken($token);
$user = $this->userModel->where('token', $token)->first(); $user = $this->userModel
->groupStart()
->where('token', $tokenHash)
->orWhere('token', $token)
->groupEnd()
->where('created_at >=', Time::now()->subHours(self::ACTIVATION_TTL_HOURS)->toDateTimeString())
->first();
if (!$user || $user['is_verified'] == 1) { if (!$user || $user['is_verified'] == 1) {
return redirect()->to('/invalid_token'); return redirect()->to('/invalid_token');
@@ -570,7 +645,14 @@ class UserController extends BaseController
{ {
//echo "Reached setPassword with token: " . esc($token); //echo "Reached setPassword with token: " . esc($token);
//echo "Token received: " . $token; //echo "Token received: " . $token;
$user = $this->userModel->where('token', $token)->first(); $tokenHash = $this->hashToken($token);
$user = $this->userModel
->groupStart()
->where('token', $tokenHash)
->orWhere('token', $token)
->groupEnd()
->where('created_at >=', Time::now()->subHours(self::ACTIVATION_TTL_HOURS)->toDateTimeString())
->first();
if (!$user || $user['is_verified'] == 1) { if (!$user || $user['is_verified'] == 1) {
return redirect()->to('/invalid_token'); return redirect()->to('/invalid_token');
@@ -584,6 +666,10 @@ class UserController extends BaseController
public function savePassword() public function savePassword()
{ {
if (strtolower($this->request->getMethod()) !== 'post') {
return redirect()->to('/')->with('error', 'Invalid request.');
}
$validation = \Config\Services::validation(); $validation = \Config\Services::validation();
$validation->setRules([ $validation->setRules([
'password' => [ 'password' => [
@@ -615,9 +701,17 @@ class UserController extends BaseController
$token = $this->request->getPost('token'); $token = $this->request->getPost('token');
$password = $this->request->getPost('password'); $password = $this->request->getPost('password');
$user = $this->userModel->where('id', $userId)->where('token', $token)->first(); $tokenHash = $this->hashToken($token);
$user = $this->userModel
->where('id', $userId)
->groupStart()
->where('token', $tokenHash)
->orWhere('token', $token)
->groupEnd()
->where('created_at >=', Time::now()->subHours(self::ACTIVATION_TTL_HOURS)->toDateTimeString())
->first();
log_message('debug', "Attempting to set password for user $userId with token $token"); log_message('debug', "Attempting to set password for user $userId");
if (!$user || $user['is_verified'] == 1) { if (!$user || $user['is_verified'] == 1) {
return redirect()->to('/invalid_token'); return redirect()->to('/invalid_token');
@@ -670,20 +764,39 @@ class UserController extends BaseController
$roleKey = (string) $this->request->getPost('role'); $roleKey = (string) $this->request->getPost('role');
log_message('info', 'Role selected: ' . $roleKey); log_message('info', 'Role selected: ' . $roleKey);
$roleModel = new RoleModel();
$route = $roleModel->getRouteByNameOrSlug($roleKey);
if ($route === null) {
log_message('error', 'Invalid or inactive role selected: ' . $roleKey);
return redirect()->back()->with('error', 'Invalid role selected.');
}
$userId = (int) session()->get('user_id'); $userId = (int) session()->get('user_id');
log_message('info', 'User ID: ' . $userId); log_message('info', 'User ID: ' . $userId);
if ($userId <= 0) {
return $this->denyAccess("You don't have permission to use this feature.");
}
$roleRow = $this->db->table('user_roles ur')
->join('roles r', 'r.id = ur.role_id', 'inner')
->select('r.name, r.slug, r.dashboard_route')
->where('ur.user_id', $userId)
->where('r.is_active', 1)
->groupStart()
->where('LOWER(r.name)', strtolower($roleKey))
->orWhere('LOWER(r.slug)', strtolower($roleKey))
->groupEnd()
->get()
->getRowArray();
if (empty($roleRow)) {
log_message('error', 'Invalid or unassigned role selected: ' . $roleKey);
return redirect()->back()->with('error', 'Invalid role selected.');
}
$route = $roleRow['dashboard_route'] ?? null;
if ($route === null) {
log_message('error', 'No dashboard route configured for role: ' . $roleKey);
return redirect()->back()->with('error', 'Invalid role selected.');
}
// Persist the *exact* role name or slug—choose your convention. // Persist the *exact* role name or slug—choose your convention.
// If you want to store the canonical name, fetch the row and use $row['name']. // Store the canonical name to avoid arbitrary role strings.
$this->userModel->update($userId, ['role' => $roleKey]); $this->userModel->update($userId, ['role' => $roleRow['name']]);
log_message('info', 'Role updated in database.'); log_message('info', 'Role updated in database.');
log_message('info', 'Redirecting to role dashboard: ' . $route); log_message('info', 'Redirecting to role dashboard: ' . $route);
@@ -702,6 +815,10 @@ class UserController extends BaseController
public function delete_role($roleId) public function delete_role($roleId)
{ {
if ($resp = $this->requirePermission('edit_user')) {
return $resp;
}
// Fetch the role to be deleted // Fetch the role to be deleted
$role = $this->roleModel->find($roleId); $role = $this->roleModel->find($roleId);
if (!$role) { if (!$role) {
@@ -731,6 +848,10 @@ class UserController extends BaseController
public function loginActivity() public function loginActivity()
{ {
if ($resp = $this->requirePermission('view_login_activity')) {
return $resp;
}
helper('url'); helper('url');
$perPage = (int) ($this->request->getGet('per_page') ?? 25); $perPage = (int) ($this->request->getGet('per_page') ?? 25);
@@ -743,6 +864,10 @@ class UserController extends BaseController
public function loginActivityData() public function loginActivityData()
{ {
if ($resp = $this->requirePermission('view_login_activity')) {
return $resp;
}
$perPage = (int) ($this->request->getGet('per_page') ?? 25); $perPage = (int) ($this->request->getGet('per_page') ?? 25);
$page = (int) ($this->request->getGet('page') ?? 1); $page = (int) ($this->request->getGet('page') ?? 1);
@@ -752,6 +877,10 @@ class UserController extends BaseController
// Method to update an existing user // Method to update an existing user
public function updateUser() public function updateUser()
{ {
if ($resp = $this->requirePermission('edit_user')) {
return $resp;
}
if (strtolower($this->request->getMethod()) !== 'post') { if (strtolower($this->request->getMethod()) !== 'post') {
return redirect()->to(site_url('user/user_list'))->with('error', 'Invalid request.'); return redirect()->to(site_url('user/user_list'))->with('error', 'Invalid request.');
} }
@@ -800,9 +929,6 @@ class UserController extends BaseController
'status' => trim((string)$this->request->getPost('status')), 'status' => trim((string)$this->request->getPost('status')),
'is_suspended' => $toBool('is_suspended'), 'is_suspended' => $toBool('is_suspended'),
'is_verified' => $toBool('is_verified'), 'is_verified' => $toBool('is_verified'),
'token' => trim((string)$this->request->getPost('token')),
'updated_at' => $toDT('updated_at'),
'created_at' => $toDT('created_at'),
]; ];
// Validation // Validation
@@ -0,0 +1,30 @@
<?php
namespace App\Database\Migrations;
use CodeIgniter\Database\Migration;
class AddReviewRevisionToExamDrafts extends Migration
{
public function up()
{
if (! $this->db->fieldExists('review_revision', 'exam_drafts')) {
$this->forge->addColumn('exam_drafts', [
'review_revision' => [
'type' => 'INT',
'constraint' => 11,
'null' => false,
'default' => 0,
'after' => 'version',
],
]);
}
}
public function down()
{
if ($this->db->fieldExists('review_revision', 'exam_drafts')) {
$this->forge->dropColumn('exam_drafts', 'review_revision');
}
}
}
@@ -0,0 +1,27 @@
<?php
namespace App\Database\Migrations;
use CodeIgniter\Database\Migration;
class AddEventPaidFlagToCharges extends Migration
{
public function up()
{
$fields = [
'event_paid' => [
'type' => 'TINYINT',
'constraint' => 1,
'default' => 0,
'after' => 'charged',
],
];
$this->forge->addColumn('event_charges', $fields);
}
public function down()
{
$this->forge->dropColumn('event_charges', 'event_paid');
}
}
@@ -0,0 +1,32 @@
<?php
namespace App\Database\Migrations;
use CodeIgniter\Database\Migration;
class AddClassSectionToEventCharges extends Migration
{
public function up()
{
$fields = [
'class_section_id' => [
'type' => 'INT',
'constraint' => 11,
'unsigned' => true,
'null' => true,
'after' => 'event_paid',
],
];
if (! $this->db->fieldExists('class_section_id', 'event_charges')) {
$this->forge->addColumn('event_charges', $fields);
}
}
public function down()
{
if ($this->db->fieldExists('class_section_id', 'event_charges')) {
$this->forge->dropColumn('event_charges', 'class_section_id');
}
}
}
@@ -0,0 +1,32 @@
<?php
namespace App\Database\Migrations;
use CodeIgniter\Database\Migration;
class AddEventPaymentRefToEventCharges extends Migration
{
public function up()
{
$fields = [
'event_payment_id' => [
'type' => 'INT',
'constraint' => 11,
'unsigned' => true,
'null' => true,
'after' => 'class_section_id',
],
];
if (! $this->db->fieldExists('event_payment_id', 'event_charges')) {
$this->forge->addColumn('event_charges', $fields);
}
}
public function down()
{
if ($this->db->fieldExists('event_payment_id', 'event_charges')) {
$this->forge->dropColumn('event_charges', 'event_payment_id');
}
}
}
@@ -0,0 +1,43 @@
<?php
namespace App\Database\Migrations;
use CodeIgniter\Database\Migration;
class AddExternalParticipantFieldsToEventCharges extends Migration
{
public function up()
{
$fields = [
'external_firstname' => [
'type' => 'VARCHAR',
'constraint' => 150,
'null' => true,
'after' => 'event_payment_id',
],
'external_lastname' => [
'type' => 'VARCHAR',
'constraint' => 150,
'null' => true,
],
'external_note' => [
'type' => 'VARCHAR',
'constraint' => 254,
'null' => true,
],
];
if (! $this->db->fieldExists('external_firstname', 'event_charges')) {
$this->forge->addColumn('event_charges', $fields);
}
}
public function down()
{
foreach (['external_firstname', 'external_lastname', 'external_note'] as $field) {
if ($this->db->fieldExists($field, 'event_charges')) {
$this->forge->dropColumn('event_charges', $field);
}
}
}
}
@@ -0,0 +1,43 @@
<?php
namespace App\Database\Migrations;
use CodeIgniter\Database\Migration;
class AddExternalParentInfoToEventCharges extends Migration
{
public function up()
{
$fields = [
'external_parent_firstname' => [
'type' => 'VARCHAR',
'constraint' => 150,
'null' => true,
'after' => 'external_note',
],
'external_parent_lastname' => [
'type' => 'VARCHAR',
'constraint' => 150,
'null' => true,
],
'external_parent_phone' => [
'type' => 'VARCHAR',
'constraint' => 50,
'null' => true,
],
];
if (! $this->db->fieldExists('external_parent_firstname', 'event_charges')) {
$this->forge->addColumn('event_charges', $fields);
}
}
public function down()
{
foreach (['external_parent_firstname', 'external_parent_lastname', 'external_parent_phone'] as $field) {
if ($this->db->fieldExists($field, 'event_charges')) {
$this->forge->dropColumn('event_charges', $field);
}
}
}
}
@@ -0,0 +1,32 @@
<?php
namespace App\Database\Migrations;
use CodeIgniter\Database\Migration;
class AddExternalParentEmailToEventCharges extends Migration
{
public function up()
{
$fields = [
'external_parent_email' => [
'type' => 'VARCHAR',
'constraint' => 254,
'null' => true,
'after' => 'external_parent_phone',
],
];
if (! $this->db->fieldExists('external_parent_email', 'event_charges')) {
$this->forge->addColumn('event_charges', $fields);
}
}
public function down()
{
if ($this->db->fieldExists('external_parent_email', 'event_charges')) {
$this->forge->dropColumn('event_charges', 'external_parent_email');
}
}
}
@@ -0,0 +1,31 @@
<?php
namespace App\Database\Migrations;
use CodeIgniter\Database\Migration;
class AddWaiverSignedToEventCharges extends Migration
{
public function up()
{
$fields = [
'waiver_signed' => [
'type' => 'TINYINT',
'constraint' => 1,
'default' => 0,
'after' => 'charged',
],
];
if (! $this->db->fieldExists('waiver_signed', 'event_charges')) {
$this->forge->addColumn('event_charges', $fields);
}
}
public function down()
{
if ($this->db->fieldExists('waiver_signed', 'event_charges')) {
$this->forge->dropColumn('event_charges', 'waiver_signed');
}
}
}
@@ -0,0 +1,85 @@
<?php
namespace App\Database\Migrations;
use CodeIgniter\Database\Migration;
class CreateCertificateRecords extends Migration
{
public function up()
{
if ($this->db->tableExists('certificate_records')) {
return;
}
$this->forge->addField([
'id' => [
'type' => 'INT',
'constraint' => 11,
'unsigned' => true,
'auto_increment' => true,
],
'certificate_number' => [
'type' => 'VARCHAR',
'constraint' => 30,
],
'student_id' => [
'type' => 'INT',
'constraint' => 11,
'unsigned' => true,
],
'student_name' => [
'type' => 'VARCHAR',
'constraint' => 200,
],
'grade' => [
'type' => 'VARCHAR',
'constraint' => 100,
'null' => true,
],
'cert_date' => [
'type' => 'DATE',
'null' => true,
],
'school_year' => [
'type' => 'VARCHAR',
'constraint' => 20,
'null' => true,
],
'class_section_id' => [
'type' => 'INT',
'constraint' => 11,
'unsigned' => true,
'null' => true,
],
'issued_by' => [
'type' => 'INT',
'constraint' => 11,
'unsigned' => true,
'null' => true,
],
'issued_at' => [
'type' => 'DATETIME',
'null' => true,
],
'created_at' => [
'type' => 'DATETIME',
'null' => true,
],
'updated_at' => [
'type' => 'DATETIME',
'null' => true,
],
]);
$this->forge->addKey('id', true);
$this->forge->addUniqueKey('certificate_number');
$this->forge->addKey(['school_year', 'student_id']);
$this->forge->createTable('certificate_records');
}
public function down()
{
$this->forge->dropTable('certificate_records', true);
}
}
@@ -0,0 +1,70 @@
<?php
namespace App\Database\Migrations;
use CodeIgniter\Database\Migration;
class CreateBelowSixtyDecisions extends Migration
{
public function up()
{
if ($this->db->tableExists('below_sixty_decisions')) {
return;
}
$this->forge->addField([
'id' => [
'type' => 'INT',
'constraint' => 11,
'unsigned' => true,
'auto_increment' => true,
],
'student_id' => [
'type' => 'INT',
'constraint' => 11,
'unsigned' => true,
],
'semester' => [
'type' => 'VARCHAR',
'constraint' => 20,
],
'school_year' => [
'type' => 'VARCHAR',
'constraint' => 20,
],
'decision' => [
'type' => 'VARCHAR',
'constraint' => 100,
'null' => true,
],
'notes' => [
'type' => 'TEXT',
'null' => true,
],
'decided_by' => [
'type' => 'INT',
'constraint' => 11,
'unsigned' => true,
'null' => true,
],
'created_at' => [
'type' => 'DATETIME',
'null' => true,
],
'updated_at' => [
'type' => 'DATETIME',
'null' => true,
],
]);
$this->forge->addKey('id', true);
$this->forge->addUniqueKey(['student_id', 'semester', 'school_year']);
$this->forge->addKey(['school_year', 'semester']);
$this->forge->createTable('below_sixty_decisions');
}
public function down()
{
$this->forge->dropTable('below_sixty_decisions', true);
}
}
@@ -0,0 +1,85 @@
<?php
namespace App\Database\Migrations;
use CodeIgniter\Database\Migration;
class CreateStudentDecisions extends Migration
{
public function up()
{
if ($this->db->tableExists('student_decisions')) {
return;
}
$this->forge->addField([
'id' => [
'type' => 'INT',
'constraint' => 11,
'unsigned' => true,
'auto_increment' => true,
],
'student_id' => [
'type' => 'INT',
'constraint' => 11,
'unsigned' => true,
],
'semester' => [
'type' => 'VARCHAR',
'constraint' => 20,
],
'school_year' => [
'type' => 'VARCHAR',
'constraint' => 20,
],
'class_section_name' => [
'type' => 'VARCHAR',
'constraint' => 100,
'null' => true,
],
'semester_score' => [
'type' => 'DECIMAL',
'constraint' => '8,2',
'null' => true,
],
'decision' => [
'type' => 'VARCHAR',
'constraint' => 100,
'null' => true,
],
'source' => [
'type' => 'ENUM',
'constraint' => ['auto', 'manual', 'pending'],
'default' => 'auto',
],
'notes' => [
'type' => 'TEXT',
'null' => true,
],
'generated_by' => [
'type' => 'INT',
'constraint' => 11,
'unsigned' => true,
'null' => true,
],
'created_at' => [
'type' => 'DATETIME',
'null' => true,
],
'updated_at' => [
'type' => 'DATETIME',
'null' => true,
],
]);
$this->forge->addKey('id', true);
$this->forge->addUniqueKey(['student_id', 'semester', 'school_year']);
$this->forge->addKey(['school_year', 'semester']);
$this->forge->createTable('student_decisions');
}
public function down()
{
$this->forge->dropTable('student_decisions', true);
}
}
+8 -1
View File
@@ -11,6 +11,8 @@ class ApiAuthFilter implements FilterInterface
{ {
public function before(RequestInterface $request, $arguments = null) public function before(RequestInterface $request, $arguments = null)
{ {
helper('security');
$authorization = $request->getHeaderLine('Authorization'); $authorization = $request->getHeaderLine('Authorization');
if (!$authorization || stripos($authorization, 'Bearer ') !== 0) { if (!$authorization || stripos($authorization, 'Bearer ') !== 0) {
return $this->unauthorized('Missing or invalid Authorization header'); return $this->unauthorized('Missing or invalid Authorization header');
@@ -21,7 +23,12 @@ class ApiAuthFilter implements FilterInterface
return $this->unauthorized('Bearer token is required'); return $this->unauthorized('Bearer token is required');
} }
$secret = env('JWT_SECRET', 'change-me-in-env'); try {
$secret = require_env('JWT_SECRET');
} catch (\RuntimeException $e) {
return $this->unauthorized('JWT configuration is missing');
}
$payload = jwt_decode($token, $secret); $payload = jwt_decode($token, $secret);
if (!$payload || empty($payload['sub'])) { if (!$payload || empty($payload['sub'])) {
+3 -1
View File
@@ -13,13 +13,15 @@ class ApiDocsAuthFilter implements FilterInterface
{ {
public function before(RequestInterface $request, $arguments = null) public function before(RequestInterface $request, $arguments = null)
{ {
helper('security');
$authHeader = $request->getHeaderLine('Authorization'); $authHeader = $request->getHeaderLine('Authorization');
if ($authHeader && str_starts_with($authHeader, 'Bearer ')) { if ($authHeader && str_starts_with($authHeader, 'Bearer ')) {
$token = trim(substr($authHeader, 7)); $token = trim(substr($authHeader, 7));
try { try {
$key = getenv('JWT_SECRET') ?: 'your_default_secret'; $key = require_env('JWT_SECRET');
$decoded = JWT::decode($token, new Key($key, 'HS256')); $decoded = JWT::decode($token, new Key($key, 'HS256'));
if (!isset($decoded->roles) || empty($decoded->roles->admin)) { if (!isset($decoded->roles) || empty($decoded->roles->admin)) {
+42
View File
@@ -0,0 +1,42 @@
<?php
namespace App\Filters;
use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
use Config\Services;
class ApiRateLimitFilter implements FilterInterface
{
public function before(RequestInterface $request, $arguments = null)
{
$throttler = service('throttler');
$response = Services::response();
$maxRequests = isset($arguments[0]) ? max(1, (int) $arguments[0]) : 60;
$windowSeconds = isset($arguments[1]) ? max(1, (int) $arguments[1]) : MINUTE;
$userId = session()->get('user_id');
$identifier = $userId ? 'user:' . $userId : 'ip:' . $request->getIPAddress();
$route = trim($request->getUri()->getPath(), '/');
$key = 'api-rate-' . sha1($request->getMethod() . '|' . $route . '|' . $identifier);
if (! $throttler->check($key, $maxRequests, $windowSeconds)) {
return $response
->setStatusCode(429)
->setHeader('Retry-After', (string) $windowSeconds)
->setJSON([
'status' => false,
'message' => 'Too many requests. Please try again later.',
]);
}
return null;
}
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
{
return $response;
}
}
+15 -2
View File
@@ -41,7 +41,13 @@ class AuthFilter implements FilterInterface
// Must be logged in // Must be logged in
if (empty($userRoles) || empty($userId)) { if (empty($userRoles) || empty($userId)) {
return redirect()->to('/login'); $target = ltrim($request->getUri()->getPath(), '/');
$query = $request->getUri()->getQuery();
if ($query !== '') {
$target .= '?' . $query;
}
return redirect()->to('/login?redirect_to=' . rawurlencode('/' . ltrim($target, '/')));
} }
// Enforce 12-hour session lifetime // Enforce 12-hour session lifetime
@@ -110,7 +116,14 @@ class AuthFilter implements FilterInterface
]); ]);
} }
return redirect()->to('/login')->with('error', 'Your session has expired. Please log in again.'); $target = ltrim($request->getUri()->getPath(), '/');
$query = $request->getUri()->getQuery();
if ($query !== '') {
$target .= '?' . $query;
}
return redirect()->to('/login?redirect_to=' . rawurlencode('/' . ltrim($target, '/')))
->with('error', 'Your session has expired. Please log in again.');
} }
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null) public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
+48
View File
@@ -0,0 +1,48 @@
<?php
namespace App\Filters;
use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
use Config\Services;
class SanitizeInputFilter implements FilterInterface
{
public function before(RequestInterface $request, $arguments = null)
{
helper('security');
$sanitizedGet = sanitize_request_value($request->getGet() ?? []);
$sanitizedPost = sanitize_request_value($request->getPost() ?? []);
$request->setGlobal('get', $sanitizedGet);
$request->setGlobal('post', $sanitizedPost);
$request->setGlobal('request', array_merge(is_array($sanitizedGet) ? $sanitizedGet : [], is_array($sanitizedPost) ? $sanitizedPost : []));
$request->setGlobal('cookie', sanitize_request_value($request->getCookie() ?? []));
$contentType = strtolower($request->getHeaderLine('Content-Type'));
$body = $request->getBody();
if (str_contains($contentType, 'application/json') && trim($body) !== '') {
$decoded = json_decode($body, true);
if (json_last_error() !== JSON_ERROR_NONE || ! is_array($decoded)) {
return Services::response()
->setStatusCode(400)
->setJSON([
'status' => false,
'message' => 'Malformed JSON payload.',
]);
}
$request->setBody((string) json_encode(sanitize_request_value($decoded), JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
}
return null;
}
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
{
return $response;
}
}
+3
View File
@@ -0,0 +1,3 @@
<?php
require_once __DIR__ . '/AuthHelper.php';
+41
View File
@@ -0,0 +1,41 @@
<?php
if (! function_exists('sanitize_request_value')) {
/**
* Recursively normalize request values without applying output encoding.
*/
function sanitize_request_value($value)
{
if (is_array($value)) {
foreach ($value as $key => $item) {
$value[$key] = sanitize_request_value($item);
}
return $value;
}
if (! is_string($value)) {
return $value;
}
$value = preg_replace('/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/u', '', $value) ?? $value;
return trim($value);
}
}
if (! function_exists('require_env')) {
/**
* Fetch an environment variable and fail closed when it is missing.
*/
function require_env(string $key): string
{
$value = env($key);
if ($value === null || $value === '') {
throw new RuntimeException(sprintf('Missing required environment variable: %s', $key));
}
return (string) $value;
}
}
+2 -1
View File
@@ -16,8 +16,9 @@ class StaffTimeOffLinkService
public function __construct(?string $secret = null, ?int $ttlSeconds = null) public function __construct(?string $secret = null, ?int $ttlSeconds = null)
{ {
helper('jwt'); helper('jwt');
helper('security');
$this->secret = $secret ?: (string)env('JWT_SECRET', 'change-me-in-env'); $this->secret = $secret ?: require_env('JWT_SECRET');
$this->ttl = ($ttlSeconds !== null && $ttlSeconds > 0) ? $ttlSeconds : self::DEFAULT_TTL; $this->ttl = ($ttlSeconds !== null && $ttlSeconds > 0) ? $ttlSeconds : self::DEFAULT_TTL;
} }
+136
View File
@@ -0,0 +1,136 @@
<?php
namespace App\Listeners;
use Config\Services;
class DecisionEmailListener
{
public static function handle(array $payload): void
{
$studentId = (int)($payload['student_id'] ?? 0);
$studentName = (string)($payload['student_name'] ?? '');
$classSection= (string)($payload['class_section_name'] ?? '');
$semester = (string)($payload['semester'] ?? '');
$schoolYear = (string)($payload['school_year'] ?? '');
$decision = (string)($payload['decision'] ?? '');
$notes = (string)($payload['notes'] ?? '');
$scores = is_array($payload['scores'] ?? null) ? $payload['scores'] : [];
$allSemesters = is_array($payload['all_semesters'] ?? null) ? $payload['all_semesters'] : [];
if ($studentId <= 0) {
log_message('warning', 'DecisionEmail: missing student_id');
return;
}
$db = \Config\Database::connect();
$rows = $db->query(
"SELECT u.firstname, u.lastname, u.email, fg.is_primary
FROM family_students fs
JOIN family_guardians fg ON fg.family_id = fs.family_id
JOIN users u ON u.id = fg.user_id
WHERE fs.student_id = ?
AND fg.receive_emails = 1
AND u.email IS NOT NULL AND u.email != ''
ORDER BY fg.is_primary DESC, u.lastname, u.firstname",
[$studentId]
)->getResultArray();
if (empty($rows)) {
log_message('warning', 'DecisionEmail: no guardian emails for student_id=' . $studentId);
return;
}
$emails = [];
foreach ($rows as $row) {
$em = trim((string)($row['email'] ?? ''));
if ($em !== '') $emails[$em] = true;
}
$emails = array_keys($emails);
$primary = $rows[0] ?? [];
$parentName = trim((string)($primary['firstname'] ?? '') . ' ' . (string)($primary['lastname'] ?? ''));
$subject = (string)($payload['subject'] ?? '');
if ($subject === '') {
$subject = 'Academic Decision';
if ($studentName !== '') $subject .= ' — ' . $studentName;
if ($semester !== '' || $schoolYear !== '') {
$subject .= ' (' . trim($semester . ' ' . $schoolYear) . ')';
}
}
$emailData = [
'title' => $subject,
'parent_name' => $parentName !== '' ? $parentName : 'Parent/Guardian',
'student_name' => $studentName !== '' ? $studentName : 'your student',
'class_section_name' => $classSection,
'semester' => $semester,
'school_year' => $schoolYear,
'decision' => $decision,
'notes' => $notes,
'scores' => $scores,
'all_semesters' => $allSemesters,
];
$html = trim((string)($payload['html'] ?? ''));
if ($html === '') {
$html = view('emails/below_sixty_decision', $emailData, ['saveData' => true]);
}
$okAny = false;
foreach ($emails as $to) {
$ok = self::sendViaEmailService($to, $subject, $html);
if (!$ok) {
$ok = self::sendViaCiEmail($to, $subject, $html);
}
$okAny = $okAny || $ok;
}
if ($okAny) {
log_message('info', 'DecisionEmail: sent for student_id=' . $studentId);
} else {
log_message('error', 'DecisionEmail: failed for student_id=' . $studentId);
}
}
protected static function sendViaEmailService(string $to, string $subject, string $html): bool
{
try {
$svc = function_exists('service') ? service('emailService') : null;
if (!$svc && method_exists(Services::class, 'emailService')) {
$svc = Services::emailService();
}
if (!$svc) return false;
return (bool)$svc->send($to, $subject, $html, 'general');
} catch (\Throwable $e) {
log_message('debug', 'DecisionEmail sendViaEmailService failed: ' . $e->getMessage());
return false;
}
}
protected static function sendViaCiEmail(string $to, string $subject, string $html): bool
{
try {
$email = Services::email();
$cfg = config('Email');
$fromEmail = $cfg->fromEmail ?? $cfg->SMTPUser ?? 'no-reply@example.com';
$fromName = $cfg->fromName ?? 'Al Rahma Sunday School';
$email->setTo($to);
$email->setFrom($fromEmail, $fromName);
$email->setSubject($subject);
$email->setMessage($html);
$email->setMailType('html');
$ok = $email->send();
if (!$ok) {
$dbg = method_exists($email, 'printDebugger') ? $email->printDebugger(['headers', 'subject']) : 'no debugger';
log_message('debug', 'DecisionEmail CI send failed: ' . print_r($dbg, true));
}
return $ok;
} catch (\Throwable $e) {
log_message('debug', 'DecisionEmail sendViaCiEmail exception: ' . $e->getMessage());
return false;
}
}
}
+24
View File
@@ -0,0 +1,24 @@
<?php
namespace App\Models;
use CodeIgniter\Model;
class BelowSixtyDecisionModel extends Model
{
protected $table = 'below_sixty_decisions';
protected $primaryKey = 'id';
protected $allowedFields = [
'student_id',
'semester',
'school_year',
'decision',
'notes',
'decided_by',
];
protected $useTimestamps = true;
protected $createdField = 'created_at';
protected $updatedField = 'updated_at';
}
+71
View File
@@ -0,0 +1,71 @@
<?php
namespace App\Models;
use CodeIgniter\Model;
class CertificateRecordModel extends Model
{
protected $table = 'certificate_records';
protected $primaryKey = 'id';
protected $useTimestamps = true;
protected $allowedFields = [
'certificate_number',
'student_id',
'student_name',
'grade',
'cert_date',
'school_year',
'class_section_id',
'issued_by',
'issued_at',
];
/**
* Generates the next certificate number for a given school year.
* Format: ARSS-{school_year}-{4-digit sequence} e.g. ARSS-2025-2026-0003
* Uses a transaction + row count to guarantee uniqueness within a request.
* Academic Records and Student Services (ARSS)
*/
public function nextNumber(string $schoolYear): string
{
$db = \Config\Database::connect();
$db->transStart();
$count = $db->table($this->table)
->where('school_year', $schoolYear)
->countAllResults();
$seq = str_pad($count + 1, 4, '0', STR_PAD_LEFT);
$db->transComplete();
return 'ARSS-' . $schoolYear . '-' . $seq;
}
/** Returns paginated records with the issuing admin's name joined. */
public function getAuditLog(?string $schoolYear = null, int $perPage = 50): array
{
$builder = $this->db->table($this->table . ' cr')
->select('cr.*, u.firstname AS admin_firstname, u.lastname AS admin_lastname')
->join('users u', 'u.id = cr.issued_by', 'left')
->orderBy('cr.issued_at', 'DESC');
if ($schoolYear) {
$builder->where('cr.school_year', $schoolYear);
}
return $builder->get()->getResultArray();
}
/** Total certificates issued per school year, ordered by year DESC. */
public function yearSummary(): array
{
return $this->db->table($this->table)
->select('school_year, COUNT(*) AS total')
->groupBy('school_year')
->orderBy('school_year', 'DESC')
->get()->getResultArray();
}
}
+44
View File
@@ -4,6 +4,15 @@ namespace App\Models;
use CodeIgniter\Model; use CodeIgniter\Model;
/**
* Weekly class progress reports (one row per subject per week).
*
* unit_title stores a compact summary of unit/chapter rows: segments joined with " ; ".
* Teacher-entered custom Islamic or Quran topics use the prefix "Custom / {text}"
* (see {@see \App\Controllers\ClassProgressController::CUSTOM_UNIT_ROW_LABEL} and
* {@see \App\Controllers\ClassProgressController::splitUnitTitleForDisplay()}).
* DB column is VARCHAR(120); controller truncates to match.
*/
class ClassProgressReportModel extends Model class ClassProgressReportModel extends Model
{ {
protected $table = 'class_progress_reports'; protected $table = 'class_progress_reports';
@@ -27,7 +36,42 @@ class ClassProgressReportModel extends Model
'flags_json', 'flags_json',
'attachment_path', 'attachment_path',
]; ];
protected $useTimestamps = true; protected $useTimestamps = true;
protected $createdField = 'created_at'; protected $createdField = 'created_at';
protected $updatedField = 'updated_at'; protected $updatedField = 'updated_at';
/**
* Validation is performed in {@see \App\Controllers\ClassProgressController} on HTTP input.
* Rules below document schema limits and can be enabled if you set {@see $skipValidation} to false.
*/
protected $skipValidation = true;
protected $validationRules = [
'class_section_id' => 'required|integer',
'teacher_id' => 'required|integer',
'week_start' => 'required|valid_date[Y-m-d]',
'week_end' => 'required|valid_date[Y-m-d]',
'subject' => 'required|string|max_length[160]',
'unit_title' => 'permit_empty|string|max_length[120]',
'covered' => 'permit_empty|string',
'homework' => 'permit_empty|string',
'assessment' => 'permit_empty|string',
'status' => 'permit_empty|in_list[on_track,slightly_behind,behind]',
'status_notes' => 'permit_empty|string|max_length[200]',
'class_notes' => 'permit_empty|string',
'next_week_plan' => 'permit_empty|string',
'support_needed' => 'permit_empty|string',
'flags_json' => 'permit_empty|string',
'attachment_path' => 'permit_empty|string|max_length[255]',
];
protected $validationMessages = [
'unit_title' => [
'max_length' => 'Unit and chapter summary cannot exceed 120 characters.',
],
'subject' => [
'max_length' => 'Subject cannot exceed 160 characters.',
],
];
} }
+6 -4
View File
@@ -22,11 +22,13 @@ class ConfigurationModel extends Model
*/ */
public function getConfigValueByKey(string $key) public function getConfigValueByKey(string $key)
{ {
// Deterministic read in case historical duplicates exist // Use a fresh builder to avoid stale state from shared model builder.
$result = $this->where('config_key', $key) $builder = $this->db->table($this->table);
$result = $builder->where('config_key', $key)
->orderBy('id', 'DESC') ->orderBy('id', 'DESC')
->first(); ->get(1)
return $result ? $result['config_value'] : null; ->getRowArray();
return $result['config_value'] ?? null;
} }
/** /**
+13 -1
View File
@@ -15,8 +15,20 @@ class EventChargesModel extends Model
'student_id', 'student_id',
'participation', 'participation',
'charged', 'charged',
'waiver_signed',
'event_paid',
'event_payment_id',
'class_section_id',
'external_firstname',
'external_lastname',
'external_note',
'external_parent_firstname',
'external_parent_lastname',
'external_parent_phone',
'external_parent_email',
'semester', 'semester',
'school_year', 'school_year',
'created_by',
'updated_by', 'updated_by',
'created_at', 'created_at',
'updated_at' 'updated_at'
@@ -30,7 +42,7 @@ class EventChargesModel extends Model
public function getChargesWithEventInfo($parentId = null, $schoolYear = null, $semester = null) public function getChargesWithEventInfo($parentId = null, $schoolYear = null, $semester = null)
{ {
$builder = $this->select('event_charges.*, events.event_name, events.amount') $builder = $this->select('event_charges.*, events.event_name, events.amount AS event_amount, events.description AS event_description')
->join('events', 'events.id = event_charges.event_id', 'left'); ->join('events', 'events.id = event_charges.event_id', 'left');
if ($parentId) { if ($parentId) {
+68 -5
View File
@@ -8,19 +8,51 @@ class ExamDraftModel extends Model
{ {
protected $table = 'exam_drafts'; protected $table = 'exam_drafts';
protected $primaryKey = 'id'; protected $primaryKey = 'id';
protected $returnType = 'array';
protected $useTimestamps = true;
protected $createdField = 'created_at';
protected $updatedField = 'updated_at';
protected bool $updateOnlyChanged = false;
/** @var list<string> Stored in `status` column */
public const STATUSES = [
'submitted',
'accepted',
'review needed',
'rejected',
'canceled',
'under review',
'legacy',
];
/** @var list<string> Stored in `acceptance_type` when status is finalized */
public const ACCEPTANCE_TYPES = [
'as_is',
'minor_edits',
];
protected $allowedFields = [ protected $allowedFields = [
'teacher_id', 'teacher_id',
'author_id',
'class_section_id', 'class_section_id',
'semester', 'semester',
'school_year', 'school_year',
'exam_type', 'exam_type',
'draft_title', 'draft_title',
'author_comment',
'description', 'description',
'teacher_file', 'teacher_file',
'teacher_filename', 'teacher_filename',
'author_file',
'author_filename',
'status', 'status',
'acceptance_type',
'review_revision',
'reviewer_id',
'admin_id', 'admin_id',
'is_legacy', 'is_legacy',
'reviewer_comment',
'reviewer_comments',
'admin_comments', 'admin_comments',
'reviewed_at', 'reviewed_at',
'final_file', 'final_file',
@@ -29,9 +61,40 @@ class ExamDraftModel extends Model
'version', 'version',
'previous_draft_id', 'previous_draft_id',
]; ];
protected $returnType = 'array';
protected $useTimestamps = true; /**
protected $createdField = 'created_at'; * Applied on insert/update when validation runs (e.g. $model->insert($data, true)).
protected $updatedField = 'updated_at'; * Uses if_exist so partial updates still validate only keys present in $data.
protected bool $updateOnlyChanged = false; // force updates even if CI thinks nothing changed */
protected $validationRules = [
'status' => 'if_exist|in_list[submitted,accepted,review needed,rejected,canceled,under review,legacy]',
'acceptance_type' => 'if_exist|permit_empty|in_list[as_is,minor_edits]',
'author_id' => 'if_exist|is_natural_no_zero',
'class_section_id' => 'if_exist|is_natural_no_zero',
'version' => 'if_exist|is_natural_no_zero',
];
protected $validationMessages = [
'status' => [
'in_list' => 'Invalid exam draft status.',
],
'acceptance_type' => [
'in_list' => 'Acceptance must be as_is or minor_edits.',
],
];
/**
* @var array<string, string>
*/
protected array $casts = [
'teacher_id' => 'int',
'author_id' => 'int',
'class_section_id' => 'int',
'reviewer_id' => '?int',
'admin_id' => '?int',
'review_revision' => 'int',
'version' => 'int',
'previous_draft_id' => '?int',
'is_legacy' => 'boolean',
];
} }
+27
View File
@@ -0,0 +1,27 @@
<?php
namespace App\Models;
use CodeIgniter\Model;
class StudentDecisionModel extends Model
{
protected $table = 'student_decisions';
protected $primaryKey = 'id';
protected $allowedFields = [
'student_id',
'semester',
'school_year',
'class_section_name',
'semester_score',
'decision',
'source',
'notes',
'generated_by',
];
protected $useTimestamps = true;
protected $createdField = 'created_at';
protected $updatedField = 'updated_at';
}
+1
View File
@@ -27,6 +27,7 @@ class SubjectCurriculumModel extends Model
return $this->where('class_id', $classId) return $this->where('class_id', $classId)
->where('subject', $subject) ->where('subject', $subject)
->orderBy('unit_number', 'ASC') ->orderBy('unit_number', 'ASC')
->orderBy("CAST(SUBSTRING_INDEX(chapter_name, '.', 1) AS UNSIGNED)", 'ASC', false)
->orderBy('chapter_name', 'ASC') ->orderBy('chapter_name', 'ASC')
->findAll(); ->findAll();
} }
+3 -3
View File
@@ -71,7 +71,7 @@ class TeacherClassModel extends Model
$builder = $this->db->table('teacher_class tc') $builder = $this->db->table('teacher_class tc')
->select([ ->select([
'cs.class_section_name', 'cs.class_section_name',
'cs.id AS class_section_pk', 'cs.class_section_id AS class_section_pk',
'cs.class_section_id', 'cs.class_section_id',
'c.id AS class_id', 'c.id AS class_id',
'c.class_name', 'c.class_name',
@@ -181,10 +181,10 @@ class TeacherClassModel extends Model
{ {
$db = \Config\Database::connect(); $db = \Config\Database::connect();
// Adjust table/column names if yours differ (e.g., cs.id vs cs.class_section_id) // Adjust table/column names if yours differ (e.g., cs.class_section_id vs cs.id)
$row = $db->table('classSection cs') $row = $db->table('classSection cs')
->select('u.id AS teacher_id, u.firstname, u.lastname') ->select('u.id AS teacher_id, u.firstname, u.lastname')
->join('teacher_class tc', 'tc.class_section_id = cs.id', 'inner') ->join('teacher_class tc', 'tc.class_section_id = cs.class_section_id', 'inner')
->join('users u', 'u.id = tc.teacher_id', 'inner') ->join('users u', 'u.id = tc.teacher_id', 'inner')
->where('cs.class_section_name', $classSectionName) ->where('cs.class_section_name', $classSectionName)
->where('tc.school_year', $schoolYear) ->where('tc.school_year', $schoolYear)
+3 -3
View File
@@ -34,11 +34,11 @@ class TeacherModel extends Model
public function getTeachersAndTAs(): array public function getTeachersAndTAs(): array
{ {
return $this->db->table('users u') return $this->db->table('users u')
->select('u.id, u.firstname, u.lastname, u.email, u.cellphone, r.name as role') ->select('u.id, u.firstname, u.lastname, u.email, u.cellphone, MIN(r.name) as role')
->join('user_roles ur', 'ur.user_id = u.id') ->join('user_roles ur', 'ur.user_id = u.id')
->join('roles r', 'r.id = ur.role_id') ->join('roles r', 'r.id = ur.role_id')
->whereIn('r.name', ['teacher', 'teacher_assistant']) // ✅ Filter only relevant roles ->whereIn('r.name', ['teacher', 'teacher_assistant']) // ✅ Filter only relevant roles
->groupBy('u.id') ->groupBy('u.id, u.firstname, u.lastname, u.email, u.cellphone')
->orderBy('u.lastname', 'ASC') ->orderBy('u.lastname', 'ASC')
->get() ->get()
->getResultArray(); ->getResultArray();
@@ -72,4 +72,4 @@ public function getTeachersAndTAs(): array
->get() ->get()
->getResultArray(); ->getResultArray();
} }
} }
+40
View File
@@ -8,6 +8,7 @@ class EmailService
{ {
protected array $senders; protected array $senders;
protected EmailController $mailer; protected EmailController $mailer;
protected int $lastCcBatchCount = 0;
public function __construct() public function __construct()
{ {
@@ -73,6 +74,45 @@ class EmailService
return $allOk; return $allOk;
} }
/**
* Send one email with all recipients in CC.
*/
public function sendCc(array $ccList, string $subject, string $message, string $fromKey = 'general', array $attachments = [], array $headers = []): bool
{
$this->lastCcBatchCount = 0;
if (empty($ccList)) {
return true;
}
$sender = $this->getSenderDetails($fromKey);
$to = trim((string) ($sender['email'] ?? ''));
if ($to === '' || !filter_var($to, FILTER_VALIDATE_EMAIL)) {
$fallback = trim((string) (getenv('SMTP_USER') ?: ''));
$to = filter_var($fallback, FILTER_VALIDATE_EMAIL) ? $fallback : 'no-reply@alrahmaisgl.org';
}
$attachmentsPayload = $this->normalizeAttachments($attachments);
$chunks = array_chunk(array_values($ccList), 10);
$this->lastCcBatchCount = count($chunks);
$allOk = true;
foreach ($chunks as $index => $chunk) {
$ok = $this->mailer->sendEmailWithCc($to, $chunk, $subject, $message, $fromKey, null, null, $attachmentsPayload);
if (!$ok) {
$allOk = false;
log_message('error', 'EmailService::sendCc failed for batch ' . ($index + 1) . ' of ' . count($chunks));
}
}
return $allOk;
}
public function getLastCcBatchCount(): int
{
return $this->lastCcBatchCount;
}
/** /**
* Normalize various attachment inputs to the format expected by EmailController. * Normalize various attachment inputs to the format expected by EmailController.
*/ */
+17 -2
View File
@@ -72,11 +72,26 @@ class SemesterRangeService
$y1 = (int)$m[1]; $y1 = (int)$m[1];
$y2 = (int)$m[2]; $y2 = (int)$m[2];
$normalized = ucfirst(strtolower(trim($semester))); $normalized = ucfirst(strtolower(trim($semester)));
$fallStartCfg = (string)($this->configModel->getConfig('fall_semester_start') ?? '');
$fallEndCfg = (string)($this->configModel->getConfig('fall_end_date') ?? '');
$springStartCfg = (string)($this->configModel->getConfig('spring_semester_start') ?? '');
$springEndCfg = (string)($this->configModel->getConfig('last_school_day') ?? '');
$md = static fn(string $cfg, int $year, string $fallback): string =>
$cfg !== '' ? sprintf('%04d-%s', $year, date('m-d', strtotime($cfg))) : $fallback;
if ($normalized === 'Fall') { if ($normalized === 'Fall') {
return [sprintf('%04d-09-21', $y1), sprintf('%04d-01-18', $y2)]; return [
$md($fallStartCfg, $y1, sprintf('%04d-09-21', $y1)),
$md($fallEndCfg, $y2, sprintf('%04d-01-18', $y2)),
];
} }
if ($normalized === 'Spring') { if ($normalized === 'Spring') {
return [sprintf('%04d-01-25', $y2), sprintf('%04d-05-31', $y2)]; return [
$md($springStartCfg, $y2, sprintf('%04d-01-25', $y2)),
$md($springEndCfg, $y2, sprintf('%04d-05-31', $y2)),
];
} }
return null; return null;
} }
+16 -1
View File
@@ -167,8 +167,13 @@ class TimeService
return null; return null;
} }
$sourceTz = $sourceTz ?: $this->serverTimezone;
$targetTz = $targetTz ?: $this->userTimezone(); $targetTz = $targetTz ?: $this->userTimezone();
if ($sourceTz === null && $this->isDateOnlyString($value)) {
// Date-only strings should not shift across timezones.
$sourceTz = $targetTz;
} else {
$sourceTz = $sourceTz ?: $this->serverTimezone;
}
try { try {
if ($value instanceof Time) { if ($value instanceof Time) {
@@ -204,4 +209,14 @@ class TimeService
{ {
return (string) ($this->toUTC($value, $fromTz, $format) ?? ''); return (string) ($this->toUTC($value, $fromTz, $format) ?? '');
} }
private function isDateOnlyString($value): bool
{
if (!is_string($value)) {
return false;
}
$value = trim($value);
return (bool) preg_match('/^\d{4}-\d{2}-\d{2}$/', $value);
}
} }
+6 -6
View File
@@ -212,42 +212,42 @@
<div class="col-4"> <div class="col-4">
<img <img
class="img-fluid rounded bg-light p-1" class="img-fluid rounded bg-light p-1"
src=""assets/images/classes-1.jpg" src="assets/images/classes-1.jpg"
alt="" alt=""
/> />
</div> </div>
<div class="col-4"> <div class="col-4">
<img <img
class="img-fluid rounded bg-light p-1" class="img-fluid rounded bg-light p-1"
src=""assets/images/classes-2.jpg" src="assets/images/classes-2.jpg"
alt="" alt=""
/> />
</div> </div>
<div class="col-4"> <div class="col-4">
<img <img
class="img-fluid rounded bg-light p-1" class="img-fluid rounded bg-light p-1"
src=""assets/images/classes-3.jpg" src="assets/images/classes-3.jpg"
alt="" alt=""
/> />
</div> </div>
<div class="col-4"> <div class="col-4">
<img <img
class="img-fluid rounded bg-light p-1" class="img-fluid rounded bg-light p-1"
src=""assets/images/classes-4.jpg" src="assets/images/classes-4.jpg"
alt="" alt=""
/> />
</div> </div>
<div class="col-4"> <div class="col-4">
<img <img
class="img-fluid rounded bg-light p-1" class="img-fluid rounded bg-light p-1"
src=""assets/images/classes-5.jpg" src="assets/images/classes-5.jpg"
alt="" alt=""
/> />
</div> </div>
<div class="col-4"> <div class="col-4">
<img <img
class="img-fluid rounded bg-light p-1" class="img-fluid rounded bg-light p-1"
src=""assets/images/classes-6.jpg" src="assets/images/classes-6.jpg"
alt="" alt=""
/> />
</div> </div>
+7 -7
View File
@@ -170,22 +170,22 @@
<h3 class="text-white mb-4">Photo Gallery</h3> <h3 class="text-white mb-4">Photo Gallery</h3>
<div class="row g-2 pt-2"> <div class="row g-2 pt-2">
<div class="col-4"> <div class="col-4">
<img class="img-fluid rounded bg-light p-1" src="<?= base_url('"assets/images/classes-1.jpg') ?>" alt=""> <img class="img-fluid rounded bg-light p-1" src="<?= base_url('assets/images/classes-1.jpg') ?>" alt="">
</div> </div>
<div class="col-4"> <div class="col-4">
<img class="img-fluid rounded bg-light p-1" src="<?= base_url('"assets/images/classes-2.jpg') ?>" alt=""> <img class="img-fluid rounded bg-light p-1" src="<?= base_url('assets/images/classes-2.jpg') ?>" alt="">
</div> </div>
<div class="col-4"> <div class="col-4">
<img class="img-fluid rounded bg-light p-1" src="<?= base_url('"assets/images/classes-3.jpg') ?>" alt=""> <img class="img-fluid rounded bg-light p-1" src="<?= base_url('assets/images/classes-3.jpg') ?>" alt="">
</div> </div>
<div class="col-4"> <div class="col-4">
<img class="img-fluid rounded bg-light p-1" src="<?= base_url('"assets/images/classes-4.jpg') ?>" alt=""> <img class="img-fluid rounded bg-light p-1" src="<?= base_url('assets/images/classes-4.jpg') ?>" alt="">
</div> </div>
<div class="col-4"> <div class="col-4">
<img class="img-fluid rounded bg-light p-1" src="<?= base_url('"assets/images/classes-5.jpg') ?>" alt=""> <img class="img-fluid rounded bg-light p-1" src="<?= base_url('assets/images/classes-5.jpg') ?>" alt="">
</div> </div>
<div class="col-4"> <div class="col-4">
<img class="img-fluid rounded bg-light p-1" src="<?= base_url('"assets/images/classes-6.jpg') ?>" alt=""> <img class="img-fluid rounded bg-light p-1" src="<?= base_url('assets/images/classes-6.jpg') ?>" alt="">
</div> </div>
</div> </div>
</div> </div>
@@ -236,4 +236,4 @@
<script src="<?= base_url('js/main.js') ?>"></script> <script src="<?= base_url('js/main.js') ?>"></script>
</body> </body>
</html> </html>
@@ -0,0 +1,97 @@
<?= $this->extend('layout/management_layout') ?>
<?= $this->section('content') ?>
<div class="container-fluid py-4">
<div class="d-flex align-items-center justify-content-between flex-wrap gap-2 mb-3">
<div>
<h2 class="mb-0"><i class="bi bi-journal-check me-2"></i>Certificate Audit Log</h2>
<div class="text-muted small">Every issued certificate is recorded here for tracking and auditing.</div>
</div>
<a href="<?= site_url('administrator/certificates') ?>" class="btn btn-outline-secondary btn-sm">
<i class="bi bi-award me-1"></i>Generate Certificates
</a>
</div>
<!-- Year summary cards -->
<?php if (!empty($yearSummary)): ?>
<div class="row g-3 mb-4">
<?php foreach ($yearSummary as $yr): ?>
<div class="col-auto">
<div class="card shadow-sm text-center px-4 py-2" style="min-width:150px;">
<div class="fw-bold fs-4"><?= (int) $yr['total'] ?></div>
<div class="text-muted small"><?= esc($yr['school_year']) ?></div>
</div>
</div>
<?php endforeach; ?>
</div>
<?php endif; ?>
<!-- Year filter -->
<div class="card shadow-sm mb-4">
<div class="card-body py-2">
<form method="get" action="<?= site_url('administrator/certificates/log') ?>" class="row g-2 align-items-center">
<div class="col-auto">
<label class="col-form-label fw-semibold">School Year</label>
</div>
<div class="col-auto">
<select name="school_year" class="form-select form-select-sm" onchange="this.form.submit()">
<option value="">— All years —</option>
<?php foreach ($yearSummary as $yr): ?>
<option value="<?= esc($yr['school_year']) ?>"
<?= ($yr['school_year'] === $schoolYear) ? 'selected' : '' ?>>
<?= esc($yr['school_year']) ?> (<?= (int) $yr['total'] ?>)
</option>
<?php endforeach; ?>
</select>
</div>
</form>
</div>
</div>
<!-- Records table -->
<div class="card shadow-sm">
<div class="card-header d-flex justify-content-between align-items-center">
<span class="fw-semibold">Issued Certificates
<span class="badge bg-secondary ms-1"><?= count($records) ?></span>
</span>
</div>
<div class="card-body p-0">
<div class="table-responsive">
<table class="table table-hover table-striped align-middle mb-0 no-mgmt-sticky">
<thead class="table-light">
<tr>
<th>Certificate #</th>
<th>Student</th>
<th>Grade</th>
<th>Cert Date</th>
<th>School Year</th>
<th>Issued By</th>
<th>Issued At</th>
</tr>
</thead>
<tbody>
<?php if (empty($records)): ?>
<tr><td colspan="7" class="text-center text-muted py-4">No certificates issued yet.</td></tr>
<?php else: ?>
<?php foreach ($records as $r): ?>
<tr>
<td><code><?= esc($r['certificate_number']) ?></code></td>
<td><?= esc($r['student_name']) ?></td>
<td><?= esc($r['grade'] ?? '—') ?></td>
<td><?= $r['cert_date'] ? esc(date('m/d/Y', strtotime($r['cert_date']))) : '—' ?></td>
<td><?= esc($r['school_year'] ?? '—') ?></td>
<td><?= esc(trim(($r['admin_firstname'] ?? '') . ' ' . ($r['admin_lastname'] ?? '')) ?: '—') ?></td>
<td><?= esc($r['issued_at'] ? date('m/d/Y g:i A', strtotime($r['issued_at'])) : '—') ?></td>
</tr>
<?php endforeach; ?>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
</div>
</div>
<?= $this->endSection() ?>
+424
View File
@@ -0,0 +1,424 @@
<?= $this->extend('layout/management_layout') ?>
<?= $this->section('content') ?>
<div class="container-fluid">
<div class="wrapper">
<?php
// ── Group sections by grade (mirrors daily_attendance logic) ─────────────────
$gradeGroups = []; // sortKey => ['label'=>, 'slug'=>, 'csids'=>[]]
foreach ($statsPerClass as $csid => $cs) {
$name = $cs['name'];
$lower = strtolower(trim($name));
if (preg_match('/grade\s*(\d+)/i', $name, $m)) {
$n = (int)$m[1];
$label = 'Grade ' . $n;
$sortKey = '1_' . str_pad($n, 3, '0', STR_PAD_LEFT);
$slug = 'grade' . $n;
} elseif (strpos($lower, 'kg') !== false || strpos($lower, 'kindergarten') !== false) {
$label = 'KG';
$sortKey = '0_kg';
$slug = 'kg';
} elseif (strpos($lower, 'arabic') !== false) {
$label = 'Arabic';
$sortKey = '2_arabic';
$slug = 'arabic';
} elseif (strpos($lower, 'youth') !== false) {
$label = 'Youth';
$sortKey = '5_youth';
$slug = 'youth';
} else {
$label = $name;
$sortKey = '3_' . $lower;
$slug = preg_replace('/[^a-z0-9]+/', '-', $lower);
}
if (!isset($gradeGroups[$sortKey])) {
$gradeGroups[$sortKey] = ['label' => $label, 'slug' => $slug, 'csids' => []];
}
$gradeGroups[$sortKey]['csids'][] = $csid;
}
ksort($gradeGroups);
$gradeKeys = array_keys($gradeGroups);
$defaultKey = $gradeKeys[0] ?? null;
$decisionBadge = [
'Pass' => 'success',
'Repeat Class' => 'danger',
'Make-up exam in fall' => 'info',
'Deferred decision' => 'info',
'Expel' => 'danger',
'Withdrawn' => 'secondary',
];
?>
<h2 class="text-center mt-4 mb-3"><i class="bi bi-award me-2"></i>Generate Certificates</h2>
<!-- School year filter -->
<div class="d-flex justify-content-end mb-3">
<form method="get" action="<?= site_url('administrator/certificates') ?>" class="d-flex gap-2 align-items-center">
<label class="form-label mb-0 me-1 text-muted small">School Year</label>
<input type="text" name="school_year" class="form-control form-control-sm" style="width:130px;"
value="<?= esc($schoolYear) ?>" placeholder="e.g. 2024-2025">
<button type="submit" class="btn btn-sm btn-outline-primary">
<i class="bi bi-arrow-repeat me-1"></i>Reload
</button>
</form>
</div>
<?php if (session()->getFlashdata('error')): ?>
<div class="alert alert-danger alert-dismissible fade show" role="alert">
<?= esc(session()->getFlashdata('error')) ?>
<button type="button" class="btn-close" data-bs-dismiss="alert"></button>
</div>
<?php endif; ?>
<?php if (empty($gradeGroups)): ?>
<div class="alert alert-info">No classes found for <?= esc($schoolYear) ?>.</div>
<?php else: ?>
<!-- Grade tabs -->
<ul class="nav nav-tabs justify-content-center" id="certTabs" role="tablist" style="flex-wrap:wrap;row-gap:.25rem;">
<?php foreach ($gradeGroups as $key => $group): ?>
<?php
$slug = $group['slug'];
$label = $group['label'];
$total = array_sum(array_map(fn($id) => $statsPerClass[$id]['total'] ?? 0, $group['csids']));
$grpPass = array_sum(array_map(fn($id) => $statsPerClass[$id]['pass'] ?? 0, $group['csids']));
$grpCert = array_sum(array_map(fn($id) => $statsPerClass[$id]['cert'] ?? 0, $group['csids']));
$fullyDone = $grpPass > 0 && $grpCert >= $grpPass;
$hasPass = $grpPass > 0;
$isActive = ($key === $defaultKey);
$statusTitle = $hasPass
? ($fullyDone ? 'Fully generated (' . $grpCert . '/' . $grpPass . ')' : 'Not fully generated (' . $grpCert . '/' . $grpPass . ')')
: 'No eligible students';
?>
<li class="nav-item" role="presentation">
<a class="nav-link <?= $isActive ? 'active' : '' ?>"
id="cert-<?= esc($slug) ?>-tab"
data-bs-toggle="tab"
href="#cert-<?= esc($slug) ?>"
role="tab"
aria-controls="cert-<?= esc($slug) ?>"
aria-selected="<?= $isActive ? 'true' : 'false' ?>">
<span class="cert-status-dot <?= !$hasPass ? 'no-eligible' : ($fullyDone ? 'done' : 'pending') ?>"
title="<?= esc($statusTitle) ?>"></span>
<?= esc($label) ?>
<span class="badge bg-secondary ms-1"><?= $total ?></span>
</a>
</li>
<?php endforeach; ?>
</ul>
<!-- Tab content -->
<div class="tab-content mt-3" id="certTabContent">
<?php foreach ($gradeGroups as $key => $group): ?>
<?php $isActive = ($key === $defaultKey); ?>
<div class="tab-pane fade <?= $isActive ? 'show active' : '' ?>"
id="cert-<?= esc($group['slug']) ?>"
role="tabpanel"
aria-labelledby="cert-<?= esc($group['slug']) ?>-tab">
<?php foreach ($group['csids'] as $csid): ?>
<?php
$cs = $statsPerClass[$csid];
$students = $studentsByClass[$csid] ?? [];
$csPass = $cs['pass'];
$csCert = $cs['cert'];
$csRemain = max(0, $csPass - $csCert);
$formId = 'certForm-' . $csid;
$tableId = 'studentsTable-' . $csid;
?>
<h4 class="mt-4 mb-2 text-center"><?= esc($cs['name']) ?></h4>
<?php if (empty($students)): ?>
<p class="text-muted text-center">No active students.</p>
<?php else: ?>
<form method="post" action="<?= site_url('administrator/certificates/generate') ?>"
id="<?= esc($formId) ?>" class="cert-form mb-5">
<?= csrf_field() ?>
<input type="hidden" name="class_section_id" value="<?= (int)$csid ?>">
<input type="hidden" name="school_year" value="<?= esc($schoolYear) ?>">
<!-- Stats + date picker -->
<div class="d-flex justify-content-between align-items-center flex-wrap gap-2 mb-2">
<div class="d-flex align-items-center gap-4 flex-wrap">
<span class="fw-semibold">
Students <span class="badge bg-secondary ms-1"><?= count($students) ?></span>
</span>
<span class="text-muted small">
<strong class="text-success"><?= $csPass ?></strong> Pass
</span>
<span class="text-muted small">
<strong class="text-primary"><?= $csCert ?></strong> Generated
</span>
<span class="text-muted small">
<strong class="<?= $csRemain > 0 ? 'text-warning' : 'text-muted' ?>"><?= $csRemain ?></strong> Remaining
</span>
</div>
<div class="input-group input-group-sm" style="width:200px;">
<span class="input-group-text"><i class="bi bi-calendar3"></i></span>
<input type="date" class="form-control cert-date-picker"
value="<?= date('Y-m-d') ?>" title="Certificate date">
<input type="hidden" name="cert_date" class="cert-date-hidden" value="<?= esc($certDate) ?>">
</div>
</div>
<!-- Student table -->
<div class="table-responsive">
<table class="table table-hover table-striped align-middle mb-0 cert-students-table"
id="<?= esc($tableId) ?>">
<thead class="table-light">
<tr>
<th style="width:40px;" class="text-center">
<input class="form-check-input cert-select-all" type="checkbox">
</th>
<th>First Name</th>
<th>Last Name</th>
<th>Decision</th>
<th>Certificate No.</th>
</tr>
</thead>
<tbody>
<?php foreach ($students as $s): ?>
<?php
$sid = (int)$s['student_id'];
$stuDec = $decisionsByStudent[$sid] ?? [];
$certNo = $certsByStudent[$sid] ?? null;
$allDecs = array_map(fn($d) => $d['decision'], $stuDec);
$hasPending = in_array('', $allDecs, true);
$unique = array_values(array_unique(array_filter($allDecs, fn($d) => $d !== '')));
$isPass = !empty($stuDec) && !$hasPending && $unique === ['Pass'];
$displayDecs = $isPass ? ['Pass'] : array_values(array_filter($unique, fn($d) => $d !== 'Pass'));
?>
<tr>
<td class="text-center">
<input class="form-check-input cert-student-check" type="checkbox"
name="student_ids[]" value="<?= $sid ?>"
<?= $isPass ? '' : 'disabled' ?>>
</td>
<td><?= esc($s['firstname']) ?></td>
<td><?= esc($s['lastname']) ?></td>
<td>
<?php if (empty($stuDec)): ?>
<span class="text-muted small">—</span>
<?php elseif ($hasPending || empty($unique) || empty($displayDecs)): ?>
<span class="badge bg-warning text-dark">Pending</span>
<?php else: ?>
<?php foreach ($displayDecs as $dec): $color = $decisionBadge[$dec] ?? 'secondary'; ?>
<span class="badge bg-<?= esc($color) ?> me-1"><?= esc($dec) ?></span>
<?php endforeach; ?>
<?php endif; ?>
</td>
<td>
<?php if ($certNo): ?>
<a href="<?= site_url('administrator/certificates/reprint/' . rawurlencode($certNo)) ?>"
target="_blank" class="font-monospace small">
<?= esc($certNo) ?>
</a>
<?php else: ?>
<span class="text-muted">—</span>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<!-- Footer -->
<div class="d-flex justify-content-between align-items-center mt-2">
<span class="text-muted small cert-selected-count">0 students selected</span>
<button type="submit" class="btn btn-success cert-generate-btn" disabled>
<i class="bi bi-printer me-1"></i>Generate &amp; Print Certificates
</button>
</div>
</form>
<?php endif; ?>
<?php endforeach; ?>
</div>
<?php endforeach; ?>
</div>
<?php endif; ?>
</div><!-- .wrapper -->
</div><!-- .container-fluid -->
<script>
(function () {
const csrfRefreshUrl = <?= json_encode(site_url('administrator/certificates/csrf-token'), JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_AMP | JSON_HEX_QUOT) ?>;
let currentCsrfTokenName = <?= json_encode(csrf_token(), JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_AMP | JSON_HEX_QUOT) ?>;
function cssEscape(v) {
return window.CSS?.escape ? window.CSS.escape(v) : String(v).replace(/(["\\.#:[\],= ])/g, '\\$1');
}
function updateCsrfInForm(form, name, hash) {
if (!form || !name || !hash) return;
form.querySelectorAll('input[type="hidden"]').forEach(inp => {
if (inp.name === name || inp.name === currentCsrfTokenName) { inp.name = name; inp.value = hash; }
});
let inp = form.querySelector(`input[name="${cssEscape(name)}"]`);
if (!inp) { inp = document.createElement('input'); inp.type = 'hidden'; inp.name = name; form.appendChild(inp); }
inp.value = hash;
currentCsrfTokenName = name;
}
async function refreshCsrf(form) {
const r = await fetch(csrfRefreshUrl, { method: 'GET', credentials: 'same-origin', headers: { 'X-Requested-With': 'XMLHttpRequest', 'Cache-Control': 'no-store' } });
if (!r.ok) throw new Error('CSRF refresh failed');
const d = await r.json();
if (d?.csrf_token && d?.csrf_hash) updateCsrfInForm(form, d.csrf_token, d.csrf_hash);
}
let pdfWindow = null, activePdfBlobUrl = null;
function openPdfWindow() {
if (!pdfWindow || pdfWindow.closed) pdfWindow = window.open('', 'certificatePdfWindow');
if (!pdfWindow) return null;
pdfWindow.document.open();
pdfWindow.document.write(`<!DOCTYPE html><html><head><meta charset="utf-8"><title>Certificate PDF</title>
<style>html,body{margin:0;height:100%;background:#f3f4f6;font-family:Arial,sans-serif}.viewer-shell{display:flex;flex-direction:column;height:100%}.viewer-status{padding:12px 16px;background:#111827;color:#fff;font-size:14px}.viewer-frame{flex:1;width:100%;border:0;background:#cbd5e1}</style></head>
<body><div class="viewer-shell"><div class="viewer-status" id="viewerStatus">Preparing certificate PDF...</div><iframe class="viewer-frame" id="pdfFrame"></iframe></div>
<script>window.showCertificatePdf=function(url,fn){const f=document.getElementById('pdfFrame'),s=document.getElementById('viewerStatus');if(s)s.textContent=fn?'Showing '+fn:'Certificate PDF ready';if(f)f.src=url;document.title=fn||'Certificate PDF'};<\/script></body></html>`);
pdfWindow.document.close();
return pdfWindow;
}
function showError(pane, msg) {
let el = pane.querySelector('.cert-inline-error');
if (!el) { el = document.createElement('div'); el.className = 'alert alert-danger alert-dismissible fade show cert-inline-error'; pane.prepend(el); }
el.innerHTML = `${msg}<button type="button" class="btn-close" data-bs-dismiss="alert"></button>`;
}
document.querySelectorAll('.cert-form').forEach(function (form) {
const pane = form.closest('.tab-pane') || form.parentElement;
const selectAll = form.querySelector('.cert-select-all');
const checks = form.querySelectorAll('.cert-student-check');
const eligibleChecks = form.querySelectorAll('.cert-student-check:not([disabled])');
const generateBtn = form.querySelector('.cert-generate-btn');
const selectedCount = form.querySelector('.cert-selected-count');
const datePicker = form.querySelector('.cert-date-picker');
const dateHidden = form.querySelector('.cert-date-hidden');
if (datePicker && dateHidden) {
datePicker.addEventListener('change', function () {
const d = new Date(this.value + 'T00:00:00');
if (!isNaN(d)) dateHidden.value = String(d.getMonth()+1).padStart(2,'0')+'/'+String(d.getDate()).padStart(2,'0')+'/'+d.getFullYear();
});
}
function updateState() {
const chosen = form.querySelectorAll('.cert-student-check:checked').length;
if (selectedCount) selectedCount.textContent = chosen + ' student' + (chosen !== 1 ? 's' : '') + ' selected';
if (generateBtn) generateBtn.disabled = chosen === 0;
if (selectAll) {
const ec = eligibleChecks.length;
selectAll.checked = ec > 0 && chosen === ec;
selectAll.indeterminate = chosen > 0 && chosen < ec;
}
}
if (selectAll) {
selectAll.addEventListener('change', function () {
eligibleChecks.forEach(c => { c.checked = this.checked; });
updateState();
});
}
checks.forEach(c => c.addEventListener('change', updateState));
updateState();
form.addEventListener('submit', async function (e) {
e.preventDefault();
const chosen = form.querySelectorAll('.cert-student-check:checked').length;
if (chosen === 0) { showError(pane, 'Please select at least one student.'); return; }
const win = openPdfWindow();
if (!win) { showError(pane, 'Unable to open PDF tab — please allow pop-ups.'); return; }
const origHtml = generateBtn.innerHTML;
generateBtn.disabled = true;
generateBtn.innerHTML = '<span class="spinner-border spinner-border-sm me-1"></span>Generating...';
try {
await refreshCsrf(form);
const csrfVal = form.querySelector(`input[name="${cssEscape(currentCsrfTokenName)}"]`)?.value || '';
const fd = new FormData(form);
if (csrfVal) fd.set(currentCsrfTokenName, csrfVal);
const resp = await fetch(form.action, { method: 'POST', body: fd, credentials: 'same-origin', headers: { 'X-Requested-With': 'XMLHttpRequest' } });
const nn = resp.headers.get('X-CSRF-TOKEN-NAME'), nh = resp.headers.get('X-CSRF-TOKEN');
if (nn && nh) updateCsrfInForm(form, nn, nh);
const ct = resp.headers.get('Content-Type') || '';
if (!resp.ok || !ct.toLowerCase().includes('application/pdf')) {
let msg = 'Certificate generation failed.';
try { const d = await resp.json(); if (d?.error) msg = d.error; } catch (_) { try { msg = await resp.text() || msg; } catch (_2) {} }
win.close(); showError(pane, msg);
await refreshCsrf(form).catch(() => {});
return;
}
const disp = resp.headers.get('Content-Disposition') || '';
const fn = (disp.match(/filename="?([^"]+)"?/i) || [])[1] || 'Certificates.pdf';
const url = URL.createObjectURL(await resp.blob());
if (activePdfBlobUrl) URL.revokeObjectURL(activePdfBlobUrl);
activePdfBlobUrl = url;
win.showCertificatePdf(url, fn);
const activePane = form.closest('.tab-pane');
if (activePane?.id) window.location.hash = activePane.id;
window.location.reload();
} catch (_) {
showError(pane, 'Certificate generation failed. Please try again.');
await refreshCsrf(form).catch(() => {});
} finally {
generateBtn.innerHTML = origHtml;
updateState();
}
});
});
})();
</script>
<?= $this->section('scripts') ?>
<script>
// Restore tab from hash — runs after Bootstrap is loaded
(function () {
const hash = window.location.hash;
if (!hash) return;
const tabLink = document.querySelector('a[href="' + hash + '"][data-bs-toggle="tab"]');
if (tabLink && window.bootstrap?.Tab) {
new bootstrap.Tab(tabLink).show();
}
})();
</script>
<style>
.cert-status-dot {
display: inline-block;
width: 8px; height: 8px;
border-radius: 50%;
margin-right: 5px;
vertical-align: middle;
flex-shrink: 0;
}
.cert-status-dot.done { background-color: #198754; }
.cert-status-dot.pending { background-color: #dc3545; }
.cert-status-dot.no-eligible { background-color: #adb5bd; }
</style>
<script>
(function () {
if (!window.$ || !$.fn?.DataTable) return;
$(function () {
document.querySelectorAll('.cert-students-table').forEach(function (tbl) {
if ($.fn.DataTable.isDataTable(tbl)) return;
try {
$(tbl).DataTable({
order: [[1, 'asc'], [2, 'asc']],
pageLength: 100,
lengthMenu: [25, 50, 100, 200],
columnDefs: [{ orderable: false, targets: [0, 3, 4] }]
});
} catch (_) {}
});
});
})();
</script>
<?= $this->endSection() ?>
<?= $this->endSection() ?>
+55 -7
View File
@@ -25,6 +25,23 @@
<h3 class="mb-0">Class Progress Reports</h3> <h3 class="mb-0">Class Progress Reports</h3>
<div class="text-muted">Filter by week, class, and status</div> <div class="text-muted">Filter by week, class, and status</div>
</div> </div>
<div>
<?php
$lowProgressSectionIds = $lowProgressSectionIds ?? [];
$lowProgressQuery = implode(',', $lowProgressSectionIds);
$lowProgressUrl = base_url('administrator/teacher-submissions');
if ($lowProgressQuery !== '') {
$lowProgressUrl .= '?low_progress_sections=' . rawurlencode($lowProgressQuery);
}
?>
<a
class="btn btn-sm btn-outline-warning <?= empty($lowProgressSectionIds) ? 'disabled' : '' ?>"
href="<?= esc($lowProgressUrl) ?>"
<?= empty($lowProgressSectionIds) ? 'tabindex="-1" aria-disabled="true"' : '' ?>
>
Teachers &lt; 50%
</a>
</div>
</div> </div>
</div> </div>
@@ -115,7 +132,7 @@
$submissionLabel = $expectedDays > 0 $submissionLabel = $expectedDays > 0
? ('Submitted: ' . (int) $stat['submitted'] . ' / ' . (int) $expectedDays . ' (' . $percentLabel . ')') ? ('Submitted: ' . (int) $stat['submitted'] . ' / ' . (int) $expectedDays . ' (' . $percentLabel . ')')
: 'Submitted: N/A'; : 'Submitted: N/A';
$subjectLabel = 'Subjects: ' . $subjectCount; $subjectLabel = 'Units: ' . $subjectCount;
?> ?>
<div class="accordion-item mb-2"> <div class="accordion-item mb-2">
<h2 class="accordion-header" id="<?= esc($headingId) ?>"> <h2 class="accordion-header" id="<?= esc($headingId) ?>">
@@ -151,12 +168,33 @@
$weekLabel .= ' ' . date('M d, Y', strtotime($group['week_end'])); $weekLabel .= ' ' . date('M d, Y', strtotime($group['week_end']));
} }
$reports = $group['reports'] ?? []; $reports = $group['reports'] ?? [];
$teacherName = ''; $teacherCounts = [];
$teacherLatest = [];
foreach ($reports as $report) { foreach ($reports as $report) {
if (! empty($report['teacher_name'])) { $name = trim((string) ($report['teacher_name'] ?? ''));
$teacherName = $report['teacher_name']; if ($name === '') {
break; continue;
} }
$teacherCounts[$name] = ($teacherCounts[$name] ?? 0) + 1;
$stamp = (string) ($report['updated_at'] ?? $report['created_at'] ?? '');
if ($stamp !== '' && (!isset($teacherLatest[$name]) || $stamp > $teacherLatest[$name])) {
$teacherLatest[$name] = $stamp;
}
}
$teacherLabel = '-';
if (!empty($teacherCounts)) {
$bestName = '';
$bestCount = -1;
$bestStamp = '';
foreach ($teacherCounts as $name => $count) {
$stamp = $teacherLatest[$name] ?? '';
if ($count > $bestCount || ($count === $bestCount && $stamp > $bestStamp)) {
$bestName = $name;
$bestCount = $count;
$bestStamp = $stamp;
}
}
$teacherLabel = $bestName ?: '-';
} }
$exampleId = $reports ? reset($reports)['id'] : null; $exampleId = $reports ? reset($reports)['id'] : null;
?> ?>
@@ -176,12 +214,22 @@
<strong class="small mb-0"><?= esc($section['label'] ?? $subjectName) ?></strong> <strong class="small mb-0"><?= esc($section['label'] ?? $subjectName) ?></strong>
<span class="badge <?= $badgeClass ?>"><?= esc($statusTag) ?></span> <span class="badge <?= $badgeClass ?>"><?= esc($statusTag) ?></span>
</div> </div>
<div class="small text-muted"><?= $report ? esc($report['unit_title'] ?: '-') : 'No submission' ?></div> <div class="small">
<?php if ($report): ?>
<?= view('admin/partials/class_progress_unit_display', [
'unitTitle' => (string) ($report['unit_title'] ?? ''),
'isQuran' => ($subjectName === 'Quran/Arabic'),
'compact' => true,
]) ?>
<?php else: ?>
<span class="text-muted">No submission</span>
<?php endif; ?>
</div>
</div> </div>
<?php endforeach; ?> <?php endforeach; ?>
</div> </div>
</td> </td>
<td><?= esc($teacherName ?: '-') ?></td> <td><?= esc($teacherLabel) ?></td>
<td class="text-end"> <td class="text-end">
<?php if ($exampleId): ?> <?php if ($exampleId): ?>
<a class="btn btn-sm btn-outline-primary" href="<?= base_url('admin/progress/view/' . $exampleId) ?>">View</a> <a class="btn btn-sm btn-outline-primary" href="<?= base_url('admin/progress/view/' . $exampleId) ?>">View</a>
+7 -2
View File
@@ -39,7 +39,6 @@
<?php <?php
$subjectName = $section['db_subject'] ?? $section['label'] ?? $slug; $subjectName = $section['db_subject'] ?? $section['label'] ?? $slug;
$isQuran = $subjectName === 'Quran/Arabic'; $isQuran = $subjectName === 'Quran/Arabic';
$unitLabel = $isQuran ? 'Surah / Custom Arabic' : 'Unit / Chapter';
$homeworkLabel = $isQuran ? 'Arabic Practice / Homework' : 'Assigned Homework'; $homeworkLabel = $isQuran ? 'Arabic Practice / Homework' : 'Assigned Homework';
$report = $reportsBySubject[$subjectName] ?? null; $report = $reportsBySubject[$subjectName] ?? null;
?> ?>
@@ -51,7 +50,13 @@
<?php if (! $report): ?> <?php if (! $report): ?>
<div class="text-muted">No entry submitted for this subject this week.</div> <div class="text-muted">No entry submitted for this subject this week.</div>
<?php else: ?> <?php else: ?>
<div class="mb-2"><strong><?= $unitLabel ?>:</strong> <?= esc($report['unit_title'] ?: '-') ?></div> <div class="mb-2">
<?= view('admin/partials/class_progress_unit_display', [
'unitTitle' => (string) ($report['unit_title'] ?? ''),
'isQuran' => $isQuran,
'compact' => false,
]) ?>
</div>
<?php if (!empty($report['materials'])): ?> <?php if (!empty($report['materials'])): ?>
<div class="mb-2"><strong>Materials:</strong> <?= esc($report['materials']) ?></div> <div class="mb-2"><strong>Materials:</strong> <?= esc($report['materials']) ?></div>
<?php endif; ?> <?php endif; ?>
@@ -0,0 +1,48 @@
<?php
/**
* Renders class progress unit_title with explicit curriculum vs custom subject lines.
*
* @var string $unitTitle
* @var bool $isQuran
* @var bool $compact If true, tighter layout for the list accordion.
*/
use App\Controllers\ClassProgressController;
$unitTitle = trim((string) ($unitTitle ?? ''));
$compact = ! empty($compact);
$isQuran = ! empty($isQuran);
$split = ClassProgressController::splitUnitTitleForDisplay($unitTitle);
$curriculumLines = $split['curriculum'];
$customTopics = $split['custom'];
$labelCurriculum = $isQuran ? 'Surah / curriculum' : 'Unit / chapter';
$labelCustom = $isQuran ? 'Custom Surah / Arabic' : 'Custom subject(s)';
?>
<?php if ($unitTitle === ''): ?>
<span class="text-muted">-</span>
<?php elseif ($compact): ?>
<?php if (! empty($customTopics)): ?>
<div class="small">
<span class="badge text-bg-info me-1"><?= $isQuran ? 'Custom' : 'Custom subject' ?></span><?= esc(implode(', ', $customTopics)) ?>
</div>
<?php endif; ?>
<?php if (! empty($curriculumLines)): ?>
<div class="small <?= ! empty($customTopics) ? 'text-muted mt-1' : 'text-muted' ?>"><?= esc(implode(' · ', $curriculumLines)) ?></div>
<?php endif; ?>
<?php if (empty($customTopics) && empty($curriculumLines)): ?>
<div class="small text-muted"><?= esc($unitTitle) ?></div>
<?php endif; ?>
<?php else: ?>
<?php if (! empty($curriculumLines)): ?>
<div class="mb-2"><strong><?= esc($labelCurriculum) ?>:</strong> <?= esc(implode(' ; ', $curriculumLines)) ?></div>
<?php endif; ?>
<?php if (! empty($customTopics)): ?>
<div class="mb-2"><strong><?= esc($labelCustom) ?>:</strong> <?= esc(implode(' ; ', $customTopics)) ?></div>
<?php endif; ?>
<?php if (empty($curriculumLines) && empty($customTopics)): ?>
<div class="mb-2"><strong><?= esc($labelCurriculum) ?>:</strong> <?= esc($unitTitle) ?></div>
<?php endif; ?>
<?php endif; ?>
+11 -1
View File
@@ -696,7 +696,17 @@
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php foreach ($studentsBySection[$sectionKey] as $student): ?> <?php
$uniqueStudents = [];
foreach ($studentsBySection[$sectionKey] as $student) {
$sid = (int)($student['id'] ?? 0);
if ($sid <= 0 || isset($uniqueStudents[$sid])) {
continue;
}
$uniqueStudents[$sid] = $student;
}
?>
<?php foreach ($uniqueStudents as $student): ?>
<?php <?php
$sid = (int)$student['id']; $sid = (int)$student['id'];
$entryMap = $recAt($__attendanceData[$sectionKey][$sid] ?? []); $entryMap = $recAt($__attendanceData[$sectionKey][$sid] ?? []);
@@ -250,6 +250,54 @@
$analysisSectionTotals[] = (int)($s['total_students'] ?? 0); $analysisSectionTotals[] = (int)($s['total_students'] ?? 0);
} }
// ---- Student absences/late list ----
$sectionLabelByKey = [];
foreach ($grades as $classId => $sections) {
foreach ($sections as $section) {
$sectionKey = (string)($section['class_section_id'] ?? ($section['id'] ?? ''));
if ($sectionKey === '') continue;
$secNameRaw = trim((string)($section['class_section_name'] ?? ''));
$sectionLabelByKey[$sectionKey] = $secNameRaw !== '' ? $secNameRaw : ('Section ' . $sectionKey);
}
}
$studentIssueRows = [];
foreach ($studentsBySection as $sectionKey => $students) {
foreach ($students as $stu) {
$sid = (int)($stu['id'] ?? 0);
if ($sid <= 0) continue;
$entries = $attendanceData[$sectionKey][$sid] ?? [];
if (!is_array($entries)) continue;
$abs = 0;
$late = 0;
foreach ($entries as $e) {
$d = substr((string)($e['date'] ?? ''), 0, 10);
if ($d === '') continue;
if ($filterStart !== '' && $d < $filterStart) continue;
if ($filterEnd !== '' && $d > $filterEnd) continue;
$st = strtolower(trim((string)($e['status'] ?? '')));
if ($st === 'absent') {
$abs++;
} elseif ($st === 'late') {
$late++;
}
}
if (($abs + $late) <= 0) continue;
$studentIssueRows[] = [
'name' => trim((string)($stu['firstname'] ?? '') . ' ' . (string)($stu['lastname'] ?? '')),
'section' => $sectionLabelByKey[(string)$sectionKey] ?? ('Section ' . $sectionKey),
'absent' => $abs,
'late' => $late,
];
}
}
usort($studentIssueRows, static function ($a, $b) {
$sec = strcmp($a['section'], $b['section']);
if ($sec !== 0) return $sec;
return strcmp($a['name'], $b['name']);
});
$totalDaysForPercent = 0; $totalDaysForPercent = 0;
if ($filterStart === '' && $filterEnd === '' && !empty($totalPassedDays)) { if ($filterStart === '' && $filterEnd === '' && !empty($totalPassedDays)) {
$totalDaysForPercent = (int)$totalPassedDays; $totalDaysForPercent = (int)$totalPassedDays;
@@ -373,6 +421,37 @@
</table> </table>
</div> </div>
</div> </div>
<div class="attn-analysis-card attn-analysis-wide">
<h6>Students With Absences / Late</h6>
<div class="attn-analysis-scroll">
<table id="studentIssueTable" class="attn-analysis-table no-mgmt-sticky" data-no-mgmt-sticky>
<thead>
<tr>
<th>Student Name</th>
<th>Class Section</th>
<th class="text-end">Nbr of ABS</th>
<th class="text-end">Nbr of LATE</th>
</tr>
</thead>
<tbody>
<?php if (empty($studentIssueRows)): ?>
<tr>
<td colspan="4" class="text-center text-muted">No absences or late records in the selected range.</td>
</tr>
<?php else: ?>
<?php foreach ($studentIssueRows as $row): ?>
<tr>
<td><?= esc($row['name']) ?></td>
<td><?= esc($row['section']) ?></td>
<td class="text-end"><?= (int)$row['absent'] ?></td>
<td class="text-end"><?= (int)$row['late'] ?></td>
</tr>
<?php endforeach; ?>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
</div> </div>
</div> </div>
</div> </div>
@@ -480,6 +559,13 @@
info: false, info: false,
order: [[0, 'asc']] order: [[0, 'asc']]
}); });
$('#studentIssueTable').DataTable({
paging: true,
searching: true,
info: true,
order: [[1, 'asc'], [0, 'asc']],
pageLength: 25
});
} }
}); });
</script> </script>
@@ -4,6 +4,11 @@
<div class="container mt-4"> <div class="container mt-4">
<h2>Create Event</h2> <h2>Create Event</h2>
<?php
$defaultCategories = ['Fun Event-1', 'Fun Event-2', 'Fun Event-3'];
$existingCategories = array_map('strval', $categories ?? []);
$allCategories = array_unique(array_merge($defaultCategories, $existingCategories));
?>
<form method="post" action="<?= site_url('administrator/events/create') ?>" enctype="multipart/form-data"> <form method="post" action="<?= site_url('administrator/events/create') ?>" enctype="multipart/form-data">
<?= csrf_field() ?> <?= csrf_field() ?>
<div class="mb-3"> <div class="mb-3">
@@ -15,7 +20,7 @@
<label class="form-label">Category</label> <label class="form-label">Category</label>
<select name="event_category" class="form-control" required> <select name="event_category" class="form-control" required>
<option value="" selected disabled>Select category</option> <option value="" selected disabled>Select category</option>
<?php foreach (($categories ?? []) as $category): ?> <?php foreach ($allCategories as $category): ?>
<option value="<?= esc($category) ?>"><?= esc(ucwords($category)) ?></option> <option value="<?= esc($category) ?>"><?= esc(ucwords($category)) ?></option>
<?php endforeach; ?> <?php endforeach; ?>
</select> </select>
@@ -23,7 +28,7 @@
<div class="mb-3"> <div class="mb-3">
<label class="form-label">Description</label> <label class="form-label">Description</label>
<textarea name="description" class="form-control"></textarea> <textarea id="event_description" name="description" class="form-control"></textarea>
</div> </div>
<div class="mb-3"> <div class="mb-3">
@@ -51,9 +56,89 @@
<input type="text" name="school_year" class="form-control" required> <input type="text" name="school_year" class="form-control" required>
</div> </div>
<div class="card mb-3">
<div class="card-header">School Calendar</div>
<div class="card-body">
<div class="form-check mb-2">
<input class="form-check-input" type="checkbox" id="add_to_calendar" name="add_to_calendar" value="1">
<label class="form-check-label" for="add_to_calendar">
Add this event to the school calendar
</label>
</div>
<div id="calendar_recipients" class="ms-3" style="display:none;">
<div class="mb-2 fw-semibold">Visible On Calendars</div>
<div class="d-flex flex-wrap gap-3">
<label class="form-check-label">
<input class="form-check-input me-1" type="checkbox" name="notify_parent" value="1" checked>
Parents
</label>
<label class="form-check-label">
<input class="form-check-input me-1" type="checkbox" name="notify_teacher" value="1" checked>
Teachers
</label>
<label class="form-check-label">
<input class="form-check-input me-1" type="checkbox" name="notify_admin" value="1" checked>
Admins
</label>
</div>
<div class="form-text">If none are selected, the event is visible to everyone.</div>
</div>
</div>
</div>
<div class="card mb-3">
<div class="card-header">Parent Email Broadcast</div>
<div class="card-body">
<div class="form-check">
<input class="form-check-input" type="checkbox" id="send_email_parent" name="send_email_parent" value="1">
<label class="form-check-label" for="send_email_parent">
Send one event email to all parents and add all parent emails in CC
</label>
</div>
<div class="form-text">The email is sent once. The school sender address stays in To, and all parent emails are placed in CC.</div>
</div>
</div>
<button type="submit" class="btn btn-success">Create Event</button> <button type="submit" class="btn btn-success">Create Event</button>
<a href="<?= site_url('administrator/events') ?>" class="btn btn-secondary">Cancel</a> <a href="<?= site_url('administrator/events') ?>" class="btn btn-secondary">Cancel</a>
</form> </form>
</div> </div>
<?= $this->endSection() ?> <?= $this->endSection() ?>
<?= $this->section('scripts') ?>
<script src="<?= base_url('assets/tinymce/tinymce.min.js') ?>"></script>
<script>
(function () {
const toggle = document.getElementById('add_to_calendar');
const recipients = document.getElementById('calendar_recipients');
const description = document.getElementById('event_description');
if (toggle && recipients) {
function sync() {
recipients.style.display = toggle.checked ? '' : 'none';
}
toggle.addEventListener('change', sync);
sync();
}
if (description && window.tinymce) {
tinymce.init({
selector: '#event_description',
base_url: '<?= base_url('assets/tinymce') ?>',
suffix: '.min',
license_key: 'gpl',
height: 320,
menubar: true,
branding: false,
promotion: false,
plugins: 'advlist autolink lists link charmap preview anchor searchreplace visualblocks code fullscreen insertdatetime table help wordcount',
toolbar: 'undo redo | blocks | bold italic underline strikethrough forecolor backcolor | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | link table | removeformat | preview code',
convert_urls: false,
content_style: 'body { font-family: system-ui, -apple-system, Segoe UI, Roboto, Helvetica, Arial, sans-serif; font-size: 14px; }'
});
}
})();
</script>
<?= $this->endSection() ?>
+89 -3
View File
@@ -4,6 +4,12 @@
<div class="container mt-4"> <div class="container mt-4">
<h2>Edit Event</h2> <h2>Edit Event</h2>
<?php
$defaultCategories = ['Fun Event-1', 'Fun Event-2', 'Fun Event-3'];
$existingCategories = array_map('strval', $categories ?? []);
$allCategories = array_unique(array_merge($defaultCategories, $existingCategories));
?>
<?php if (session()->getFlashdata('error')): ?> <?php if (session()->getFlashdata('error')): ?>
<div class="alert alert-danger"><?= session()->getFlashdata('error') ?></div> <div class="alert alert-danger"><?= session()->getFlashdata('error') ?></div>
<?php endif; ?> <?php endif; ?>
@@ -23,7 +29,7 @@
<label class="form-label">Category</label> <label class="form-label">Category</label>
<select name="event_category" class="form-control" required> <select name="event_category" class="form-control" required>
<option value="" disabled <?= empty($event['event_category']) ? 'selected' : '' ?>>Select category</option> <option value="" disabled <?= empty($event['event_category']) ? 'selected' : '' ?>>Select category</option>
<?php foreach (($categories ?? []) as $category): ?> <?php foreach ($allCategories as $category): ?>
<option value="<?= esc($category) ?>" <?= (string)($event['event_category'] ?? '') === (string)$category ? 'selected' : '' ?>> <option value="<?= esc($category) ?>" <?= (string)($event['event_category'] ?? '') === (string)$category ? 'selected' : '' ?>>
<?= esc(ucwords($category)) ?> <?= esc(ucwords($category)) ?>
</option> </option>
@@ -33,7 +39,7 @@
<div class="mb-3"> <div class="mb-3">
<label class="form-label">Description</label> <label class="form-label">Description</label>
<textarea name="description" class="form-control"><?= esc($event['description']) ?></textarea> <textarea id="event_description" name="description" class="form-control"><?= esc($event['description']) ?></textarea>
</div> </div>
<div class="mb-3"> <div class="mb-3">
@@ -44,7 +50,7 @@
<div class="mb-3"> <div class="mb-3">
<label class="form-label">Current Flyer</label><br> <label class="form-label">Current Flyer</label><br>
<?php if ($event['flyer']): ?> <?php if ($event['flyer']): ?>
<img src="<?= base_url('writable/uploads/' . $event['flyer']) ?>" width="150" class="mb-2"> <img src="<?= base_url('uploads/' . ltrim((string) $event['flyer'], '/')) ?>" width="150" class="mb-2">
<?php else: ?> <?php else: ?>
<div class="text-muted">No flyer uploaded.</div> <div class="text-muted">No flyer uploaded.</div>
<?php endif; ?> <?php endif; ?>
@@ -70,9 +76,89 @@
<input type="text" name="school_year" class="form-control" value="<?= esc($event['school_year']) ?>" required> <input type="text" name="school_year" class="form-control" value="<?= esc($event['school_year']) ?>" required>
</div> </div>
<div class="card mb-3">
<div class="card-header">School Calendar</div>
<div class="card-body">
<div class="form-check mb-2">
<input class="form-check-input" type="checkbox" id="add_to_calendar" name="add_to_calendar" value="1">
<label class="form-check-label" for="add_to_calendar">
Add this event to the school calendar
</label>
</div>
<div id="calendar_recipients" class="ms-3" style="display:none;">
<div class="mb-2 fw-semibold">Visible On Calendars</div>
<div class="d-flex flex-wrap gap-3">
<label class="form-check-label">
<input class="form-check-input me-1" type="checkbox" name="notify_parent" value="1" checked>
Parents
</label>
<label class="form-check-label">
<input class="form-check-input me-1" type="checkbox" name="notify_teacher" value="1" checked>
Teachers
</label>
<label class="form-check-label">
<input class="form-check-input me-1" type="checkbox" name="notify_admin" value="1" checked>
Admins
</label>
</div>
<div class="form-text">If none are selected, the event is visible to everyone.</div>
</div>
</div>
</div>
<div class="card mb-3">
<div class="card-header">Parent Email Broadcast</div>
<div class="card-body">
<div class="form-check">
<input class="form-check-input" type="checkbox" id="send_email_parent" name="send_email_parent" value="1">
<label class="form-check-label" for="send_email_parent">
Send one event email to all parents and add all parent emails in CC
</label>
</div>
<div class="form-text">Use this when you want to rebroadcast the updated event to all parents in a single email.</div>
</div>
</div>
<button type="submit" class="btn btn-primary">Update Event</button> <button type="submit" class="btn btn-primary">Update Event</button>
<a href="<?= site_url('administrator/events') ?>" class="btn btn-secondary">Cancel</a> <a href="<?= site_url('administrator/events') ?>" class="btn btn-secondary">Cancel</a>
</form> </form>
</div> </div>
<?= $this->endSection() ?> <?= $this->endSection() ?>
<?= $this->section('scripts') ?>
<script src="<?= base_url('assets/tinymce/tinymce.min.js') ?>"></script>
<script>
(function () {
const toggle = document.getElementById('add_to_calendar');
const recipients = document.getElementById('calendar_recipients');
const description = document.getElementById('event_description');
if (toggle && recipients) {
function sync() {
recipients.style.display = toggle.checked ? '' : 'none';
}
toggle.addEventListener('change', sync);
sync();
}
if (description && window.tinymce) {
tinymce.init({
selector: '#event_description',
base_url: '<?= base_url('assets/tinymce') ?>',
suffix: '.min',
license_key: 'gpl',
height: 320,
menubar: true,
branding: false,
promotion: false,
plugins: 'advlist autolink lists link charmap preview anchor searchreplace visualblocks code fullscreen insertdatetime table help wordcount',
toolbar: 'undo redo | blocks | bold italic underline strikethrough forecolor backcolor | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | link table | removeformat | preview code',
convert_urls: false,
content_style: 'body { font-family: system-ui, -apple-system, Segoe UI, Roboto, Helvetica, Arial, sans-serif; font-size: 14px; }'
});
}
})();
</script>
<?= $this->endSection() ?>
+713 -71
View File
@@ -3,6 +3,54 @@
<div class="container mt-5"> <div class="container mt-5">
<h3>Event Charges</h3> <h3>Event Charges</h3>
<style>
.event-card-header {
display: flex;
align-items: center;
justify-content: space-between;
gap: 1rem;
}
.event-card-header-actions {
display: flex;
align-items: center;
gap: 0.5rem;
flex-wrap: wrap;
}
.sortable-header {
display: inline-flex;
align-items: center;
gap: 0.35rem;
padding: 0;
border: 0;
background: transparent;
color: inherit;
font-weight: 600;
text-decoration: none;
}
.sortable-header:hover,
.sortable-header:focus {
color: var(--bs-primary);
text-decoration: none;
}
.sortable-header::after {
content: '↕';
font-size: 0.85rem;
opacity: 0.45;
}
.sortable-header.sorted-asc::after {
content: '↑';
opacity: 1;
}
.sortable-header.sorted-desc::after {
content: '↓';
opacity: 1;
}
@media print {
.no-print {
display: none !important;
}
}
</style>
<?php if (session()->getFlashdata('success')): ?> <?php if (session()->getFlashdata('success')): ?>
<div class="alert alert-success"><?= session()->getFlashdata('success') ?></div> <div class="alert alert-success"><?= session()->getFlashdata('success') ?></div>
@@ -11,110 +59,473 @@
<div class="alert alert-danger"><?= session()->getFlashdata('error') ?></div> <div class="alert alert-danger"><?= session()->getFlashdata('error') ?></div>
<?php endif; ?> <?php endif; ?>
<!-- Add New Charge Form --> <?php
<form action="<?= site_url('payment/event_charges') ?>" method="post"> $classSectionNames = $classSectionNames ?? [];
<?= csrf_field() ?> $semesterOptions = $semesterOptions ?? [];
<div class="row"> $schoolYearOptions = $schoolYearOptions ?? [];
<div class="col-md-3 mt-3"> ?>
<label for="event_id" class="form-label">Select Event</label>
<select name="event_id" id="event_id" class="form-select" required>
<option value="">-- Select Event --</option>
<?php foreach ($events as $event): ?>
<option value="<?= esc($event['id']) ?>">
<?= esc($event['event_name']) ?>
</option>
<?php endforeach; ?>
</select>
</div>
<div class="col-md-3 mt-3"> <?php
<label for="parent_id" class="form-label">Parent</label> $filterParentId = $filterParentId ?? 0;
<select id="parent_id" name="parent_id" class="form-select" required> $parentBalances = $parentBalances ?? [];
<option value="">-- Select Parent --</option> $selectedEvent = null;
<?php foreach ($parents as $parent): ?> if (!empty($filterEventId)) {
<option value="<?= $parent['id'] ?>"> foreach ($events as $event) {
<?= esc($parent['firstname'] . ' ' . $parent['lastname']) ?> (<?= esc($parent['school_id']) ?>) if ((int)$event['id'] === (int)$filterEventId) {
</option> $selectedEvent = $event;
<?php endforeach; ?> break;
</select> }
</div> }
}
<div class="col-12 mt-3" id="studentCheckboxContainer" style="display: none;"> ?>
<label>Select Students:</label> <div class="card mb-4">
<div id="studentList" class="row"></div> <div class="card-body">
</div> <form method="get" action="<?= site_url('administrator/event-charges') ?>" class="row g-3 align-items-end">
<?php if ($filterEventId > 0): ?>
<input type="hidden" name="event_id" value="<?= esc($filterEventId) ?>">
<?php endif; ?>
<?php if ($filterParentId > 0): ?>
<input type="hidden" name="parent_id" value="<?= esc($filterParentId) ?>">
<?php endif; ?>
<div class="col-md-4">
<label for="semester_filter" class="form-label">Semester</label>
<select id="semester_filter" name="semester" class="form-select">
<option value="">-- All semesters --</option>
<?php foreach ($semesterOptions as $option): ?>
<option value="<?= esc($option) ?>" <?= $semester === $option ? 'selected' : '' ?>>
<?= esc($option) ?>
</option>
<?php endforeach; ?>
</select>
</div>
<div class="col-md-4">
<label for="school_year_filter" class="form-label">School Year</label>
<select id="school_year_filter" name="school_year" class="form-select">
<option value="">-- All school years --</option>
<?php foreach ($schoolYearOptions as $option): ?>
<option value="<?= esc($option) ?>" <?= $school_year === $option ? 'selected' : '' ?>>
<?= esc($option) ?>
</option>
<?php endforeach; ?>
</select>
</div>
<div class="col-auto">
<button type="submit" class="btn btn-outline-primary">Filter</button>
</div>
</form>
</div> </div>
</div>
<button type="submit" class="btn btn-primary mt-3">Submit</button> <!-- Add New Charge Form -->
<a href="<?= site_url('administrator/events') ?>" class="btn btn-success mt-3">Event List</a> <div class="card mb-4">
</form> <div class="card-body">
<br> <form id="event-participant-form" action="<?= site_url('payment/event_charges') ?>" method="post">
<?= csrf_field() ?>
<input type="hidden" name="school_year" value="<?= esc($school_year) ?>">
<input type="hidden" name="semester" value="<?= esc($semester) ?>">
<div class="row g-3">
<div class="col-md-4">
<label for="event_id" class="form-label">Select Event</label>
<select name="event_id" id="event_id" class="form-select" required>
<option value="">-- All events --</option>
<?php foreach ($events as $event): ?>
<option value="<?= esc($event['id']) ?>" data-amount="<?= esc(number_format($event['amount'] ?? 0, 2, '.', '')) ?>" <?= isset($filterEventId) && $filterEventId == $event['id'] ? 'selected' : '' ?>>
<?= esc($event['event_name']) ?>
</option>
<?php endforeach; ?>
</select>
</div>
<?php if ($selectedEvent): ?>
<div class="col-md-8">
<div class="border rounded bg-light p-3 h-100">
<div class="d-flex justify-content-between align-items-center mb-2">
<h6 class="m-0"><?= esc($selectedEvent['event_name']) ?></h6>
<span class="badge bg-info text-dark">
$<?= esc(number_format($selectedEvent['amount'] ?? 0, 2)) ?> fee
</span>
</div>
<?php $eventDescription = trim((string) ($selectedEvent['description'] ?? '')); ?>
<div class="mb-1">
<button type="button"
class="btn btn-link btn-sm px-0 py-0 text-decoration-none event-description-toggle"
data-bs-toggle="collapse"
data-bs-target="#selectedEventDescription"
aria-expanded="false"
aria-controls="selectedEventDescription"
data-label-collapsed="Show description"
data-label-expanded="Hide description">
Show description
</button>
<div class="collapse mt-2" id="selectedEventDescription">
<div class="text-muted small" style="white-space: pre-line;">
<?= esc($eventDescription !== '' ? $eventDescription : 'No description provided for this event.') ?>
</div>
</div>
</div>
<?php if (!empty($selectedEvent['expiration_date'])): ?>
<small class="text-secondary">
Expires: <?= esc(local_date($selectedEvent['expiration_date'], 'm-d-Y')) ?>
</small>
<?php endif; ?>
</div>
</div>
<?php endif; ?>
<div class="col-md-4">
<label for="parent_id" class="form-label">Parents List</label>
<select id="parent_id" name="parent_id" class="form-select">
<option value="">-- Select Parent --</option>
<?php foreach ($parents as $parent): ?>
<option value="<?= esc($parent['id']) ?>" <?= $filterParentId && $filterParentId == $parent['id'] ? 'selected' : '' ?>>
<?= esc($parent['firstname'] . ' ' . $parent['lastname']) ?> (<?= esc($parent['school_id']) ?>)
</option>
<?php endforeach; ?>
</select>
</div>
</div>
<div class="mt-4" id="studentCheckboxContainer" style="display: none;">
<label class="form-label">Select Students:</label>
<div id="studentList" class="row g-3"></div>
</div>
<div class="mt-4">
<?php if (!in_array(strtolower((string)(session()->get('role') ?? '')), ['parent', 'teacher', 'teacher_assistant'], true)): ?>
<button type="button" class="btn btn-outline-primary" data-bs-toggle="modal" data-bs-target="#externalParticipantModal">
Add non-school participant
</button>
<?php endif; ?>
<div class="form-text">Enrolled students are saved when you click Submit. Non-school participants are saved immediately and will then appear in all browsers.</div>
</div>
<div class="d-flex flex-wrap gap-2 mt-3">
<button type="submit" class="btn btn-primary">Submit</button>
<a href="<?= site_url('administrator/events') ?>" class="btn btn-success">Event List</a>
</div>
</form>
</div>
</div>
<!-- Charge Tables grouped by event --> <!-- Charge Tables grouped by event -->
<?php <?php
$grouped = []; $grouped = [];
foreach ($charges as $charge) { foreach ($charges as $charge) {
$label = $charge['event_name'] ?? 'N/A'; $eventId = (int)($charge['event_id'] ?? 0);
$grouped[$label][] = $charge; if (!isset($grouped[$eventId])) {
$grouped[$eventId] = [
'label' => $charge['event_name'] ?? 'N/A',
'rows' => [],
];
}
$grouped[$eventId]['rows'][] = $charge;
} }
?> ?>
<?php if (empty($grouped)): ?> <?php if (empty($grouped)): ?>
<div class="alert alert-info">No charges found.</div> <div class="alert alert-info">No charges found.</div>
<?php else: ?> <?php else: ?>
<?php foreach ($grouped as $eventLabel => $rows): ?> <?php
<div class="card mb-4"> $printBaseParams = array_filter([
<div class="card-header bg-light fw-semibold"> 'school_year' => $school_year,
<?= esc($eventLabel) ?> 'semester' => $semester,
'parent_id' => $filterParentId > 0 ? $filterParentId : null,
'event_id' => $filterEventId > 0 ? $filterEventId : null,
], static fn ($value) => $value !== null && $value !== '');
$printAllUrl = site_url('administrator/event-charges/pdf');
if (!empty($printBaseParams)) {
$printAllUrl .= '?' . http_build_query($printBaseParams);
}
?>
<div class="d-flex justify-content-between align-items-center flex-wrap gap-2 mb-3 no-print">
<p class="text-muted mb-0">Click a column header to sort the participants list.</p>
<a href="<?= esc($printAllUrl) ?>"
class="btn btn-outline-secondary pdf-print-link"
data-base-href="<?= esc($printAllUrl) ?>"
data-print-scope="all">
Print All Participant Lists
</a>
</div>
<div id="eventChargeCards">
<?php foreach ($grouped as $eventId => $data): ?>
<?php $eventLabel = $data['label']; ?>
<?php $rows = $data['rows']; ?>
<?php
$singlePrintParams = array_filter([
'school_year' => $school_year,
'semester' => $semester,
'parent_id' => $filterParentId > 0 ? $filterParentId : null,
'event_id' => $eventId,
], static fn ($value) => $value !== null && $value !== '');
$singlePrintUrl = site_url('administrator/event-charges/pdf') . '?' . http_build_query($singlePrintParams);
?>
<div class="card mb-4 event-card" data-event-id="<?= esc($eventId) ?>">
<div class="card-header bg-light fw-semibold event-card-header">
<span><?= esc($eventLabel) ?></span>
<div class="event-card-header-actions no-print">
<a href="<?= esc($singlePrintUrl) ?>"
class="btn btn-outline-secondary btn-sm pdf-print-link"
data-base-href="<?= esc($singlePrintUrl) ?>"
data-print-scope="single"
data-event-id="<?= esc($eventId) ?>">
Print This List
</a>
</div>
</div> </div>
<div class="card-body p-0"> <div class="card-body p-0">
<?php
$totalParticipants = 0;
$totalCharged = 0.0;
?>
<div class="table-responsive"> <div class="table-responsive">
<table class="table table-bordered table-striped mb-0 no-mgmt-sticky"> <table id="eventTable_<?= esc($eventId) ?>" class="table table-bordered table-striped mb-0 no-mgmt-sticky event-charges-table">
<thead class="table-light"> <thead class="table-light">
<tr> <tr>
<th>ID</th> <th><button type="button" class="sortable-header" data-sort-index="0" data-sort-type="number">ID</button></th>
<th>Parent Name</th> <th><button type="button" class="sortable-header" data-sort-index="1" data-sort-type="text">Parent Name</button></th>
<th>Student Name</th> <th><button type="button" class="sortable-header" data-sort-index="2" data-sort-type="text">Student Name</button></th>
<th>Charged Amount</th> <th><button type="button" class="sortable-header" data-sort-index="3" data-sort-type="text">External Info</button></th>
<th>Is Participating</th> <th><button type="button" class="sortable-header" data-sort-index="4" data-sort-type="text">Class Section</button></th>
<th>Semester</th> <th><button type="button" class="sortable-header" data-sort-index="5" data-sort-type="number">Charged Amount</button></th>
<th>Year</th> <th><button type="button" class="sortable-header" data-sort-index="6" data-sort-type="date">Created</button></th>
<th>Created</th> <th><button type="button" class="sortable-header" data-sort-index="7" data-sort-type="text">Waiver</button></th>
</tr> <th><button type="button" class="sortable-header" data-sort-index="8" data-sort-type="text">Fees Paid</button></th>
<th><button type="button" class="sortable-header" data-sort-index="9" data-sort-type="text">Payment</button></th>
<th>Actions</th>
</tr>
</thead> </thead>
<tbody> <tbody>
<?php foreach ($rows as $charge): ?> <?php foreach ($rows as $charge): ?>
<tr> <?php
<td><?= esc($charge['id']) ?></td> $isParticipating = ($charge['participation'] === 'yes');
<td><?= esc($charge['parent_firstname'] . ' ' . $charge['parent_lastname']) ?></td> $isEventPaid = !empty($charge['event_paid']);
<td> $returnParams = [];
<?= $charge['student_firstname'] if (!empty($semester)) {
? esc($charge['student_firstname'] . ' ' . $charge['student_lastname']) $returnParams['semester'] = $semester;
: '-' ?> }
if (!empty($school_year)) {
$returnParams['school_year'] = $school_year;
}
if (!empty($filterEventId)) {
$returnParams['event_id'] = $filterEventId;
}
if (!empty($filterParentId)) {
$returnParams['parent_id'] = $filterParentId;
}
$returnTo = site_url('administrator/event-charges')
. (!empty($returnParams) ? '?' . http_build_query($returnParams) : '')
. '#eventTable_' . (int) ($charge['event_id'] ?? 0);
?>
<tr data-charge-id="<?= esc((string) ($charge['id'] ?? '')) ?>">
<td data-sort-value="<?= esc((string) ($charge['id'] ?? '')) ?>"><?= esc($charge['id']) ?></td>
<?php
$studentName = $charge['student_firstname']
? trim($charge['student_firstname'] . ' ' . $charge['student_lastname'])
: '';
$externalName = trim(
($charge['external_firstname'] ?? '') . ' ' .
($charge['external_lastname'] ?? '')
);
$displayName = $studentName ?: ($externalName ?: '—');
$externalNote = $charge['external_note'] ?? '';
$externalParentLabel = trim(
($charge['external_parent_firstname'] ?? '') . ' ' .
($charge['external_parent_lastname'] ?? '')
);
$externalParentPhone = $charge['external_parent_phone'] ?? '';
$externalParentEmail = $charge['external_parent_email'] ?? '';
$parentPhone = $charge['parent_cellphone'] ?? '';
$standardParentName = trim($charge['parent_firstname'] . ' ' . $charge['parent_lastname']);
$parentColumnName = $externalParentLabel ?: ($standardParentName ?: '—');
$isExternalParticipant = $externalName !== '';
$infoPhone = $isExternalParticipant ? $externalParentPhone : $parentPhone;
$infoEmail = $isExternalParticipant ? $externalParentEmail : '';
$externalInfoValue = trim(implode(' ', array_filter([
$infoPhone,
$infoEmail,
$externalNote,
])));
?>
<td data-sort-value="<?= esc(strtolower($parentColumnName)) ?>"><?= esc($parentColumnName) ?></td>
<td data-sort-value="<?= esc(strtolower($displayName)) ?>">
<?= esc($displayName) ?>
<?php if ($externalNote): ?>
<small class="text-muted d-block"><?= esc($externalNote) ?></small>
<?php endif; ?>
</td> </td>
<td>$<?= esc(number_format($charge['charged'] ?? 0, 2)) ?></td> <td data-sort-value="<?= esc(strtolower($externalInfoValue)) ?>">
<td> <?php if ($infoPhone): ?>
<?= $charge['participation'] <div class="text-muted small"><?= esc($infoPhone) ?></div>
? '<span class="badge bg-success">Yes</span>' <?php endif; ?>
: '<span class="badge bg-warning">No</span>' ?> <?php if ($infoEmail): ?>
<div class="text-muted small"><?= esc($infoEmail) ?></div>
<?php endif; ?>
<?php if (!$infoPhone && !$infoEmail): ?>
<span class="text-muted small">—</span>
<?php endif; ?>
</td>
<td data-sort-value="<?= esc(strtolower((string) ($classSectionNames[$charge['class_section_id'] ?? ''] ?? ''))) ?>">
<?= esc($classSectionNames[$charge['class_section_id'] ?? ''] ?? '—') ?>
</td>
<td data-sort-value="<?= esc(number_format((float) ($charge['event_amount'] ?? 0), 2, '.', '')) ?>">$<?= esc(number_format($charge['event_amount'] ?? 0, 2)) ?></td>
<td data-sort-value="<?= esc((string) ($charge['created_at'] ?? '')) ?>"><?= esc(!empty($charge['created_at']) ? local_datetime($charge['created_at'], 'm-d-Y H:i') : '') ?></td>
<?php
$feeAmount = (float) ($charge['event_amount'] ?? 0);
$hasBalanceRecord = array_key_exists((int)$charge['parent_id'], $parentBalances);
$parentBalance = $hasBalanceRecord ? (float)$parentBalances[$charge['parent_id']] : null;
$waiverSigned = !empty($charge['waiver_signed']);
$feeIsPaid = $isParticipating && ($isEventPaid || ($hasBalanceRecord && $parentBalance <= 0));
?>
<td class="text-center" data-sort-value="<?= $waiverSigned ? 'signed' : 'unsigned' ?>">
<form method="post" action="<?= site_url('administrator/event-charges/waiver/' . esc($charge['id'])) ?>" class="d-inline-flex align-items-center">
<?= csrf_field() ?>
<input type="hidden" name="return_to" value="<?= esc($returnTo) ?>">
<input type="hidden" name="waiver_signed" value="<?= $waiverSigned ? '1' : '0' ?>">
<input type="checkbox" class="form-check-input" id="eventWaiver_<?= esc($charge['id']) ?>"
<?= $waiverSigned ? 'checked' : '' ?>
onchange="this.form.waiver_signed.value = this.checked ? 1 : 0; this.form.submit();">
<label class="form-check-label ms-2" for="eventWaiver_<?= esc($charge['id']) ?>" aria-hidden="true">
<?= $waiverSigned ? 'Signed' : 'Unsigned' ?>
</label>
</form>
</td>
<td class="text-center" data-sort-value="<?= $feeIsPaid ? 'paid' : 'unpaid' ?>">
<?php if ($feeIsPaid): ?>
<span class="badge bg-success">Paid</span>
<?php else: ?>
<span class="badge bg-danger">Unpaid</span>
<?php endif; ?>
</td>
<td class="text-center" data-sort-value="<?= $isEventPaid ? 'paid' : 'unpaid' ?>">
<form method="post" action="<?= site_url('administrator/event-charges/payment/' . esc($charge['id'])) ?>" class="d-inline-flex align-items-center">
<?= csrf_field() ?>
<input type="hidden" name="return_to" value="<?= esc($returnTo) ?>">
<input type="hidden" name="paid" value="<?= $feeIsPaid ? '1' : '0' ?>">
<input type="checkbox" class="form-check-input" id="eventPayment_<?= esc($charge['id']) ?>"
<?= $isEventPaid ? 'checked' : '' ?>
onchange="this.form.paid.value = this.checked ? 1 : 0; this.form.submit();">
<label class="form-check-label ms-2" for="eventPayment_<?= esc($charge['id']) ?>" aria-hidden="true">Paid</label>
</form>
</td>
<td class="text-nowrap">
<div class="d-flex gap-1 align-items-center">
<a href="<?= site_url('administrator/event-charges') ?>?event_id=<?= esc($charge['event_id']) ?>&parent_id=<?= esc($charge['parent_id']) ?>#event-participant-form" class="btn btn-outline-primary btn-sm">
Edit
</a>
<form action="<?= site_url('administrator/event-charges/remove/' . esc($charge['id'])) ?>" method="post" onsubmit="return confirm('Remove this participation and update the charge?');">
<?= csrf_field() ?>
<input type="hidden" name="return_to" value="<?= esc($returnTo) ?>">
<button type="submit" class="btn btn-outline-danger btn-sm">Remove</button>
</form>
</div>
</td> </td>
<td><?= esc($charge['semester'] ?? '-') ?></td>
<td><?= esc($charge['school_year'] ?? '-') ?></td>
<td><?= esc(!empty($charge['created_at']) ? local_datetime($charge['created_at'], 'm-d-Y H:i') : '') ?></td>
</tr> </tr>
<?php
if ($isParticipating) {
$totalParticipants++;
$totalCharged += (float) ($charge['event_amount'] ?? 0);
}
?>
<?php endforeach; ?> <?php endforeach; ?>
</tbody> </tbody>
<tfoot class="table-light">
<tr>
<th colspan="4">Totals</th>
<th>$<?= esc(number_format($totalCharged, 2)) ?></th>
<th colspan="6">
<span class="badge bg-secondary">
<?= esc($totalParticipants) ?> participating
</span>
</th>
</tr>
</tfoot>
</table> </table>
</div> </div>
</div> </div>
</div> </div>
<?php endforeach; ?> <?php endforeach; ?>
<?php endif; ?> </div>
<?php endif; ?>
</div> </div>
<?php if (!in_array(strtolower((string)(session()->get('role') ?? '')), ['parent', 'teacher', 'teacher_assistant'], true)): ?>
<div class="modal fade" id="externalParticipantModal" tabindex="-1" aria-labelledby="externalParticipantModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<form id="externalParticipantForm" class="needs-validation" novalidate>
<?= csrf_field() ?>
<div class="modal-header">
<h5 class="modal-title" id="externalParticipantModalLabel">Add Non-School Participant</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
<p class="small text-muted">Provide the students name and the accompanying guardian/contact details.</p>
<div class="mb-3">
<label class="form-label">Student / Kid Info</label>
<div class="row g-3">
<div class="col-md-6">
<input type="text" class="form-control" id="modalExternalFirstName" placeholder="First name" required>
</div>
<div class="col-md-6">
<input type="text" class="form-control" id="modalExternalLastName" placeholder="Last name" required>
</div>
</div>
</div>
<div class="mb-3">
<label class="form-label">Parent / Contact Info</label>
<div class="row g-3">
<div class="col-md-6">
<input type="text" class="form-control" id="modalParentFirstName" placeholder="Parent first name" required>
</div>
<div class="col-md-6">
<input type="text" class="form-control" id="modalParentLastName" placeholder="Parent last name" required>
</div>
<div class="col-12">
<input type="text" class="form-control" id="modalParentPhone" placeholder="Parent phone or contact">
</div>
<div class="col-12">
<input type="email" class="form-control" id="modalParentEmail" placeholder="Parent email" required>
</div>
</div>
</div>
<div class="mb-3">
<label class="form-label" for="modalExternalNote">Note <span class="text-muted small">(optional)</span></label>
<textarea rows="2" class="form-control" id="modalExternalNote" placeholder="Additional info (e.g., guest, sibling, etc.)"></textarea>
</div>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Cancel</button>
<button type="button" class="btn btn-primary" id="externalParticipantSave">
Add to list
</button>
</div>
</form>
</div>
</div>
</div>
<?php endif; ?>
<?= $this->endSection() ?> <?= $this->endSection() ?>
<?= $this->section('scripts') ?> <?= $this->section('scripts') ?>
<script> <script>
document.addEventListener('DOMContentLoaded', function () {
document.querySelectorAll('.event-description-toggle').forEach(function (button) {
const targetSelector = button.getAttribute('data-bs-target');
const target = targetSelector ? document.querySelector(targetSelector) : null;
if (!target) {
return;
}
target.addEventListener('show.bs.collapse', function () {
button.textContent = button.dataset.labelExpanded || 'Hide description';
});
target.addEventListener('hide.bs.collapse', function () {
button.textContent = button.dataset.labelCollapsed || 'Show description';
});
});
});
function loadStudentsWithCharges() { function loadStudentsWithCharges() {
let parentId = $('#parent_id').val(); let parentId = $('#parent_id').val();
let eventId = $('#event_id').val(); let eventId = $('#event_id').val();
@@ -156,7 +567,238 @@ function loadStudentsWithCharges() {
} }
} }
$('#parent_id').on('change', loadStudentsWithCharges); const capitalizeName = (value) => {
$('#event_id').on('change', loadStudentsWithCharges); if (!value) return '';
return value
.split(' ')
.map(part => {
const trimmed = part.trim();
if (!trimmed) return '';
return trimmed.charAt(0).toUpperCase() + trimmed.slice(1).toLowerCase();
})
.filter(Boolean)
.join(' ');
};
$(function() {
$('#parent_id').on('change', loadStudentsWithCharges);
$('#event_id').on('change', function() {
let eventId = $(this).val();
let url = new URL(window.location.href);
if (eventId) {
url.searchParams.set('event_id', eventId);
} else {
url.searchParams.delete('event_id');
}
window.location.href = url.toString();
});
if ($('#event_id').val() && $('#parent_id').val()) {
loadStudentsWithCharges();
}
const $externalSaveButton = $('#externalParticipantSave');
const modalElement = document.getElementById('externalParticipantModal');
const modalInstance = modalElement ? new bootstrap.Modal(modalElement) : null;
function clearModalInputs() {
$('#modalExternalFirstName').val('');
$('#modalExternalLastName').val('');
$('#modalExternalNote').val('');
$('#modalParentFirstName').val('');
$('#modalParentLastName').val('');
$('#modalParentPhone').val('');
$('#modalParentEmail').val('');
}
function appendHiddenField(form, name, value) {
const input = document.createElement('input');
input.type = 'hidden';
input.name = name;
input.value = value;
form.appendChild(input);
}
function submitExternalParticipant(payload) {
const form = document.createElement('form');
form.method = 'post';
form.action = '<?= site_url('payment/event_charges') ?>';
appendHiddenField(form, '<?= csrf_token() ?>', '<?= csrf_hash() ?>');
appendHiddenField(form, 'school_year', '<?= esc($school_year) ?>');
appendHiddenField(form, 'semester', '<?= esc($semester) ?>');
appendHiddenField(form, 'event_id', payload.eventId);
appendHiddenField(form, 'external_participants[new][firstname]', payload.firstname);
appendHiddenField(form, 'external_participants[new][lastname]', payload.lastname);
appendHiddenField(form, 'external_participants[new][note]', payload.note);
appendHiddenField(form, 'external_participants[new][parent_firstname]', payload.parentFirstname);
appendHiddenField(form, 'external_participants[new][parent_lastname]', payload.parentLastname);
appendHiddenField(form, 'external_participants[new][parent_phone]', payload.parentPhone);
appendHiddenField(form, 'external_participants[new][parent_email]', payload.parentEmail);
appendHiddenField(form, 'external_participants[new][waiver_signed]', '0');
appendHiddenField(form, 'external_participants[new][paid]', '0');
document.body.appendChild(form);
form.submit();
}
function getSortValue(row, columnIndex, sortType) {
const cell = row.children[columnIndex];
if (!cell) {
return sortType === 'number' ? 0 : '';
}
const rawValue = cell.getAttribute('data-sort-value');
const fallbackValue = (cell.textContent || '').trim();
const value = rawValue !== null ? rawValue : fallbackValue;
if (sortType === 'number') {
const parsed = parseFloat(String(value).replace(/[^0-9.-]/g, ''));
return Number.isNaN(parsed) ? 0 : parsed;
}
if (sortType === 'date') {
const time = Date.parse(value);
return Number.isNaN(time) ? 0 : time;
}
return String(value).toLowerCase();
}
function updateSortIndicators(table, columnIndex, direction) {
$(table).find('.sortable-header').each(function() {
const isCurrent = Number($(this).data('sortIndex')) === Number(columnIndex);
$(this)
.toggleClass('sorted-asc', isCurrent && direction === 'asc')
.toggleClass('sorted-desc', isCurrent && direction === 'desc')
.attr('aria-sort', isCurrent ? direction : 'none');
});
}
function sortEventTable(table, columnIndex, sortType, direction) {
if (!table || !table.tBodies.length) {
return;
}
const tbody = table.tBodies[0];
const rows = Array.from(tbody.rows);
rows.sort((a, b) => {
const first = getSortValue(a, columnIndex, sortType);
const second = getSortValue(b, columnIndex, sortType);
if (first < second) {
return direction === 'asc' ? -1 : 1;
}
if (first > second) {
return direction === 'asc' ? 1 : -1;
}
return 0;
});
rows.forEach((row) => tbody.appendChild(row));
table.dataset.sortColumn = String(columnIndex);
table.dataset.sortType = sortType;
table.dataset.sortDirection = direction;
updateSortIndicators(table, columnIndex, direction);
}
function applyActiveSort(table) {
if (!table || !table.dataset || !table.dataset.sortColumn) {
return;
}
sortEventTable(
table,
Number(table.dataset.sortColumn),
table.dataset.sortType || 'text',
table.dataset.sortDirection || 'asc'
);
}
function getTableRowOrder(table) {
if (!table || !table.tBodies.length) {
return [];
}
return Array.from(table.tBodies[0].rows)
.map((row) => String(row.dataset.chargeId || '').trim())
.filter(Boolean);
}
function buildPdfUrl(link) {
const baseHref = String(link.dataset.baseHref || link.getAttribute('href') || '');
const url = new URL(baseHref, window.location.origin);
const scope = String(link.dataset.printScope || 'single');
if (scope === 'all') {
document.querySelectorAll('.event-card').forEach((card) => {
const eventId = String(card.dataset.eventId || '').trim();
const table = card.querySelector('.event-charges-table');
const rowOrder = getTableRowOrder(table);
if (eventId && rowOrder.length) {
url.searchParams.set(`row_order[${eventId}]`, rowOrder.join(','));
}
});
return url.toString();
}
const eventId = String(link.dataset.eventId || '').trim();
const table = eventId ? document.getElementById(`eventTable_${eventId}`) : null;
const rowOrder = getTableRowOrder(table);
if (eventId && rowOrder.length) {
url.searchParams.set(`row_order[${eventId}]`, rowOrder.join(','));
}
return url.toString();
}
$('.sortable-header').on('click', function() {
const $button = $(this);
const table = $button.closest('table').get(0);
const columnIndex = Number($button.data('sortIndex'));
const sortType = String($button.data('sortType') || 'text');
const currentColumn = Number(table.dataset.sortColumn);
const currentDirection = table.dataset.sortDirection || 'asc';
const direction = currentColumn === columnIndex && currentDirection === 'asc' ? 'desc' : 'asc';
sortEventTable(table, columnIndex, sortType, direction);
});
$('.pdf-print-link').on('click', function() {
this.href = buildPdfUrl(this);
});
$('#externalParticipantSave').on('click', function() {
const firstName = capitalizeName($('#modalExternalFirstName').val().trim());
const lastName = capitalizeName($('#modalExternalLastName').val().trim());
const note = $('#modalExternalNote').val().trim();
if (!firstName && !lastName) {
alert('Please provide at least a first or last name for the non-school participant.');
return;
}
const parentFirst = capitalizeName($('#modalParentFirstName').val().trim());
const parentLast = capitalizeName($('#modalParentLastName').val().trim());
const parentPhone = $('#modalParentPhone').val().trim();
const parentEmail = $('#modalParentEmail').val().trim();
const eventId = $('#event_id').val();
if (!eventId) {
alert('Select an event before adding a non-school participant.');
return;
}
const explicitParentName = `${parentFirst} ${parentLast}`.trim();
if (!explicitParentName) {
alert('Please enter the external kid parent name.');
return;
}
if (!parentEmail) {
alert('Please enter the external kid parent email.');
return;
}
submitExternalParticipant({
firstname: firstName,
lastname: lastName,
note: note,
parentFirstname: parentFirst,
parentLastname: parentLast,
parentPhone: parentPhone,
parentEmail: parentEmail,
eventId: eventId
});
clearModalInputs();
});
});
</script> </script>
<?= $this->endSection() ?> <?= $this->endSection() ?>
@@ -0,0 +1,207 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Event Participant Lists</title>
<style>
@page {
margin: 24px;
}
body {
font-family: DejaVu Sans, sans-serif;
font-size: 11px;
color: #1f2933;
}
h1 {
margin: 0 0 6px;
font-size: 20px;
}
.meta {
margin: 0 0 18px;
color: #52606d;
font-size: 10px;
}
.event-card {
margin-bottom: 22px;
page-break-inside: avoid;
}
.event-title {
margin: 0 0 8px;
padding: 8px 10px;
background: #f5f7fa;
border: 1px solid #d9e2ec;
font-size: 14px;
font-weight: 700;
}
table {
width: 100%;
border-collapse: collapse;
table-layout: fixed;
}
th,
td {
border: 1px solid #d9e2ec;
padding: 6px 7px;
vertical-align: top;
word-wrap: break-word;
}
th {
background: #f5f7fa;
text-align: left;
font-weight: 700;
}
tfoot th {
background: #f5f7fa;
}
.small {
color: #52606d;
font-size: 10px;
}
.status-paid {
color: #166534;
font-weight: 700;
}
.status-unpaid {
color: #b42318;
font-weight: 700;
}
.status-neutral {
color: #52606d;
font-weight: 700;
}
</style>
</head>
<body>
<?php
$title = !empty($filterEventId) ? 'Event Participant List' : 'All Event Participant Lists';
if (!empty($filterParentId)) {
$title .= ' for Selected Parent';
}
?>
<h1><?= esc($title) ?></h1>
<p class="meta">
Generated on <?= esc($generatedAt) ?>
| School Year: <?= esc($school_year ?: 'N/A') ?>
| Semester: <?= esc($semester ?: 'N/A') ?>
</p>
<?php if (empty($groupedCharges)): ?>
<p>No charges found for the selected filters.</p>
<?php else: ?>
<?php foreach ($groupedCharges as $eventId => $data): ?>
<?php
$rows = $data['rows'] ?? [];
$totalParticipants = 0;
$totalCharged = 0.0;
?>
<section class="event-card">
<h2 class="event-title"><?= esc($data['label'] ?? 'N/A') ?></h2>
<table>
<thead>
<tr>
<th style="width: 4%;">ID</th>
<th style="width: 15%;">Parent Name</th>
<th style="width: 14%;">Student Name</th>
<th style="width: 15%;">External Info</th>
<th style="width: 11%;">Class Section</th>
<th style="width: 8%;">Charged Amount</th>
<th style="width: 10%;">Created</th>
<th style="width: 7%;">Waiver</th>
<th style="width: 7%;">Fees Paid</th>
<th style="width: 9%;">Payment</th>
</tr>
</thead>
<tbody>
<?php foreach ($rows as $charge): ?>
<?php
$isParticipating = ($charge['participation'] ?? '') === 'yes';
$isEventPaid = !empty($charge['event_paid']);
$feeAmount = (float) ($charge['event_amount'] ?? 0);
$hasBalanceRecord = array_key_exists((int) ($charge['parent_id'] ?? 0), $parentBalances);
$parentBalance = $hasBalanceRecord ? (float) $parentBalances[(int) $charge['parent_id']] : null;
$waiverSigned = !empty($charge['waiver_signed']);
$feeIsPaid = $isParticipating && ($isEventPaid || ($hasBalanceRecord && $parentBalance <= 0));
$studentName = !empty($charge['student_firstname'])
? trim(($charge['student_firstname'] ?? '') . ' ' . ($charge['student_lastname'] ?? ''))
: '';
$externalName = trim(($charge['external_firstname'] ?? '') . ' ' . ($charge['external_lastname'] ?? ''));
$displayName = $studentName ?: ($externalName ?: '—');
$externalNote = trim((string) ($charge['external_note'] ?? ''));
$externalParentLabel = trim(($charge['external_parent_firstname'] ?? '') . ' ' . ($charge['external_parent_lastname'] ?? ''));
$externalParentPhone = trim((string) ($charge['external_parent_phone'] ?? ''));
$externalParentEmail = trim((string) ($charge['external_parent_email'] ?? ''));
$parentPhone = trim((string) ($charge['parent_cellphone'] ?? ''));
$standardParentName = trim(($charge['parent_firstname'] ?? '') . ' ' . ($charge['parent_lastname'] ?? ''));
$parentColumnName = $externalParentLabel ?: ($standardParentName ?: '—');
$isExternalParticipant = $externalName !== '';
$infoPhone = $isExternalParticipant ? $externalParentPhone : $parentPhone;
$infoEmail = $isExternalParticipant ? $externalParentEmail : '';
$classSectionName = $classSectionNames[$charge['class_section_id'] ?? ''] ?? '—';
if ($isParticipating) {
$totalParticipants++;
$totalCharged += $feeAmount;
}
?>
<tr>
<td><?= esc($charge['id'] ?? '') ?></td>
<td><?= esc($parentColumnName) ?></td>
<td>
<?= esc($displayName) ?>
<?php if ($externalNote !== ''): ?>
<div class="small"><?= esc($externalNote) ?></div>
<?php endif; ?>
</td>
<td>
<?php if ($infoPhone !== ''): ?>
<div class="small"><?= esc($infoPhone) ?></div>
<?php endif; ?>
<?php if ($infoEmail !== ''): ?>
<div class="small"><?= esc($infoEmail) ?></div>
<?php endif; ?>
<?php if ($infoPhone === '' && $infoEmail === ''): ?>
<span class="small">—</span>
<?php endif; ?>
</td>
<td><?= esc($classSectionName) ?></td>
<td>$<?= esc(number_format($feeAmount, 2)) ?></td>
<td><?= esc(!empty($charge['created_at']) ? local_datetime($charge['created_at'], 'm-d-Y H:i') : '') ?></td>
<td class="<?= $waiverSigned ? 'status-paid' : 'status-neutral' ?>">
<?= $waiverSigned ? 'Signed' : 'Unsigned' ?>
</td>
<td class="<?= $feeIsPaid ? 'status-paid' : 'status-unpaid' ?>">
<?= $feeIsPaid ? 'Paid' : 'Unpaid' ?>
</td>
<td class="<?= $isEventPaid ? 'status-paid' : 'status-unpaid' ?>">
<?= $isEventPaid ? 'Paid' : 'Unpaid' ?>
</td>
</tr>
<?php endforeach; ?>
</tbody>
<tfoot>
<tr>
<th colspan="5">Totals</th>
<th>$<?= esc(number_format($totalCharged, 2)) ?></th>
<th colspan="4"><?= esc($totalParticipants) ?> participating</th>
</tr>
</tfoot>
</table>
</section>
<?php endforeach; ?>
<?php endif; ?>
</body>
</html>
+12 -2
View File
@@ -12,6 +12,14 @@
<div class="alert alert-danger"><?= session()->getFlashdata('error') ?></div> <div class="alert alert-danger"><?= session()->getFlashdata('error') ?></div>
<?php endif; ?> <?php endif; ?>
<?php if (session()->getFlashdata('email_status')): ?>
<div class="alert alert-info"><?= session()->getFlashdata('email_status') ?></div>
<?php endif; ?>
<?php if (session()->getFlashdata('email_error')): ?>
<div class="alert alert-warning"><?= session()->getFlashdata('email_error') ?></div>
<?php endif; ?>
<?php if (empty($events)): ?> <?php if (empty($events)): ?>
<div class="alert alert-info mb-3 d-inline-block">No events found.</div> <div class="alert alert-info mb-3 d-inline-block">No events found.</div>
<?php else: ?> <?php else: ?>
@@ -21,7 +29,8 @@
<tr> <tr>
<th>Event Name</th> <th>Event Name</th>
<th>Category</th> <th>Category</th>
<th>Amount</th> <th>Description</th>
<th>Event Fees</th>
<th>Expiration Date</th> <th>Expiration Date</th>
<th>Semester</th> <th>Semester</th>
<th>School Year</th> <th>School Year</th>
@@ -33,7 +42,8 @@
<tr> <tr>
<td><?= esc($event['event_name']) ?></td> <td><?= esc($event['event_name']) ?></td>
<td><?= esc($event['event_category'] ?? '—') ?></td> <td><?= esc($event['event_category'] ?? '—') ?></td>
<td><?= esc($event['amount']) ?></td> <td><?= esc(!empty($event['description']) ? $event['description'] : '—') ?></td>
<td>$<?= esc(number_format($event['amount'], 2)) ?></td>
<td><?= esc(!empty($event['expiration_date']) ? local_date($event['expiration_date'], 'm-d-Y') : '') ?></td> <td><?= esc(!empty($event['expiration_date']) ? local_date($event['expiration_date'], 'm-d-Y') : '') ?></td>
<td><?= esc($event['semester']) ?></td> <td><?= esc($event['semester']) ?></td>
<td><?= esc($event['school_year']) ?></td> <td><?= esc($event['school_year']) ?></td>
+457 -155
View File
@@ -1,11 +1,36 @@
<?= $this->extend('layout/management_layout') ?> <?= $this->extend('layout/management_layout') ?>
<?= $this->section('content') ?> <?= $this->section('content') ?>
<?php
$statusBadges = $statusBadges ?? [];
$drafts = $drafts ?? [];
$legacyByClass = $legacyByClass ?? [];
$classSections = $classSections ?? [];
$examTypes = $examTypes ?? [];
$visibleClasses = $visibleClasses ?? [];
$classDraftGroups = $classDraftGroups ?? [];
$newSubmissionClasses = $newSubmissionClasses ?? [];
$schoolYear = $schoolYear ?? '';
$semester = $semester ?? '';
$maxUploadBytes = $maxUploadBytes ?? (12 * 1024 * 1024);
$allowedExtensions = $allowedExtensions ?? ['doc', 'docx', 'pdf'];
$reviewActionUrl = $reviewActionUrl ?? base_url('administrator/exam-drafts/review');
$legacyUploadUrl = $legacyUploadUrl ?? base_url('administrator/exam-drafts/upload-legacy');
$reviewPortalLabel = $reviewPortalLabel ?? 'Administrator';
$renderBadge = static function (string $status, array $badges): string {
$b = $badges[$status] ?? ['label' => $status, 'class' => 'bg-secondary text-white'];
$style = !empty($b['style']) ? ' style="' . esc($b['style']) . '"' : '';
return '<span class="badge ' . esc($b['class']) . '"' . $style . '>' . esc($b['label']) . '</span>';
};
$fileAccept = implode(',', array_map(static fn ($x) => '.' . $x, $allowedExtensions));
?>
<div class="container-fluid px-4 py-4"> <div class="container-fluid px-4 py-4">
<div class="d-flex flex-column flex-lg-row justify-content-between align-items-lg-center gap-3 mb-4"> <div class="d-flex flex-column flex-lg-row justify-content-between align-items-lg-center gap-3 mb-4">
<div> <div>
<h1 class="h3 mb-1">Exam Draft Submissions</h1> <h1 class="h3 mb-1">Exam draft submissions</h1>
<p class="text-muted mb-0 small"> <p class="text-muted mb-0 small">
<?= esc($semester ?: 'Semester') ?> <?= esc($schoolYear ?: '') ?> <?= esc($reviewPortalLabel) ?> review portal · <?= esc($semester ?: 'Semester') ?> <?= esc($schoolYear ?: '') ?>
</p> </p>
</div> </div>
<div class="text-muted small d-flex flex-column align-items-lg-end"> <div class="text-muted small d-flex flex-column align-items-lg-end">
@@ -15,13 +40,9 @@
</div> </div>
<?php if (session()->getFlashdata('success')): ?> <?php if (session()->getFlashdata('success')): ?>
<div class="alert alert-success"> <div class="alert alert-success"><?= esc(session()->getFlashdata('success')) ?></div>
<?= esc(session()->getFlashdata('success')) ?>
</div>
<?php elseif (session()->getFlashdata('error')): ?> <?php elseif (session()->getFlashdata('error')): ?>
<div class="alert alert-danger"> <div class="alert alert-danger"><?= esc(session()->getFlashdata('error')) ?></div>
<?= esc(session()->getFlashdata('error')) ?>
</div>
<?php endif; ?> <?php endif; ?>
<ul class="nav nav-pills mb-3" id="examDraftTabs" role="tablist"> <ul class="nav nav-pills mb-3" id="examDraftTabs" role="tablist">
@@ -32,177 +53,253 @@
</li> </li>
<li class="nav-item" role="presentation"> <li class="nav-item" role="presentation">
<button class="nav-link" id="legacy-tab" data-bs-toggle="pill" data-bs-target="#legacy" type="button" role="tab" aria-controls="legacy" aria-selected="false"> <button class="nav-link" id="legacy-tab" data-bs-toggle="pill" data-bs-target="#legacy" type="button" role="tab" aria-controls="legacy" aria-selected="false">
Legacy Exams Legacy exams
</button> </button>
</li> </li>
</ul> </ul>
<div class="tab-content" id="examDraftTabsContent"> <div class="tab-content" id="examDraftTabsContent">
<div class="tab-pane fade show active" id="submissions" role="tabpanel" aria-labelledby="submissions-tab"> <div class="tab-pane fade show active" id="submissions" role="tabpanel" aria-labelledby="submissions-tab">
<div class="card mb-4"> <div class="card mb-4">
<div class="card-body"> <div class="card-body">
<?php if (empty($drafts)): ?> <?php if (empty($visibleClasses)): ?>
<p class="text-muted mb-0">No exam drafts have been submitted yet.</p> <p class="text-muted mb-0">No classes with enrolled students are available for this term.</p>
<?php else: ?> <?php else: ?>
<div class="table-responsive"> <div class="accordion exam-drafts-accordion" id="examDraftsAccordion">
<table class="table table-striped table-bordered align-middle mb-0 exam-drafts-table no-mgmt-sticky"> <?php foreach ($visibleClasses as $classSectionId => $classInfo): ?>
<thead class="table-light"> <?php $classDraftsForSection = $classDraftGroups[$classSectionId] ?? []; ?>
<tr> <?php $collapseId = 'classDraftGroup_' . $classSectionId; ?>
<th>Teacher</th> <div class="accordion-item mb-3">
<th>Class</th> <h2 class="accordion-header" id="heading_<?= esc($collapseId) ?>">
<th>Title / Type</th> <button class="accordion-button collapsed px-3" type="button" data-bs-toggle="collapse" data-bs-target="#<?= esc($collapseId) ?>" aria-expanded="false" aria-controls="<?= esc($collapseId) ?>">
<th>Version</th> <div class="d-flex flex-column flex-lg-row w-100 justify-content-between gap-2">
<th>Submitted</th> <div>
<th>Status</th> <strong><?= esc($classInfo['class_section_name'] ?? ('Class ' . $classSectionId)) ?></strong>
<th>Files</th> <div class="small text-muted">
<th>PDF</th> <?= esc($classInfo['student_count'] ?? 0) ?> students · <?= esc(count($classDraftsForSection)) ?> submissions
<th>Review</th> <?php if (!empty($newSubmissionClasses[$classSectionId])): ?>
</tr> <span class="badge bg-info text-dark ms-2">New submission</span>
</thead>
<tbody>
<?php foreach ($drafts as $draft): ?>
<?php
$teacherName = trim(($draft['teacher_first'] ?? '') . ' ' . ($draft['teacher_last'] ?? ''));
if ($teacherName === '') {
$teacherName = ($draft['admin_id'] ?? null) === ($draft['teacher_id'] ?? null)
? 'Admin Upload'
: 'User #' . ($draft['teacher_id'] ?? 'N/A');
}
$statusInfo = $statusBadges[$draft['status'] ?? 'pending'] ?? ['label' => 'Unknown', 'class' => 'bg-secondary text-white'];
$adminName = trim(($draft['admin_first'] ?? '') . ' ' . ($draft['admin_last'] ?? ''));
?>
<tr>
<td><?= esc($teacherName) ?></td>
<td><?= esc($draft['class_section_name'] ?? 'Unknown') ?></td>
<td>
<strong><?= esc($draft['draft_title'] ?? 'Untitled') ?></strong>
<div class="small text-muted"><?= esc($draft['exam_type'] ?? 'N/A') ?></div>
<?php if (!empty($draft['description'])): ?>
<div class="small text-muted"><?= esc($draft['description']) ?></div>
<?php endif; ?>
</td>
<td class="text-nowrap">v<?= esc($draft['version'] ?? 1) ?></td>
<td class="text-nowrap"><?= esc((!empty($draft['created_at']) ? local_datetime($draft['created_at'], 'M j, Y g:i A') : '—')) ?></td>
<td>
<span class="badge <?= esc($statusInfo['class']) ?>">
<?= esc($statusInfo['label']) ?>
</span>
<?php if (!empty($draft['reviewed_at'])): ?>
<div class="small text-muted mt-1">
Reviewed <?= esc(local_datetime($draft['reviewed_at'], 'M j, Y g:i A')) ?>
<?php if ($adminName !== ''): ?>
by <?= esc($adminName) ?>
<?php endif; ?> <?php endif; ?>
</div> </div>
<?php endif; ?> </div>
</td> <span class="badge bg-secondary align-self-start">
<td> <?= esc(count($classDraftsForSection)) ?>
<?php if (!empty($draft['teacher_file'])): ?> <?= count($classDraftsForSection) === 1 ? 'submission' : 'submissions' ?>
<div> </span>
<a href="<?= base_url('exam-drafts/files/teacher/' . $draft['teacher_file']) ?>" target="_blank"> </div>
<?= esc($draft['teacher_filename'] ?? 'Submitted draft') ?> </button>
</a> </h2>
</div> <div id="<?= esc($collapseId) ?>" class="accordion-collapse collapse" aria-labelledby="heading_<?= esc($collapseId) ?>">
<?php else: ?> <div class="accordion-body pt-0 px-3">
<span class="text-muted small">No teacher file</span> <?php if (empty($classDraftsForSection)): ?>
<?php endif; ?> <p class="text-muted mb-0">No submissions yet for this class.</p>
<?php if (!empty($draft['final_file'])): ?> <?php else: ?>
<div class="mt-2"> <div class="table-responsive">
<a href="<?= base_url('exam-drafts/files/final/' . $draft['final_file']) ?>" target="_blank" class="link-success small"> <table class="table table-striped table-bordered align-middle mb-0 exam-drafts-table no-mgmt-sticky">
<?= esc($draft['final_filename'] ?? 'Final draft') ?> <thead class="table-light">
</a> <tr>
</div> <th>Teacher</th>
<?php endif; ?> <th>Class</th>
</td> <th>Title & AuthorNote</th>
<td class="text-nowrap"> <th>Version</th>
<?php <th>Date-Time</th>
$pdfFile = $draft['final_pdf_file'] ?? null; <th>Status</th>
// Fallback: if final_file itself is a pdf, use it <th>Files</th>
if (empty($pdfFile) && !empty($draft['final_file']) && strtolower(pathinfo($draft['final_file'], PATHINFO_EXTENSION)) === 'pdf') { <th>Reviewer Action</th>
$pdfFile = $draft['final_file']; <th>Final version</th>
} </tr>
?> </thead>
<?php if (!empty($pdfFile)): ?> <tbody>
<a href="<?= base_url('exam-drafts/files/final/' . $pdfFile) ?>" target="_blank" class="link-success small"> <?php foreach ($classDraftsForSection as $draft): ?>
PDF <?php
</a> $teacherName = trim(($draft['teacher_first'] ?? '') . ' ' . ($draft['teacher_last'] ?? ''));
<?php else: ?> if ($teacherName === '') {
<span class="text-muted small">—</span> $teacherName = ($draft['admin_id'] ?? null) === ($draft['teacher_id'] ?? null)
<?php endif; ?> ? 'Admin upload'
</td> : 'User #' . ($draft['teacher_id'] ?? 'N/A');
<td> }
<form method="post" action="<?= base_url('/administrator/exam-drafts/review') ?>" enctype="multipart/form-data"> $st = strtolower((string) ($draft['status'] ?? ''));
<?= csrf_field() ?> $adminName = trim(($draft['admin_first'] ?? '') . ' ' . ($draft['admin_last'] ?? ''));
<input type="hidden" name="draft_id" value="<?= esc($draft['id']) ?>"> $authorNote = $draft['author_comment'] ?? $draft['description'] ?? '';
<div class="mb-2"> $reviewerNote = $draft['reviewer_comment'] ?? $draft['admin_comments'] ?? '';
<textarea ?>
name="admin_comments" <tr>
rows="2" <td><?= esc($teacherName) ?></td>
class="form-control form-control-sm" <td><?= esc($draft['class_section_name'] ?? 'Unknown') ?></td>
placeholder="Optional note for the teacher" <td>
><?= esc($draft['admin_comments'] ?? '') ?></textarea> <strong><?= esc($draft['draft_title'] ?? 'Untitled') ?></strong>
</div> <div class="small text-muted"><?= esc($draft['exam_type'] ?? 'N/A') ?></div>
<div class="mb-2"> <?php if ($authorNote !== ''): ?>
<label class="form-label small mb-1">Status</label> <div class="small mt-1">
<select name="review_status" class="form-select form-select-sm"> <span class="text-muted fw-semibold">Author:</span>
<?php foreach ($statusOptions as $option): ?> <?= esc($authorNote) ?>
<option value="<?= esc($option) ?>" <?= ($option === ($draft['status'] ?? '')) ? 'selected' : '' ?>> </div>
<?= esc(ucfirst($option)) ?> <?php endif; ?>
</option> <?php if ($reviewerNote !== ''): ?>
<div class="small mt-1 border-top pt-1">
<span class="text-muted fw-semibold">Reviewer:</span>
<?= esc($reviewerNote) ?>
</div>
<?php endif; ?>
</td>
<td class="text-nowrap">v<?= esc((string) ($draft['version'] ?? 1)) ?></td>
<td class="text-nowrap"><?= esc(!empty($draft['created_at']) ? local_datetime($draft['created_at'], 'M j, Y g:i A') : '—') ?></td>
<td>
<?php
$badgeData = $statusBadges[$st] ?? ['label' => $st, 'class' => 'bg-secondary text-white'];
$badgeStyle = !empty($badgeData['style']) ? ' style="' . esc($badgeData['style']) . '"' : '';
?>
<span class="badge <?= esc($badgeData['class']) ?> js-status-badge" data-status="<?= esc($st) ?>"<?= $badgeStyle ?>>
<?= esc($badgeData['label']) ?>
</span>
<div class="small text-muted mt-1 js-acceptance-note">
<?php if ($st === 'accepted' && !empty($draft['acceptance_type'])): ?>
<?= $draft['acceptance_type'] === 'minor_edits' ? 'Accepted w/ minor edits' : 'Accepted as is' ?>
<?php endif; ?>
</div>
<?php if (!empty($draft['reviewed_at'])): ?>
<div class="small text-muted mt-1">
Reviewed <?= esc(local_datetime($draft['reviewed_at'], 'M j, Y g:i A')) ?>
<?php if ($adminName !== ''): ?>
by <?= esc($adminName) ?>
<?php endif; ?>
</div>
<?php endif; ?>
</td>
<td>
<?php $formId = 'review_form_' . (int) ($draft['id'] ?? 0); ?>
<?php $revNumber = max(1, (int) ($draft['version'] ?? 1)); ?>
<?php if (!empty($draft['teacher_file'])): ?>
<div>
<a href="<?= base_url('exam-drafts/files/teacher/' . $draft['teacher_file']) ?>" target="_blank" rel="noopener">
<?= esc('Ver' . $revNumber . ' ' . ($draft['teacher_filename'] ?? 'Submitted draft')) ?>
</a>
</div>
<?php else: ?>
<span class="text-muted small">No teacher file</span>
<?php endif; ?>
<?php if (!empty($draft['final_file']) && strtolower((string) ($draft['status'] ?? '')) === 'accepted'): ?>
<div class="mt-2">
<a href="<?= base_url('exam-drafts/files/final/' . $draft['final_file']) ?>" target="_blank" rel="noopener" class="link-success small">
<?= esc('Final ' . ($draft['final_filename'] ?? 'Final draft')) ?>
</a>
</div>
<?php endif; ?>
<?php if (!empty($draft['review_files'])): ?>
<div class="mt-2">
<?php
$reviewLinks = [];
foreach ($draft['review_files'] as $rf) {
$rev = max(1, (int) ($rf['review_revision'] ?? 1));
$name = $rf['final_filename'] ?? 'Review file';
$file = $rf['final_file'] ?? '';
if ($file !== '') {
$reviewLinks[] = '<a href="' . esc(base_url('exam-drafts/files/final/' . $file)) . '" target="_blank" rel="noopener" class="link-success small">' . esc('Ver' . $revNumber . '_' . $rev . ' ' . $name) . '</a>';
}
}
?>
<?= !empty($reviewLinks) ? implode(' | ', $reviewLinks) : '' ?>
</div>
<?php endif; ?>
<div class="mt-2">
<?php $fileInputId = 'review_file_' . (int) ($draft['id'] ?? 0); ?>
<input type="file" name="final_file" id="<?= esc($fileInputId) ?>" class="form-control form-control-sm" accept="<?= esc($fileAccept) ?>" form="<?= esc($formId) ?>">
<button type="submit" class="btn btn-sm btn-outline-primary mt-2" form="<?= esc($formId) ?>">Upload review file</button>
</div>
</td>
<td style="min-width: 280px;">
<?= form_open_multipart($reviewActionUrl, ['class' => 'vstack gap-2', 'id' => $formId]) ?>
<?= csrf_field() ?>
<input type="hidden" name="draft_id" value="<?= (int) ($draft['id'] ?? 0) ?>">
<?php $selectedStatus = ''; ?>
<select name="review_status" class="form-select form-select-sm" required>
<option value="" <?= $selectedStatus === '' ? 'selected' : '' ?> disabled>— Select status —</option>
<option value="accepted" <?= $selectedStatus === 'accepted' ? 'selected' : '' ?>>Accepted</option>
<option value="legacy" <?= $selectedStatus === 'legacy' ? 'selected' : '' ?>>Legacy</option>
<option value="canceled" <?= $selectedStatus === 'canceled' ? 'selected' : '' ?>>Canceled</option>
<option value="rejected" <?= $selectedStatus === 'rejected' ? 'selected' : '' ?>>Rejected</option>
<option value="review needed" <?= $selectedStatus === 'review needed' ? 'selected' : '' ?>>Review needed</option>
<option value="under review" <?= $selectedStatus === 'under review' ? 'selected' : '' ?>>Under review</option>
</select>
<div class="small js-acceptance-group d-none">
<span class="d-block mb-1">As is / Minor edits</span>
<?php $acc = (string) ($draft['acceptance_type'] ?? ''); ?>
<div class="form-check form-check-inline">
<input class="form-check-input" type="radio" name="acceptance_type" value="as_is" id="as_is_<?= (int) ($draft['id'] ?? 0) ?>" <?= $acc !== 'minor_edits' ? 'checked' : '' ?>>
<label class="form-check-label" for="as_is_<?= (int) ($draft['id'] ?? 0) ?>">As is</label>
</div>
<div class="form-check form-check-inline">
<input class="form-check-input" type="radio" name="acceptance_type" value="minor_edits" id="minor_<?= (int) ($draft['id'] ?? 0) ?>" <?= $acc === 'minor_edits' ? 'checked' : '' ?>>
<label class="form-check-label" for="minor_<?= (int) ($draft['id'] ?? 0) ?>">Minor edits</label>
</div>
</div>
<textarea name="reviewer_comment" class="form-control form-control-sm js-review-comment" rows="3" placeholder="Feedback for the teacher"><?= esc($draft['reviewer_comment'] ?? $draft['reviewer_comments'] ?? $draft['admin_comments'] ?? '') ?></textarea>
<div class="d-flex flex-wrap gap-2">
<span class="text-muted small js-review-status"></span>
</div>
<?= form_close() ?>
</td>
<td class="text-nowrap" style="min-width: 220px;">
<?php
$pdfFile = $draft['final_pdf_file'] ?? null;
if (empty($pdfFile) && !empty($draft['final_file']) && strtolower(pathinfo($draft['final_file'], PATHINFO_EXTENSION)) === 'pdf') {
$pdfFile = $draft['final_file'];
}
?>
<?php if (!empty($pdfFile)): ?>
<div class="mt-2 d-flex flex-wrap gap-2">
<a class="btn btn-sm btn-outline-primary" href="<?= base_url('exam-drafts/files/final/' . $pdfFile) ?>" target="_blank" rel="noopener">View</a>
<a class="btn btn-sm btn-outline-secondary" href="<?= base_url('exam-drafts/files/final/' . $pdfFile) ?>" target="_blank" rel="noopener" download>Download</a>
</div>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?> <?php endforeach; ?>
</select> </tbody>
</div> </table>
<div class="mb-2"> </div>
<label class="form-label small mb-1">Upload final draft</label> <?php endif; ?>
<input type="file" name="final_file" class="form-control form-control-sm"> </div>
</div> </div>
<button type="submit" class="btn btn-sm btn-primary w-100"> </div>
Save review <?php endforeach; ?>
</button>
</form>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div> </div>
<?php endif; ?> <?php endif; ?>
</div> </div>
</div> </div>
</div> </div>
<div class="tab-pane fade" id="legacy" role="tabpanel" aria-labelledby="legacy-tab"> <div class="tab-pane fade" id="legacy" role="tabpanel" aria-labelledby="legacy-tab">
<div class="card border-primary-subtle mb-3"> <div class="card border-primary-subtle mb-3">
<div class="card-header bg-light d-flex justify-content-between align-items-center"> <div class="card-header bg-light d-flex justify-content-between align-items-center">
<div> <div>
<strong>Upload Old / Legacy Exam</strong> <strong>Upload old / legacy exam</strong>
<div class="small text-muted">Store historic exams as finalized records.</div> <div class="small text-muted">Store historic exams as accepted records.</div>
</div> </div>
<span class="badge bg-primary-subtle text-primary">Admin only</span> <span class="badge bg-primary-subtle text-primary">Admin only</span>
</div> </div>
<div class="card-body"> <div class="card-body">
<form method="post" action="<?= base_url('/administrator/exam-drafts/upload-legacy') ?>" enctype="multipart/form-data" class="row g-3"> <?= form_open_multipart($legacyUploadUrl, ['class' => 'row g-3']) ?>
<?= csrf_field() ?> <?= csrf_field() ?>
<div class="col-md-4"> <div class="col-md-4">
<label class="form-label small">Class Section</label> <label class="form-label small">Class sections</label>
<select name="class_section_id" class="form-select" required> <select name="class_section_ids[]" class="form-select" multiple required size="6">
<option value="">Select class</option>
<?php foreach ($classSections as $cs): ?> <?php foreach ($classSections as $cs): ?>
<option value="<?= esc($cs['class_section_id']) ?>"><?= esc($cs['class_section_name']) ?></option> <option value="<?= esc($cs['class_section_id'] ?? '') ?>"><?= esc($cs['class_section_name'] ?? '') ?></option>
<?php endforeach; ?> <?php endforeach; ?>
</select> </select>
<div class="form-text">Hold Ctrl (Windows) or Command (Mac) to select multiple sections.</div>
</div> </div>
<div class="col-md-2"> <div class="col-md-2">
<label class="form-label small">School Year</label> <label class="form-label small">School year</label>
<input type="text" name="school_year" class="form-control" value="<?= esc($schoolYear) ?>" placeholder="2025-2026" required> <input type="text" name="school_year" class="form-control" value="<?= esc($schoolYear) ?>" placeholder="2025-2026" required>
</div> </div>
<div class="col-md-2"> <div class="col-md-2">
<label class="form-label small">Semester</label> <label class="form-label small">Semester</label>
<select name="semester" class="form-select" required> <input type="text" name="semester" class="form-control" value="<?= esc($semester) ?>" placeholder="Fall / Spring" required>
<option value="Fall" <?= ($semester === 'Fall') ? 'selected' : '' ?>>Fall</option>
<option value="Spring" <?= ($semester === 'Spring') ? 'selected' : '' ?>>Spring</option>
</select>
</div> </div>
<div class="col-md-4"> <div class="col-md-4">
<label class="form-label small">Exam Type</label> <label class="form-label small">Exam type</label>
<select name="exam_type" class="form-select"> <select name="exam_type" class="form-select">
<option value="">— Select type —</option> <option value="">— Select type —</option>
<?php foreach ($examTypes as $type): ?> <?php foreach ($examTypes as $type): ?>
@@ -211,14 +308,14 @@
</select> </select>
</div> </div>
<div class="col-12"> <div class="col-12">
<label class="form-label small">Upload File</label> <label class="form-label small">Upload file</label>
<input type="file" name="old_exam_file" class="form-control" accept=".doc,.docx,.pdf" required> <input type="file" name="old_exam_file" class="form-control" accept="<?= esc($fileAccept) ?>" required>
<div class="form-text">Allowed: <?= esc(implode(', ', $allowedExtensions)) ?> • Max <?= number_format($maxUploadBytes / 1024 / 1024, 0) ?> MB</div> <div class="form-text">Allowed: <?= esc(implode(', ', $allowedExtensions)) ?> • Max <?= number_format($maxUploadBytes / 1024 / 1024, 0) ?> MB</div>
</div> </div>
<div class="col-12"> <div class="col-12">
<button type="submit" class="btn btn-primary">Upload Legacy Exam</button> <button type="submit" class="btn btn-primary">Upload legacy exam</button>
</div> </div>
</form> <?= form_close() ?>
</div> </div>
</div> </div>
@@ -231,20 +328,21 @@
<div class="mb-4"> <div class="mb-4">
<h6 class="mb-2"><?= esc($group['class_section_name'] ?? 'Class') ?></h6> <h6 class="mb-2"><?= esc($group['class_section_name'] ?? 'Class') ?></h6>
<div class="list-group"> <div class="list-group">
<?php foreach ($group['items'] as $item): ?> <?php foreach ($group['items'] ?? [] as $item): ?>
<div class="list-group-item d-flex justify-content-between align-items-start"> <?php $lst = strtolower((string) ($item['status'] ?? '')); ?>
<div class="list-group-item d-flex justify-content-between align-items-start flex-wrap gap-2">
<div class="me-3"> <div class="me-3">
<div class="fw-semibold"><?= esc($item['draft_title'] ?? 'Legacy Exam') ?></div> <div class="fw-semibold"><?= esc($item['draft_title'] ?? 'Legacy exam') ?></div>
<div class="small text-muted"> <div class="small text-muted">
<?= esc($item['exam_type'] ?? 'N/A') ?> • <?= esc($item['exam_type'] ?? 'N/A') ?> •
<?= esc($item['semester'] ?? '') ?> <?= esc($item['school_year'] ?? '') ?> <?= esc($item['semester'] ?? '') ?> <?= esc($item['school_year'] ?? '') ?>
</div> </div>
<div class="small mt-1"><?= $renderBadge($lst, $statusBadges) ?></div>
</div> </div>
<div class="text-end"> <div class="text-end d-flex flex-wrap gap-2 justify-content-end">
<?php if (!empty($item['final_file'])): ?> <?php if (!empty($item['final_file'])): ?>
<a href="<?= base_url('exam-drafts/files/final/' . $item['final_file']) ?>" target="_blank" class="btn btn-sm btn-outline-primary"> <a class="btn btn-sm btn-outline-primary" href="<?= base_url('exam-drafts/files/final/' . $item['final_file']) ?>" target="_blank" rel="noopener">View</a>
Download <a class="btn btn-sm btn-outline-secondary" href="<?= base_url('exam-drafts/files/final/' . $item['final_file']) ?>" target="_blank" rel="noopener" download>Download</a>
</a>
<?php else: ?> <?php else: ?>
<span class="text-muted small">File missing</span> <span class="text-muted small">File missing</span>
<?php endif; ?> <?php endif; ?>
@@ -260,6 +358,208 @@
</div> </div>
</div> </div>
</div> </div>
<script>
document.addEventListener('DOMContentLoaded', () => {
const submissionsTab = document.getElementById('submissions-tab');
if (submissionsTab) {
submissionsTab.addEventListener('click', () => {
window.location.reload();
});
}
const statusBadges = <?= json_encode($statusBadges, JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_AMP | JSON_HEX_QUOT) ?>;
const csrfTokenName = <?= json_encode(csrf_token(), JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_AMP | JSON_HEX_QUOT) ?>;
const csrfCookieNames = <?= json_encode(array_values(array_filter([
config('Security')->csrfCookieName ?? null,
config('Security')->cookieName ?? null,
'csrf_cookie_name',
])), JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_AMP | JSON_HEX_QUOT) ?>;
const readCookie = (name) => {
const match = document.cookie.match(new RegExp('(?:^|; )' + name.replace(/[$()*+.?[\\\]^{|}-]/g, '\\$&') + '=([^;]*)'));
return match ? decodeURIComponent(match[1]) : '';
};
const syncCsrfToken = (form) => {
let tokenValue = '';
csrfCookieNames.some((name) => {
tokenValue = readCookie(name);
return tokenValue !== '';
});
if (!tokenValue && form) {
const tokenInput = form.querySelector(`input[name="${csrfTokenName}"]`);
if (tokenInput && tokenInput.value) {
tokenValue = tokenInput.value;
}
}
if (!tokenValue || !form) {
return tokenValue;
}
const tokenInput = form.querySelector(`input[name="${csrfTokenName}"]`);
if (tokenInput) {
tokenInput.value = tokenValue;
}
return tokenValue;
};
const updateRow = (row) => {
const statusSelect = row.querySelector('select[name="review_status"]');
const acceptanceGroup = row.querySelector('.js-acceptance-group');
if (!statusSelect || !acceptanceGroup) {
return;
}
acceptanceGroup.classList.toggle('d-none', statusSelect.value !== 'accepted');
};
const updateStatusUI = (row) => {
const statusSelect = row.querySelector('select[name="review_status"]');
const badge = row.querySelector('.js-status-badge');
if (!statusSelect || !badge || statusSelect.value === '') {
return;
}
const status = statusSelect.value;
const badgeData = statusBadges[status] || { label: status, class: 'bg-secondary text-white' };
badge.textContent = badgeData.label || status;
badge.className = `badge ${badgeData.class} js-status-badge`;
if (badgeData.style) {
badge.setAttribute('style', badgeData.style);
} else {
badge.removeAttribute('style');
}
badge.dataset.status = status;
const acceptanceNote = row.querySelector('.js-acceptance-note');
if (acceptanceNote) {
if (status === 'accepted') {
const acc = row.querySelector('input[name="acceptance_type"]:checked');
acceptanceNote.textContent = acc && acc.value === 'minor_edits'
? 'Accepted w/ minor edits'
: 'Accepted as is';
} else {
acceptanceNote.textContent = '';
}
}
};
const saveRow = (row, options = {}) => {
const form = row.querySelector('form');
if (!form) {
return;
}
const statusSelect = form.querySelector('select[name="review_status"]');
if (!statusSelect) {
return;
}
const statusLabel = form.querySelector('.js-review-status');
const data = new FormData(form);
data.delete('final_file');
data.delete('old_exam_file');
if (options.commitComment) {
const commentInput = form.querySelector('textarea[name="reviewer_comment"]');
if (commentInput) {
const raw = commentInput.value || '';
const committed = raw.endsWith('\n') ? raw : raw + '\n';
data.set('reviewer_comment', committed);
}
}
const csrfToken = syncCsrfToken(form);
if (csrfToken) {
data.set(csrfTokenName, csrfToken);
}
if (statusLabel) {
statusLabel.textContent = 'Saving...';
}
fetch(form.action, {
method: 'POST',
body: data,
credentials: 'same-origin',
headers: {
'X-Requested-With': 'XMLHttpRequest',
'X-CSRF-TOKEN': csrfToken,
},
})
.then((resp) => {
if (!resp.ok) {
throw new Error('Save failed');
}
syncCsrfToken(form);
updateStatusUI(row);
if (statusLabel) {
statusLabel.textContent = 'Saved';
}
setTimeout(() => {
if (statusLabel && statusLabel.textContent === 'Saved') {
statusLabel.textContent = '';
}
}, 1500);
})
.catch(() => {
if (statusLabel) {
statusLabel.textContent = 'Error saving';
}
});
};
const debounce = (fn, wait) => {
let timer;
return (...args) => {
clearTimeout(timer);
timer = setTimeout(() => fn(...args), wait);
};
};
const debouncedSave = debounce(saveRow, 500);
document.querySelectorAll('.exam-drafts-table tbody tr').forEach(updateRow);
document.addEventListener('change', (event) => {
const target = event.target;
if (!(target instanceof HTMLElement)) {
return;
}
const row = target.closest('tr');
if (!row) {
return;
}
if (target instanceof HTMLSelectElement && target.name === 'review_status') {
updateRow(row);
debouncedSave(row);
return;
}
if (target instanceof HTMLInputElement && target.name === 'acceptance_type') {
debouncedSave(row);
}
});
document.addEventListener('input', (event) => {
const target = event.target;
if (!(target instanceof HTMLTextAreaElement) || target.name !== 'reviewer_comment') {
return;
}
const row = target.closest('tr');
if (row && target.value.endsWith('\n')) {
const lastCommitted = target.dataset.lastCommitted || '';
if (target.value !== lastCommitted) {
target.dataset.lastCommitted = target.value;
debouncedSave(row, { commitComment: true });
}
}
});
document.addEventListener('blur', (event) => {
const target = event.target;
if (!(target instanceof HTMLTextAreaElement) || target.name !== 'reviewer_comment') {
return;
}
const row = target.closest('tr');
if (row) {
const lastCommitted = target.dataset.lastCommitted || '';
if (target.value !== lastCommitted) {
target.dataset.lastCommitted = target.value;
debouncedSave(row, { commitComment: true });
}
}
}, true);
});
</script>
<?= $this->endSection() ?> <?= $this->endSection() ?>
<?= $this->section('styles') ?> <?= $this->section('styles') ?>
@@ -270,13 +570,15 @@
word-break: break-word; word-break: break-word;
} }
.exam-drafts-table th { .exam-drafts-table th {
min-width: 120px; min-width: 0;
white-space: nowrap;
} }
.exam-drafts-table td { .exam-drafts-table td {
max-width: 220px; max-width: none;
} }
.exam-drafts-table { .exam-drafts-table {
table-layout: auto; table-layout: auto;
width: max-content;
} }
.exam-drafts-table thead th { .exam-drafts-table thead th {
background-color: #f8f9fa; background-color: #f8f9fa;
@@ -13,17 +13,19 @@
</a> </a>
</div> </div>
<!-- Search Form --> <!-- Search Form -->
<!--form method="get" action="<--?= base_url('admin/paypal-transactions') ?>" class="mb-3"> <!--
<--?= csrf_field(); ?> <form method="get" action="<?= base_url('admin/paypal-transactions') ?>" class="mb-3">
<?= csrf_field(); ?>
<div class="input-group"> <div class="input-group">
<input type="text" name="q" value="<--?= esc($keyword) ?>" class="form-control" <input type="text" name="q" value="<?= esc($keyword) ?>" class="form-control"
placeholder="Search by transaction ID, email, order ID, or event type"> placeholder="Search by transaction ID, email, order ID, or event type">
<button type="submit" class="btn btn-primary">Search</button> <button type="submit" class="btn btn-primary">Search</button>
<--?php if ($keyword): ?> <?php if ($keyword): ?>
<a href="<--?= base_url('admin/paypal-transactions') ?>" class="btn btn-secondary">Clear</a> <a href="<?= base_url('admin/paypal-transactions') ?>" class="btn btn-secondary">Clear</a>
<--?php endif; ?> <?php endif; ?>
</div> </div>
</form--> </form>
-->
<!-- Transactions Table --> <!-- Transactions Table -->
<table id="myTable" class="display table table-striped"> <table id="myTable" class="display table table-striped">
+80 -52
View File
@@ -144,58 +144,86 @@
<span class="text-muted small"><?= count($entries) ?> record<?= count($entries) === 1 ? '' : 's' ?></span> <span class="text-muted small"><?= count($entries) ?> record<?= count($entries) === 1 ? '' : 's' ?></span>
</div> </div>
<div class="card-body"> <div class="card-body">
<div class="table-responsive"> <?php if (empty($entries)): ?>
<table class="table table-bordered table-hover align-middle mb-0" data-no-mgmt-sticky> <div class="text-center text-muted">No curriculum records yet.</div>
<thead class="table-light"> <?php else: ?>
<tr> <?php
<th>Class</th> $entriesByClass = [];
<th>Subject</th> foreach ($entries as $entry) {
<th>Unit</th> $className = ($entry['class_name'] ?? '') ?: '—';
<th>Unit title</th> if (!isset($entriesByClass[$className])) {
<th>Chapter / Surah</th> $entriesByClass[$className] = [];
<th>Updated</th> }
<th style="min-width: 170px;">Actions</th> $entriesByClass[$className][] = $entry;
</tr> }
</thead> ?>
<tbody> <div class="accordion" id="curriculumAccordion">
<?php if (empty($entries)): ?> <?php $accIndex = 0; ?>
<tr> <?php foreach ($entriesByClass as $className => $classEntries): ?>
<td colspan="7" class="text-center text-muted">No curriculum records yet.</td> <?php
</tr> $accIndex++;
<?php else: ?> $collapseId = 'curriculum-class-' . $accIndex;
<?php foreach ($entries as $entry): ?> $headingId = 'curriculum-heading-' . $accIndex;
<?php ?>
$subjectLabel = $subjectLabels[$entry['subject']] ?? ucfirst($entry['subject'] ?? ''); <div class="accordion-item mb-2">
$updatedAt = $entry['updated_at'] ?? $entry['created_at'] ?? ''; <h2 class="accordion-header" id="<?= esc($headingId) ?>">
$updatedDisplay = ''; <button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#<?= esc($collapseId) ?>" aria-expanded="false" aria-controls="<?= esc($collapseId) ?>">
if ($updatedAt) { <?= esc($className) ?>
try { <span class="badge bg-secondary ms-2"><?= count($classEntries) ?> entries</span>
$updatedDisplay = (new \DateTime($updatedAt))->format('M d, Y H:i'); </button>
} catch (\Exception $e) { </h2>
$updatedDisplay = $updatedAt; <div id="<?= esc($collapseId) ?>" class="accordion-collapse collapse" aria-labelledby="<?= esc($headingId) ?>" data-bs-parent="#curriculumAccordion">
} <div class="accordion-body">
} <div class="table-responsive">
?> <table class="table table-bordered table-hover align-middle mb-0" data-no-mgmt-sticky>
<tr> <thead class="table-light">
<td><?= esc(($entry['class_name'] ?? '') ?: '—') ?></td> <tr>
<td><?= esc($subjectLabel) ?></td> <th>Subject</th>
<td><?= $entry['unit_number'] ? esc((string)$entry['unit_number']) : '—' ?></td> <th>Unit</th>
<td><?= esc(($entry['unit_title'] ?? '') ?: '—') ?></td> <th>Unit title</th>
<td><?= esc(($entry['chapter_name'] ?? '') ?: '—') ?></td> <th>Chapter / Surah</th>
<td><?= esc($updatedDisplay ?: '—') ?></td> <th>Updated</th>
<td class="d-flex gap-2 flex-wrap"> <th style="min-width: 170px;">Actions</th>
<a href="<?= site_url('administrator/subject-curriculum/edit/' . $entry['id']) ?>" class="btn btn-sm btn-outline-primary">Edit</a> </tr>
<form action="<?= site_url('administrator/subject-curriculum/delete/' . $entry['id']) ?>" method="post" onsubmit="return confirm('Remove this curriculum entry?');"> </thead>
<?= csrf_field() ?> <tbody>
<button type="submit" class="btn btn-sm btn-outline-danger">Delete</button> <?php foreach ($classEntries as $entry): ?>
</form> <?php
</td> $subjectLabel = $subjectLabels[$entry['subject']] ?? ucfirst($entry['subject'] ?? '');
</tr> $updatedAt = $entry['updated_at'] ?? $entry['created_at'] ?? '';
<?php endforeach; ?> $updatedDisplay = '';
<?php endif; ?> if ($updatedAt) {
</tbody> try {
</table> $updatedDisplay = (new \DateTime($updatedAt))->format('M d, Y H:i');
</div> } catch (\Exception $e) {
$updatedDisplay = $updatedAt;
}
}
?>
<tr>
<td><?= esc($subjectLabel) ?></td>
<td><?= $entry['unit_number'] ? esc((string)$entry['unit_number']) : '—' ?></td>
<td><?= esc(($entry['unit_title'] ?? '') ?: '—') ?></td>
<td><?= esc(($entry['chapter_name'] ?? '') ?: '—') ?></td>
<td><?= esc($updatedDisplay ?: '—') ?></td>
<td class="d-flex gap-2 flex-wrap">
<a href="<?= site_url('administrator/subject-curriculum/edit/' . $entry['id']) ?>" class="btn btn-sm btn-outline-primary">Edit</a>
<form action="<?= site_url('administrator/subject-curriculum/delete/' . $entry['id']) ?>" method="post" onsubmit="return confirm('Remove this curriculum entry?');">
<?= csrf_field() ?>
<button type="submit" class="btn btn-sm btn-outline-danger">Delete</button>
</form>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
</div>
</div>
<?php endforeach; ?>
</div>
<?php endif; ?>
</div> </div>
</div> </div>
</div> </div>
@@ -63,7 +63,15 @@
</thead> </thead>
<tbody> <tbody>
<tr> <tr>
<td colspan="9" class="text-center text-muted">Loading...</td> <td class="text-center text-muted">Loading...</td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
@@ -198,10 +206,12 @@ document.addEventListener('DOMContentLoaded', function () {
if (!teachers || teachers.length === 0) { if (!teachers || teachers.length === 0) {
var emptyRow = document.createElement('tr'); var emptyRow = document.createElement('tr');
var emptyCell = document.createElement('td'); var emptyCell = document.createElement('td');
emptyCell.colSpan = 9;
emptyCell.className = 'text-center text-muted'; emptyCell.className = 'text-center text-muted';
emptyCell.textContent = 'No teachers found.'; emptyCell.textContent = 'No teachers found.';
emptyRow.appendChild(emptyCell); emptyRow.appendChild(emptyCell);
for (var i = 0; i < 8; i++) {
emptyRow.appendChild(document.createElement('td'));
}
tbody.appendChild(emptyRow); tbody.appendChild(emptyRow);
} else { } else {
teachers.forEach(function (teacher, index) { teachers.forEach(function (teacher, index) {
@@ -312,7 +322,10 @@ document.addEventListener('DOMContentLoaded', function () {
return; return;
} }
tbody.innerHTML = '<tr><td colspan="9" class="text-center text-muted">Loading...</td></tr>'; tbody.innerHTML = '<tr>'
+ '<td class="text-center text-muted">Loading...</td>'
+ '<td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td>'
+ '</tr>';
var url = apiList + (selectedYear ? ('?schoolYear=' + encodeURIComponent(selectedYear)) : ''); var url = apiList + (selectedYear ? ('?schoolYear=' + encodeURIComponent(selectedYear)) : '');
fetch(url, { fetch(url, {
+386 -125
View File
@@ -21,140 +21,329 @@
$totalItems = max(0, (int)($summary['total_items'] ?? 0)); $totalItems = max(0, (int)($summary['total_items'] ?? 0));
?> ?>
<div class="card-body"> <div class="card-body">
<div class="border rounded-3 p-3 mb-4 bg-light"> <?php
<div class="d-flex flex-wrap gap-4 align-items-center"> $termExamLabel = (isset($semester) && strtolower((string) $semester) === 'spring') ? 'Final' : 'Midterm';
<div> $lowProgressSectionIds = $lowProgressSectionIds ?? [];
<div class="text-uppercase small text-muted">Submission completion</div> $flaggedClasses = count($lowProgressSectionIds);
<div class="h4 fw-semibold mb-1"><?= esc($completionPercent) ?>%</div> $pageNotifications = [];
<div class="progress" style="height:6px;"> if ($missingItemsCount > 0) {
<div $pageNotifications[] = [
class="progress-bar bg-primary" 'level' => 'danger',
role="progressbar" 'message' => "{$missingItemsCount} missing item" . ($missingItemsCount === 1 ? '' : 's') . " awaiting teacher uploads.",
style="width: <?= esc($completionPercent) ?>%;" ];
aria-valuenow="<?= esc($completionPercent) ?>" }
aria-valuemin="0" if ($completionPercent < 70) {
aria-valuemax="100" $pageNotifications[] = [
></div> 'level' => 'warning',
'message' => "Submission completion is below 70% — follow up with remaining teachers.",
];
}
if ($flaggedClasses > 0) {
$pageNotifications[] = [
'level' => 'warning',
'message' => "Progress is under 50% for {$flaggedClasses} class section" . ($flaggedClasses === 1 ? '' : 's') . ".",
];
}
if (empty($rows)) {
$pageNotifications[] = [
'level' => 'info',
'message' => 'No class-section assignments submitted yet; encourage teachers to upload drafts.',
];
}
if (empty($pageNotifications)) {
$pageNotifications[] = [
'level' => 'info',
'message' => 'All tracked classes are current. Use the controls below to send reminders.',
];
}
$examDraftDeadlineConfig = $examDraftDeadlineConfig ?? '';
$examDraftDeadlineFormatted = $examDraftDeadlineFormatted ?? '';
?>
<?php if (session()->getFlashdata('success')): ?>
<div class="alert alert-success">
<?= esc(session()->getFlashdata('success')) ?>
</div>
<?php elseif (session()->getFlashdata('warning')): ?>
<div class="alert alert-warning">
<?= esc(session()->getFlashdata('warning')) ?>
</div>
<?php elseif (session()->getFlashdata('info')): ?>
<div class="alert alert-info">
<?= esc(session()->getFlashdata('info')) ?>
</div>
<?php endif; ?>
<?php
$groupedRows = [];
foreach ($rows as $idx => $row) {
$classKey = (string) ($row['class_section_id'] ?? $row['class_section'] ?? 'class_' . $idx);
$groupedRows[$classKey][] = $row;
}
?>
<div class="row g-3 mb-4 align-items-stretch">
<div class="col-lg-8">
<div class="row g-3 summary-row">
<div class="col-12 col-sm-6 col-xl-3">
<div class="summary-card h-100 shadow-sm border-0">
<div class="summary-card-body">
<div class="summary-label text-uppercase">Completion</div>
<div class="summary-value"><?= esc($completionPercent) ?>%</div>
<div class="progress summary-progress">
<div
class="progress-bar"
role="progressbar"
style="width: <?= esc($completionPercent) ?>%;"
aria-valuenow="<?= esc($completionPercent) ?>"
aria-valuemin="0"
aria-valuemax="100"
></div>
</div>
</div>
</div>
</div>
<div class="col-12 col-sm-6 col-xl-3">
<div class="summary-card h-100 shadow-sm border-0">
<div class="summary-card-body">
<div class="summary-label text-uppercase">Missing items</div>
<div class="summary-value <?= $missingItemsCount > 0 ? 'text-danger' : '' ?>"><?= esc($missingItemsCount) ?></div>
<div class="summary-note"><?= esc($submittedItems) ?> submitted / <?= esc($totalItems) ?> total</div>
</div>
</div>
</div>
<div class="col-12 col-sm-6 col-xl-3">
<div class="summary-card h-100 shadow-sm border-0">
<div class="summary-card-body">
<div class="summary-label text-uppercase">Submissions</div>
<div class="summary-value"><?= esc($submittedItems) ?></div>
<div class="summary-note"><?= esc($totalItems) ?> teachers tracked</div>
</div>
</div>
</div>
<div class="col-12 col-sm-6 col-xl-3">
<div class="summary-card h-100 shadow-sm border-0">
<div class="summary-card-body">
<div class="summary-label text-uppercase">Flagged</div>
<div class="summary-value"><?= esc($flaggedClasses) ?></div>
<div class="summary-note">Sections under 50% complete</div>
</div>
</div>
</div> </div>
</div> </div>
<div> </div>
<div class="text-uppercase small text-muted">Missing items</div> <div class="col-lg-4">
<div class="h4 fw-semibold text-danger mb-0"><?= esc($missingItemsCount) ?></div> <div class="card page-notifications-card h-100 shadow-sm">
</div> <div class="card-header d-flex justify-content-between align-items-center">
<div class="text-muted small"> <span>Page notifications</span>
<?= esc($submittedItems) ?> submitted / <?= esc($totalItems) ?> total items <span class="badge bg-light text-dark"><?= count($pageNotifications) ?> alerts</span>
</div>
<div class="card-body">
<ul class="page-notifications-list mb-0">
<?php foreach ($pageNotifications as $notification): ?>
<li class="page-notification-item page-notification-<?= esc($notification['level']) ?>">
<span class="notification-indicator" aria-hidden="true"></span>
<span><?= esc($notification['message']) ?></span>
</li>
<?php endforeach; ?>
</ul>
</div>
</div> </div>
</div> </div>
</div> </div>
<form method="post" action="<?= site_url('administrator/teacher-submissions/notify') ?>"> <form method="post" action="<?= site_url('administrator/teacher-submissions/notify') ?>">
<?= csrf_field() ?> <?= csrf_field() ?>
<div class="table-responsive"> <?php if (empty($rows)): ?>
<table <p class="text-center text-muted mt-4">No teacher-class assignments found for this term.</p>
class="table table-striped table-bordered m-0 align-middle teacher-submissions-table" <?php else: ?>
data-no-mgmt-sticky <div class="table-control-bar mb-3 d-flex flex-wrap align-items-center gap-3">
data-no-dt-fixedheader <div class="d-flex flex-wrap align-items-center gap-3">
> <label class="form-check form-check-inline mb-0">
<thead class="table-light"> <input class="form-check-input" type="checkbox" name="notify_midterm_score" value="1">
<tr> <span class="form-check-label small">Include <?= esc($termExamLabel) ?> score</span>
<th>Class Section</th> </label>
<th>Teacher</th> <label class="form-check form-check-inline mb-0">
<th class="text-center">Midterm Score</th> <input class="form-check-input" type="checkbox" name="notify_midterm_comment" value="1">
<th class="text-center">Midterm Comment</th> <span class="form-check-label small">Include <?= esc($termExamLabel) ?> comment</span>
<th class="text-center">Participation</th> </label>
<th class="text-center">PTAP Comment</th> <label class="form-check form-check-inline mb-0">
<th class="text-center">Notifications</th> <input class="form-check-input" type="checkbox" name="notify_participation" value="1">
</tr> <span class="form-check-label small">Include participation</span>
</thead> </label>
<tbody> <label class="form-check form-check-inline mb-0">
<?php if (!empty($rows)): ?> <input class="form-check-input" type="checkbox" name="notify_ptap_comment" value="1">
<?php foreach ($rows as $row): ?> <span class="form-check-label small">Include PTAP comment</span>
<tr> </label>
<td><?= esc($row['class_section']) ?></td> <label class="form-check form-check-inline mb-0">
<td> <input class="form-check-input" type="checkbox" name="notify_class_progress" value="1">
<?php if (!empty($row['teachers'])): ?> <span class="form-check-label small">Include class progress</span>
<?php foreach ($row['teachers'] as $teacher): ?> </label>
<div><?= esc($teacher['label'] ?? 'Teacher') ?></div> <label class="form-check form-check-inline mb-0">
<?php endforeach; ?> <input class="form-check-input" type="checkbox" name="notify_exam_draft" value="1">
<?php else: ?> <span class="form-check-label small">Include exam draft</span>
<span class="text-muted small">Unassigned</span> </label>
<?php endif; ?> <label class="form-check form-check-inline mb-0">
</td> <input class="form-check-input" type="checkbox" name="homework_notify_all" value="1">
<?php foreach ([ <span class="form-check-label small">Include homework</span>
'midterm_score_status', </label>
'midterm_comment_status', </div>
'participation_status', <div class="small text-muted">
'ptap_comment_status' <span class="text-uppercase" style="font-size:0.65rem;">Exam draft deadline</span><br>
] as $statusKey): ?> <?php if ($examDraftDeadlineConfig !== ''): ?>
<?php $status = $row[$statusKey] ?? ['label' => 'N/A', 'badge' => 'bg-secondary']; ?> <?= esc($examDraftDeadlineConfig) ?>
<td class="text-center"> <?php if ($examDraftDeadlineFormatted !== ''): ?>
<span class="badge <?= esc($status['badge'] ?? 'bg-secondary') ?>"> <span class="text-muted"> → <?= esc($examDraftDeadlineFormatted) ?></span>
<?= esc($status['label'] ?? 'N/A') ?> <?php endif; ?>
</span>
<?php if (!empty($status['detail'])): ?>
<div class="small text-muted"><?= esc($status['detail']) ?></div>
<?php endif; ?>
</td>
<?php endforeach; ?>
<td>
<?php if (!empty($row['teachers'])): ?>
<?php $missingPayload = base64_encode(json_encode($row['missing_items'] ?? [])); ?>
<?php foreach ($row['teachers'] as $teacher): ?>
<?php $history = $notificationHistory[$row['class_section_id']][$teacher['id']] ?? []; ?>
<?php $lastEntry = $history[0] ?? null; ?>
<div class="mb-2">
<label class="d-flex align-items-center gap-2 mb-1">
<input
type="checkbox"
class="form-check-input"
name="notify[<?= esc($row['class_section_id']) ?>][<?= esc($teacher['id']) ?>]"
value="1"
/>
<span class="fw-semibold"><?= esc($teacher['label'] ?? 'Teacher') ?></span>
</label>
<input
type="hidden"
name="missing_items[<?= esc($row['class_section_id']) ?>][<?= esc($teacher['id']) ?>]"
value="<?= esc($missingPayload) ?>"
/>
<div class="small text-muted">
<?php if ($lastEntry !== null): ?>
<span>
Last <?= esc($lastEntry['status'] === 'sent' ? 'sent' : 'attempted') ?> on <?= esc($lastEntry['sent_at_text'] ?: 'N/A') ?>
by <?= esc($lastEntry['admin_name'] ?? '') ?>
</span>
<?php if (count($history) > 1): ?>
<div>History: <?= count($history) ?> entries</div>
<?php endif; ?>
<?php else: ?>
<span>No notifications sent yet</span>
<?php endif; ?>
</div>
</div>
<?php endforeach; ?>
<?php else: ?>
<span class="text-muted small">No teacher assigned</span>
<?php endif; ?>
<?php if (!empty($row['missing_items'])): ?>
<div class="small text-danger mt-1">
Outstanding: <?= esc(implode(', ', $row['missing_items'])) ?>
</div>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
<?php else: ?> <?php else: ?>
<tr> <span class="text-warning">Not set</span>
<td colspan="7" class="text-center">No teacher-class assignments found for this term.</td>
</tr>
<?php endif; ?> <?php endif; ?>
</tbody> </div>
</table> </div>
</div> <div class="accordion" id="teacherSubmissionAccordion">
<div class="mt-3 text-end"> <?php foreach ($groupedRows as $sectionKey => $sectionRows): ?>
<button type="submit" class="btn btn-primary" <?= empty($rows) ? 'disabled' : '' ?>> <?php
Send notifications to selected teachers $firstRow = $sectionRows[0] ?? [];
</button> $sectionLabel = esc($firstRow['class_section'] ?? 'Class section');
</div> $collapseId = 'teacherSectionCollapse_' . md5($sectionKey);
$badgeStatus = count($sectionRows) === 1 ? 'submission' : 'submissions';
?>
<div class="accordion-item">
<h2 class="accordion-header" id="heading_<?= esc($collapseId) ?>">
<button
class="accordion-button collapsed d-flex justify-content-between align-items-center"
type="button"
data-bs-toggle="collapse"
data-bs-target="#<?= esc($collapseId) ?>"
aria-expanded="false"
aria-controls="<?= esc($collapseId) ?>"
>
<div>
<strong><?= $sectionLabel ?></strong>
<div class="small text-muted"><?= esc(count($sectionRows)) ?> <?= $badgeStatus ?></div>
</div>
<span class="badge bg-primary-subtle text-primary"><?= count($sectionRows) ?> rows</span>
</button>
</h2>
<div id="<?= esc($collapseId) ?>" class="accordion-collapse collapse" aria-labelledby="heading_<?= esc($collapseId) ?>">
<div class="accordion-body p-0">
<div class="table-responsive">
<table
class="table table-striped table-bordered m-0 align-middle teacher-submissions-table mb-0"
data-no-mgmt-sticky
data-no-dt-fixedheader
>
<thead class="table-light">
<tr>
<th>Class-Section</th>
<th>Teachers Name</th>
<th class="text-center"><?= esc($termExamLabel) ?> Score</th>
<th class="text-center"><?= esc($termExamLabel) ?> Comment</th>
<th class="text-center">Participation</th>
<th class="text-center">PTAP Comment</th>
<th class="text-center">Class Progress</th>
<th class="text-center">Exam Draft</th>
<th class="text-center">Homework</th>
<th class="text-center">Notifications</th>
</tr>
</thead>
<tbody>
<?php foreach ($sectionRows as $row): ?>
<tr>
<td><?= esc($row['class_section']) ?></td>
<td>
<?php if (!empty($row['teachers'])): ?>
<?php foreach ($row['teachers'] as $teacher): ?>
<div><?= esc($teacher['label'] ?? 'Teacher') ?></div>
<?php endforeach; ?>
<?php else: ?>
<span class="text-muted small">Unassigned</span>
<?php endif; ?>
</td>
<?php foreach ([
'midterm_score_status',
'midterm_comment_status',
'participation_status',
'ptap_comment_status',
'class_progress_status',
'exam_draft_status',
] as $statusKey): ?>
<?php $status = $row[$statusKey] ?? ['label' => 'N/A', 'badge' => 'bg-secondary']; ?>
<td class="text-center">
<span class="badge <?= esc($status['badge'] ?? 'bg-secondary') ?>">
<?= esc($status['label'] ?? 'N/A') ?>
</span>
<?php if (!empty($status['detail'])): ?>
<div class="small text-muted"><?= esc($status['detail']) ?></div>
<?php endif; ?>
</td>
<?php endforeach; ?>
<?php $homeworkStatus = $row['homework_status'] ?? ['label' => 'N/A', 'badge' => 'bg-secondary']; ?>
<td class="text-center">
<span class="badge <?= esc($homeworkStatus['badge'] ?? 'bg-secondary') ?>">
<?= esc($homeworkStatus['label'] ?? 'N/A') ?>
</span>
<?php if (!empty($homeworkStatus['detail'])): ?>
<div class="small text-muted"><?= esc($homeworkStatus['detail']) ?></div>
<?php endif; ?>
</td>
<td>
<?php if (!empty($row['teachers'])): ?>
<?php $missingPayload = base64_encode(json_encode($row['missing_items'] ?? [])); ?>
<?php foreach ($row['teachers'] as $teacher): ?>
<?php $history = $notificationHistory[$row['class_section_id']][$teacher['id']] ?? []; ?>
<?php $lastEntry = $history[0] ?? null; ?>
<div class="mb-2">
<label class="d-flex align-items-center gap-2 mb-1">
<input
type="checkbox"
class="form-check-input"
name="notify[<?= esc($row['class_section_id']) ?>][<?= esc($teacher['id']) ?>]"
value="1"
/>
<span class="fw-semibold"><?= esc($teacher['label'] ?? 'Teacher') ?></span>
</label>
<input
type="hidden"
name="missing_items[<?= esc($row['class_section_id']) ?>][<?= esc($teacher['id']) ?>]"
value="<?= esc($missingPayload) ?>"
/>
<div class="small text-muted">
<?php if ($lastEntry !== null): ?>
<span>
Last <?= esc($lastEntry['status'] === 'sent' ? 'sent' : 'attempted') ?> on <?= esc($lastEntry['sent_at_text'] ?: 'N/A') ?>
by <?= esc($lastEntry['admin_name'] ?? '') ?>
</span>
<?php if (count($history) > 1): ?>
<div>History: <?= count($history) ?> entries</div>
<?php endif; ?>
<?php else: ?>
<span>No notifications sent yet</span>
<?php endif; ?>
</div>
</div>
<?php endforeach; ?>
<?php else: ?>
<span class="text-muted small">No teacher assigned</span>
<?php endif; ?>
<?php if (!empty($row['missing_items'])): ?>
<div class="small text-danger mt-1">
Outstanding: <?= esc(implode(', ', $row['missing_items'])) ?>
</div>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
</div>
</div>
<?php endforeach; ?>
</div>
<div class="mt-3 text-end">
<button type="submit" class="btn btn-primary">
Send notifications to selected teachers
</button>
</div>
<?php endif; ?>
</form> </form>
</div> </div>
</div> </div>
@@ -186,5 +375,77 @@
.card-body .table-responsive .teacher-submissions-table td { .card-body .table-responsive .teacher-submissions-table td {
white-space: normal; white-space: normal;
} }
.summary-card {
background: var(--bs-white);
border-radius: 0.75rem;
}
.summary-card-body {
padding: 1.25rem;
}
.summary-label {
font-size: 0.7rem;
letter-spacing: 0.08em;
color: #6c757d;
}
.summary-value {
font-size: 1.75rem;
font-weight: 600;
margin-top: 0.35rem;
}
.summary-note {
font-size: 0.85rem;
color: #6c757d;
}
.summary-progress {
height: 6px;
margin-top: 0.65rem;
}
.summary-progress .progress-bar {
background: var(--bs-primary);
}
.page-notifications-card {
border-radius: 0.75rem;
}
.page-notifications-list {
list-style: none;
padding: 0;
margin: 0;
display: flex;
flex-direction: column;
gap: 0.5rem;
}
.page-notification-item {
display: flex;
align-items: center;
gap: 0.5rem;
font-size: 0.85rem;
}
.page-notification-info .notification-indicator {
background: #0dcaf0;
}
.page-notification-warning .notification-indicator {
background: #ffc107;
}
.page-notification-danger .notification-indicator {
background: #dc3545;
}
.notification-indicator {
width: 0.75rem;
height: 0.75rem;
border-radius: 50%;
display: inline-block;
}
.table-control-bar {
border: 1px solid rgba(0,0,0,0.08);
border-radius: 0.75rem;
padding: 0.75rem 1rem;
background: #f8f9fa;
}
.table-control-bar .form-check-label {
font-size: 0.8rem;
margin-left: 0.15rem;
text-transform: none;
}
</style> </style>
<?= $this->endSection() ?> <?= $this->endSection() ?>
+389
View File
@@ -0,0 +1,389 @@
<?= $this->extend('layout/management_layout') ?>
<?= $this->section('content') ?>
<?php
$classResults = $classResults ?? [];
$selectedYear = $selectedYear ?? '';
$selectedPercentile = $selectedPercentile ?? 75;
$years = $years ?? [];
$totalStudents = array_sum(array_column($classResults, 'student_count'));
$totalScored = array_sum(array_column($classResults, 'scored_count'));
$totalTrophies = array_sum(array_column($classResults, 'trophy_count'));
$totalBoys = array_sum(array_column($classResults, 'boys'));
$totalGirls = array_sum(array_column($classResults, 'girls'));
$totalTrophyBoys = array_sum(array_column($classResults, 'trophy_boys'));
$totalTrophyGirls = array_sum(array_column($classResults, 'trophy_girls'));
$pctBoys = $totalStudents > 0 ? round($totalBoys / $totalStudents * 100) : 0;
$pctGirls = $totalStudents > 0 ? round($totalGirls / $totalStudents * 100) : 0;
$pctTrophyBoys = $totalBoys > 0 ? round($totalTrophyBoys / $totalBoys * 100) : 0;
$pctTrophyGirls = $totalGirls > 0 ? round($totalTrophyGirls / $totalGirls * 100) : 0;
$pctTrophyAll = $totalStudents > 0 ? round($totalTrophies / $totalStudents * 100) : 0;
?>
<div class="container-fluid">
<!-- Header -->
<div class="d-flex flex-wrap align-items-center justify-content-between mb-3 gap-2">
<div>
<h2 class="mb-1"><i class="bi bi-trophy-fill text-warning me-2"></i>Trophy Projections</h2>
<p class="text-muted mb-0">
Fall scores are used to calculate a per-class threshold at the
<strong><?= (int) $selectedPercentile ?>th percentile</strong> and project which students are on track
for a year-end trophy. Minimum 3 trophies per class. Names are hidden by default.
</p>
</div>
<div class="d-flex gap-2">
<a href="<?= site_url('administrator/trophy/winners?' . http_build_query(['school_year' => $selectedYear, 'percentile' => $selectedPercentile])) ?>"
class="btn btn-warning btn-sm">
<i class="bi bi-eye-fill me-1"></i>Reveal Winners
</a>
<a href="<?= site_url('administrator/trophy/final?' . http_build_query(['school_year' => $selectedYear, 'percentile' => $selectedPercentile])) ?>"
class="btn btn-success btn-sm">
<i class="bi bi-bar-chart-steps me-1"></i>Final vs Predicted
</a>
</div>
</div>
<!-- Year filter -->
<form method="get" action="<?= site_url('administrator/trophy') ?>" class="row g-2 align-items-end mb-4">
<div class="col-auto">
<label class="form-label mb-1 small fw-semibold">School Year</label>
<select name="school_year" class="form-select form-select-sm" style="min-width:130px;">
<?php foreach ($years as $yr): ?>
<option value="<?= esc($yr) ?>" <?= $yr === $selectedYear ? 'selected' : '' ?>>
<?= esc($yr) ?>
</option>
<?php endforeach; ?>
<?php if (empty($years)): ?>
<option value="<?= esc($selectedYear) ?>" selected><?= esc($selectedYear) ?></option>
<?php endif; ?>
</select>
</div>
<div class="col-auto">
<label class="form-label mb-1 small fw-semibold">Percentile threshold</label>
<div class="input-group input-group-sm" style="width:130px;">
<input type="number" name="percentile" class="form-control"
min="1" max="99" step="1"
value="<?= (int) $selectedPercentile ?>"
title="Students scoring above this percentile receive a trophy (min 3 per class)">
<span class="input-group-text">%</span>
</div>
</div>
<div class="col-auto">
<button type="submit" class="btn btn-primary btn-sm">Apply</button>
</div>
</form>
<?php if (empty($classResults)): ?>
<div class="alert alert-info">No class or fall-score data found for the selected school year.</div>
<?php else: ?>
<!-- ── Global stats ── -->
<div class="row g-3 mb-4">
<div class="col-6 col-sm-4 col-lg-2">
<div class="card text-center shadow-sm border-warning h-100">
<div class="card-body py-3">
<div class="fs-2 text-warning"><i class="bi bi-trophy-fill"></i></div>
<div class="fs-3 fw-bold"><?= $totalTrophies ?></div>
<div class="text-muted small">Trophies</div>
<span class="badge bg-warning text-dark mt-1"><?= $pctTrophyAll ?>% of students</span>
</div>
</div>
</div>
<div class="col-6 col-sm-4 col-lg-2">
<div class="card text-center shadow-sm h-100">
<div class="card-body py-3">
<div class="fs-2 text-primary"><i class="bi bi-people-fill"></i></div>
<div class="fs-3 fw-bold"><?= $totalStudents ?></div>
<div class="text-muted small">Students</div>
<span class="badge bg-secondary mt-1"><?= count($classResults) ?> classes</span>
</div>
</div>
</div>
<div class="col-6 col-sm-4 col-lg-2">
<div class="card text-center shadow-sm h-100">
<div class="card-body py-3">
<div class="fs-2 text-success"><i class="bi bi-bar-chart-fill"></i></div>
<div class="fs-3 fw-bold"><?= $totalScored ?></div>
<div class="text-muted small">With Fall Scores</div>
<span class="badge bg-success mt-1"><?= $totalStudents > 0 ? round($totalScored/$totalStudents*100) : 0 ?>%</span>
</div>
</div>
</div>
<div class="col-6 col-sm-4 col-lg-2">
<div class="card text-center shadow-sm h-100">
<div class="card-body py-3">
<div class="fs-2" style="color:#4A90E2"><i class="bi bi-gender-male"></i></div>
<div class="fs-3 fw-bold"><?= $totalBoys ?></div>
<div class="text-muted small">Boys</div>
<span class="badge text-white mt-1" style="background:#4A90E2"><?= $pctBoys ?>% of students</span>
</div>
</div>
</div>
<div class="col-6 col-sm-4 col-lg-2">
<div class="card text-center shadow-sm h-100">
<div class="card-body py-3">
<div class="fs-2" style="color:#E47AB0"><i class="bi bi-gender-female"></i></div>
<div class="fs-3 fw-bold"><?= $totalGirls ?></div>
<div class="text-muted small">Girls</div>
<span class="badge text-white mt-1" style="background:#E47AB0"><?= $pctGirls ?>% of students</span>
</div>
</div>
</div>
<div class="col-6 col-sm-4 col-lg-2">
<div class="card text-center shadow-sm h-100">
<div class="card-body py-3">
<div class="fs-2 text-warning"><i class="bi bi-award-fill"></i></div>
<div class="fs-3 fw-bold">
<span style="color:#4A90E2"><?= $totalTrophyBoys ?></span>
<span class="text-muted fs-5">/</span>
<span style="color:#E47AB0"><?= $totalTrophyGirls ?></span>
</div>
<div class="text-muted small">Trophy M / F</div>
<span class="small">
<span style="color:#4A90E2"><?= $pctTrophyBoys ?>%</span>
&nbsp;·&nbsp;
<span style="color:#E47AB0"><?= $pctTrophyGirls ?>%</span>
</span>
</div>
</div>
</div>
</div>
<!-- ── Per-class summary ── -->
<div class="card shadow-sm">
<div class="card-header bg-white fw-semibold py-2">Class Breakdown</div>
<div class="table-responsive">
<table class="table table-hover table-sm align-middle mb-0 no-mgmt-sticky" id="trophy-breakdown-table" data-no-mgmt-sticky>
<thead class="table-light">
<tr>
<th class="ps-3">Class</th>
<th class="text-center">Students</th>
<th class="text-center">Scored</th>
<th class="text-center">
<i class="bi bi-trophy-fill text-warning"></i> Trophies
</th>
<th class="text-center" style="color:#4A90E2">
<i class="bi bi-gender-male"></i> Boys
</th>
<th class="text-center" style="color:#E47AB0">
<i class="bi bi-gender-female"></i> Girls
</th>
<th class="text-center" style="color:#4A90E2">Trophy Boys</th>
<th class="text-center" style="color:#E47AB0">Trophy Girls</th>
<th class="text-center">Rate</th>
<th class="text-end">Threshold</th>
<th class="text-center">Custom Threshold</th>
</tr>
</thead>
<tbody>
<?php foreach ($classResults as $cls):
$scores = array_filter(
array_column($cls['students'], 'fall_score'),
fn($s) => $s !== null
);
$scoresJson = json_encode(array_values($scores));
$clsId = 'cls' . $cls['section_id'];
?>
<tr id="row-<?= $clsId ?>">
<td class="ps-3 fw-semibold"><?= esc($cls['section_name']) ?></td>
<td class="text-center"><?= $cls['student_count'] ?></td>
<td class="text-center">
<?php if ($cls['scored_count'] < 3): ?>
<span class="badge bg-danger" title="Fewer than 3 fall scores — minimum of 3 trophies cannot be enforced">
<?= $cls['scored_count'] ?> <i class="bi bi-exclamation-triangle-fill"></i>
</span>
<?php else: ?>
<?= $cls['scored_count'] ?>
<?php endif; ?>
</td>
<td class="text-center" id="trophy-cell-<?= $clsId ?>">
<span class="badge bg-warning text-dark">
<i class="bi bi-trophy-fill"></i>
<span id="trophy-count-<?= $clsId ?>"><?= $cls['trophy_count'] ?></span>
</span>
</td>
<td class="text-center">
<?= $cls['boys'] ?>
<span class="text-muted small">(<?= $cls['pct_boys'] ?>%)</span>
</td>
<td class="text-center">
<?= $cls['girls'] ?>
<span class="text-muted small">(<?= $cls['pct_girls'] ?>%)</span>
</td>
<td class="text-center" id="trophy-boys-<?= $clsId ?>"><?= $cls['trophy_boys'] ?><?php if ($cls['boys'] > 0): ?> <span class="text-muted small">(<?= $cls['pct_trophy_boys'] ?>%)</span><?php endif; ?></td>
<td class="text-center" id="trophy-girls-<?= $clsId ?>"><?= $cls['trophy_girls'] ?><?php if ($cls['girls'] > 0): ?> <span class="text-muted small">(<?= $cls['pct_trophy_girls'] ?>%)</span><?php endif; ?></td>
<td class="text-center">
<div class="progress" style="height:8px;min-width:60px;">
<div class="progress-bar bg-warning" id="rate-bar-<?= $clsId ?>" style="width:<?= $cls['pct_trophy_total'] ?>%;"></div>
</div>
<span class="small text-muted" id="rate-txt-<?= $clsId ?>"><?= $cls['pct_trophy_total'] ?>%</span>
</td>
<td class="text-end text-muted small" id="auto-threshold-<?= $clsId ?>">
<?= $cls['threshold'] !== null ? number_format((float)$cls['threshold'], 1) : '—' ?>
</td>
<td>
<div class="input-group input-group-sm" style="min-width:150px;">
<input type="number" id="custom-threshold-<?= $clsId ?>"
class="form-control form-control-sm"
step="0.1" min="0"
placeholder="e.g. <?= $cls['threshold'] !== null ? number_format((float)$cls['threshold'], 1) : '80.0' ?>"
data-scores='<?= $scoresJson ?>'
data-clsid="<?= $clsId ?>"
data-boys='<?= json_encode(array_values(array_filter(array_map(fn($s) => $s['gender'] === 'Male' ? $s['fall_score'] : null, $cls['students']), fn($s) => $s !== null))) ?>'
data-girls='<?= json_encode(array_values(array_filter(array_map(fn($s) => $s['gender'] === 'Female' ? $s['fall_score'] : null, $cls['students']), fn($s) => $s !== null))) ?>'
data-total="<?= $cls['student_count'] ?>"
data-nboys="<?= $cls['boys'] ?>"
data-ngirls="<?= $cls['girls'] ?>">
<button class="btn btn-outline-primary btn-sm" type="button"
onclick="applyCustomThreshold('<?= $clsId ?>')">
Apply
</button>
</div>
<div id="custom-note-<?= $clsId ?>" class="text-muted" style="font-size:.7rem;"></div>
</td>
</tr>
<?php endforeach; ?>
</tbody>
<tfoot class="table-light fw-semibold">
<tr>
<td class="ps-3">Total</td>
<td class="text-center"><?= $totalStudents ?></td>
<td class="text-center"><?= $totalScored ?></td>
<td class="text-center">
<span class="badge bg-warning text-dark">
<i class="bi bi-trophy-fill"></i> <?= $totalTrophies ?>
</span>
</td>
<td class="text-center">
<?= $totalBoys ?>
<span class="text-muted small fw-normal">(<?= $pctBoys ?>%)</span>
</td>
<td class="text-center">
<?= $totalGirls ?>
<span class="text-muted small fw-normal">(<?= $pctGirls ?>%)</span>
</td>
<td class="text-center">
<?= $totalTrophyBoys ?>
<span class="text-muted small fw-normal">(<?= $pctTrophyBoys ?>%)</span>
</td>
<td class="text-center">
<?= $totalTrophyGirls ?>
<span class="text-muted small fw-normal">(<?= $pctTrophyGirls ?>%)</span>
</td>
<td class="text-center">
<div class="progress" style="height:8px;min-width:60px;">
<div class="progress-bar bg-warning" style="width:<?= $pctTrophyAll ?>%;"></div>
</div>
<span class="small text-muted"><?= $pctTrophyAll ?>%</span>
</td>
<td></td>
<td class="pe-3"></td>
</tr>
</tfoot>
</table>
</div>
</div>
<?php endif; ?>
</div>
<script>
var TROPHY_NS = 'trophy_custom_<?= esc($selectedYear) ?>_<?= (int)$selectedPercentile ?>';
function countAtOrAbove(arr, t) {
return arr.filter(function(s) { return s >= t; }).length;
}
function applyThreshold(clsId, val) {
var input = document.getElementById('custom-threshold-' + clsId);
var note = document.getElementById('custom-note-' + clsId);
var scores = JSON.parse(input.dataset.scores);
var boys = JSON.parse(input.dataset.boys);
var girls = JSON.parse(input.dataset.girls);
var nTotal = parseInt(input.dataset.total);
var nBoys = parseInt(input.dataset.nboys);
var nGirls = parseInt(input.dataset.ngirls);
var MIN = 3;
var winners = countAtOrAbove(scores, val);
var usedThreshold = val;
var forced = false;
if (winners < MIN && scores.length >= MIN) {
var desc = scores.slice().sort(function(a, b) { return b - a; });
usedThreshold = desc[MIN - 1];
winners = countAtOrAbove(scores, usedThreshold);
forced = true;
} else if (winners < MIN) {
winners = scores.length;
usedThreshold = scores.length > 0 ? Math.min.apply(null, scores) : val;
forced = true;
}
var trophyBoys = countAtOrAbove(boys, usedThreshold);
var trophyGirls = countAtOrAbove(girls, usedThreshold);
var rate = nTotal > 0 ? Math.round(winners / nTotal * 100) : 0;
var pctTB = nBoys > 0 ? Math.round(trophyBoys / nBoys * 100) : 0;
var pctTG = nGirls > 0 ? Math.round(trophyGirls / nGirls * 100) : 0;
document.getElementById('trophy-count-' + clsId).textContent = winners;
document.getElementById('trophy-boys-' + clsId).textContent = trophyBoys + (nBoys > 0 ? ' (' + pctTB + '%)' : '');
document.getElementById('trophy-girls-' + clsId).textContent = trophyGirls + (nGirls > 0 ? ' (' + pctTG + '%)' : '');
document.getElementById('rate-bar-' + clsId).style.width = rate + '%';
document.getElementById('rate-txt-' + clsId).textContent = rate + '%';
document.getElementById('auto-threshold-' + clsId).textContent = usedThreshold.toFixed(1);
if (forced) {
note.style.color = '#dc3545';
note.textContent = 'Min 3 enforced → threshold lowered to ' + usedThreshold.toFixed(1);
} else {
note.style.color = '#6c757d';
note.textContent = 'Custom threshold: ' + usedThreshold.toFixed(1);
}
var badge = document.getElementById('trophy-cell-' + clsId).querySelector('.badge');
badge.classList.remove('bg-warning');
badge.classList.add('bg-primary');
}
function applyCustomThreshold(clsId) {
var input = document.getElementById('custom-threshold-' + clsId);
var val = parseFloat(input.value);
if (isNaN(val)) {
document.getElementById('custom-note-' + clsId).textContent = 'Enter a valid number.';
return;
}
applyThreshold(clsId, val);
// Persist so the value survives filter changes within the same percentile/year
try {
var saved = JSON.parse(localStorage.getItem(TROPHY_NS) || '{}');
saved[clsId] = val;
localStorage.setItem(TROPHY_NS, JSON.stringify(saved));
} catch (e) {}
}
// Restore saved custom thresholds on page load
document.addEventListener('DOMContentLoaded', function () {
try {
var saved = JSON.parse(localStorage.getItem(TROPHY_NS) || '{}');
Object.keys(saved).forEach(function (clsId) {
var input = document.getElementById('custom-threshold-' + clsId);
if (!input) return;
input.value = saved[clsId];
applyThreshold(clsId, saved[clsId]);
});
} catch (e) {}
});
// Clear all custom thresholds when the percentile/year form is submitted
document.querySelector('form[action*="trophy"]').addEventListener('submit', function () {
try { localStorage.removeItem(TROPHY_NS); } catch (e) {}
});
</script>
<?= $this->endSection() ?>

Some files were not shown because too many files have changed in this diff Show More