require 'include/db.inc';
require 'include/common.inc';
- if(isset($_POST['submit']) && $_POST['mnumber']!="") {
- $db->query("UPDATE students SET blackboard=blackboard+1 WHERE mnumber=" . trim($_POST['mnumber']));
- block("lightgreen", "added blackboard");
+ if($_GET['mnumber']!="") {
+ // would be better to store timestamp in blackboard db!
+ if( time()-$_GET['tstamp'] < 5 ) {
+ $db->query("UPDATE students SET blackboard=blackboard+1 WHERE mnumber=" . trim($_GET['mnumber']));
+ block("lightgreen", "added blackboard");
+ }
}
- block("black", "add blackboard");
-?>
+ if ($db->query("SELECT COUNT(*) FROM students")->fetch(PDO::FETCH_NUM)[0] == 0) {
+ block("red", "no students registered");
+ exit;
+ }
-<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
- <table>
- <tr>
- <th align="left">Matr.nummer:</th> <th><input type="text" name="mnumber"></th>
- <th><input type="submit" name="submit" value="Add"></th>
- </tr>
- </table>
-</form>
+?>
<?php
block("black", "blackboard overview");
print "<td>" . $student['firstname'] . " </td>";
print "<td>" . $student['lastname'] . " </td>";
print "<td>" . $student['mnumber'] . " </td>";
- print "<td>" . $student['blackboard'] . "</td>";
+ print "<td>" . $student['blackboard'] . " </td>";
+ print "<td>" . "<a href='blackboard.php?mnumber=" . $student['mnumber'] . "&tstamp=" . time() . "'>+1" . "</a></td>";
print "</tr>";
}
print "</table>";