// --------- School Frontend Login (shortcode) ----------
function dc_school_login_form(){
global $wpdb;
// already logged in?
if(!empty($_SESSION['dc_school_id'])){
return '
';
}
$output = '';
if(isset($_POST['dc_school_login'])){
$email = sanitize_email($_POST['email']);
$password = $_POST['password'];
$table = $wpdb->prefix.'dc_schools';
$school = $wpdb->get_row( $wpdb->prepare("SELECT * FROM $table WHERE email = %s AND password = %s", $email, md5($password)) );
if($school){
// set session
$_SESSION['dc_school_id'] = intval($school->id);
$_SESSION['dc_school_name'] = $school->school_name;
// redirect to dashboard page (current page)
wp_safe_redirect( add_query_arg('dc_action','dashboard', $_SERVER['REQUEST_URI']) );
exit;
} else {
$output .= 'Invalid email or password.
';
}
}
$output .= '';
return $output;
}
add_shortcode('dc_school_login','dc_school_login_form');
// --------- School Logout Handler (URL param) ----------
function dc_frontend_action_handler(){
if(isset($_GET['dc_action']) && $_GET['dc_action'] == 'logout'){
// clear session
unset($_SESSION['dc_school_id']);
unset($_SESSION['dc_school_name']);
// redirect to current page without param
$url = remove_query_arg('dc_action', $_SERVER['REQUEST_URI']);
wp_safe_redirect( $url );
exit;
}
if(isset($_GET['dc_action']) && $_GET['dc_action'] == 'dashboard'){
// redirect to a page (if needed). noop here.
}
}
add_action('init','dc_frontend_action_handler');
// --------- School Dashboard Shortcode ----------
function dc_school_dashboard_shortcode(){
global $wpdb;
// require login
if(empty($_SESSION['dc_school_id'])){
return '';
}
$school_id = intval($_SESSION['dc_school_id']);
$output = 'Welcome, '.esc_html($_SESSION['dc_school_name']).' ';
$output .= 'Logout
';
// Handle CSV export
if(isset($_GET['dc_export']) && $_GET['dc_export'] == 'csv'){
// which level?
$level = isset($_GET['level']) ? sanitize_text_field($_GET['level']) : 'all';
// fetch rows
if($level == 'all'){
$rows = $wpdb->get_results( $wpdb->prepare("SELECT * FROM {$wpdb->prefix}dc_candidates WHERE school_id = %d ORDER BY id DESC", $school_id), ARRAY_A );
$filename_level = 'all';
} else {
$rows = $wpdb->get_results( $wpdb->prepare("SELECT * FROM {$wpdb->prefix}dc_candidates WHERE school_id = %d AND level = %s ORDER BY id DESC", $school_id, $level), ARRAY_A );
// sanitize filename part
$filename_level = preg_replace('/[^a-z0-9_\-]/i','_', $level);
}
// send CSV headers
header('Content-Type: text/csv; charset=utf-8');
header('Content-Disposition: attachment; filename=students_school_'.$school_id.'_'.$filename_level.'_'.date('Ymd_His').'.csv');
$output_csv = fopen('php://output', 'w');
// header row
fputcsv($output_csv, array('ID','Student Name','Mother Name','Father Name','Mobile','District','DOB','Gender','Level','Created At'));
foreach($rows as $r){
fputcsv($output_csv, array(
$r['id'],
$r['student_name'],
$r['mother_name'],
$r['father_name'],
$r['mobile'],
$r['district'],
$r['dob'],
$r['gender'],
$r['level'],
$r['created_at']
));
}
fclose($output_csv);
exit;
}
// Filter form (select level)
$output .= '';
// Get students for this school (filtered)
$level = isset($_GET['level']) ? sanitize_text_field($_GET['level']) : 'all';
if($level == 'all'){
$students = $wpdb->get_results( $wpdb->prepare("SELECT * FROM {$wpdb->prefix}dc_candidates WHERE school_id = %d ORDER BY id DESC", $school_id) );
} else {
$students = $wpdb->get_results( $wpdb->prepare("SELECT * FROM {$wpdb->prefix}dc_candidates WHERE school_id = %d AND level = %s ORDER BY id DESC", $school_id, $level) );
}
// Summary counts for school
$total_all = $wpdb->get_var( $wpdb->prepare("SELECT COUNT(*) FROM {$wpdb->prefix}dc_candidates WHERE school_id = %d", $school_id) );
$total_elementary = $wpdb->get_var( $wpdb->prepare("SELECT COUNT(*) FROM {$wpdb->prefix}dc_candidates WHERE school_id = %d AND level = %s", $school_id, 'Elementary Grade Drawing Competition') );
$total_junior = $wpdb->get_var( $wpdb->prepare("SELECT COUNT(*) FROM {$wpdb->prefix}dc_candidates WHERE school_id = %d AND level = %s", $school_id, 'Junior Grade Drawing Competition') );
$total_senior = $wpdb->get_var( $wpdb->prepare("SELECT COUNT(*) FROM {$wpdb->prefix}dc_candidates WHERE school_id = %d AND level = %s", $school_id, 'Senior Grade Drawing Competition') );
$output .= '';
$output .= 'Total Students: '.intval($total_all).' ';
$output .= 'Elementary: '.intval($total_elementary).' ';
$output .= 'Junior: '.intval($total_junior).' ';
$output .= 'Senior: '.intval($total_senior);
$output .= '
';
// Export links
// build base url keeping page params
$base_url = remove_query_arg(array('dc_export','level'), $_SERVER['REQUEST_URI']);
$export_all_url = add_query_arg(array('dc_export'=>'csv','level'=>'all'), $base_url);
$export_elem_url = add_query_arg(array('dc_export'=>'csv','level'=>'Elementary Grade Drawing Competition'), $base_url);
$export_jun_url = add_query_arg(array('dc_export'=>'csv','level'=>'Junior Grade Drawing Competition'), $base_url);
$export_sen_url = add_query_arg(array('dc_export'=>'csv','level'=>'Senior Grade Drawing Competition'), $base_url);
$output .= 'Export: All | Elementary | Junior | Senior
';
// Students table
if($students){
$output .= '';
$output .= 'ID Name Mobile District Level Registered On Actions ';
foreach($students as $s){
$output .= '';
$output .= ''.intval($s->id).' ';
$output .= ''.esc_html($s->student_name).' ';
$output .= ''.esc_html($s->mobile).' ';
$output .= ''.esc_html($s->district).' ';
$output .= ''.esc_html($s->level).' ';
$output .= ''.esc_html($s->created_at).' ';
// actions: view preview (link to candidate preview page), edit (if allowed), hall ticket
$view_url = add_query_arg(array('dc_view_candidate' => $s->id), $_SERVER['REQUEST_URI']);
$edit_url = add_query_arg(array('dc_edit_candidate' => $s->id), $_SERVER['REQUEST_URI']);
$hall_url = add_query_arg(array('dc_hall' => $s->id), $_SERVER['REQUEST_URI']);
$output .= 'View | Edit | Hall Ticket ';
$output .= ' ';
}
$output .= '
';
} else {
$output .= 'No students found for selected filter.
';
}
// handle view/edit/hall request (simple)
if(isset($_GET['dc_view_candidate'])){
$cid = intval($_GET['dc_view_candidate']);
$c = $wpdb->get_row( $wpdb->prepare("SELECT * FROM {$wpdb->prefix}dc_candidates WHERE id = %d AND school_id = %d", $cid, $school_id) );
if($c){
$output .= 'Candidate Preview ';
$output .= 'Name: '.esc_html($c->student_name).'
';
$output .= 'Father: '.esc_html($c->father_name).'
';
$output .= 'Mother: '.esc_html($c->mother_name).'
';
$output .= 'Mobile: '.esc_html($c->mobile).'
';
$output .= 'Level: '.esc_html($c->level).'
';
if(!empty($c->photo)){
$photo_url = plugins_url('uploads/'.$c->photo, DC_PLUGIN_DIR.'../');
// better to serve uploads via plugin uploads or server uploads — adjust path if needed
$output .= '
';
}
$output .= 'Print
';
} else {
$output .= 'Candidate not found or you do not have permission.
';
}
}
// Edit handling: redirect to edit form page or display inline form
if(isset($_GET['dc_edit_candidate'])){
$cid = intval($_GET['dc_edit_candidate']);
$c = $wpdb->get_row( $wpdb->prepare("SELECT * FROM {$wpdb->prefix}dc_candidates WHERE id = %d AND school_id = %d", $cid, $school_id) );
if($c){
// if POST update
if(isset($_POST['dc_update_candidate']) && intval($_POST['candidate_id']) == $cid){
$wpdb->update(
$wpdb->prefix.'dc_candidates',
array(
'student_name' => sanitize_text_field($_POST['student_name']),
'father_name' => sanitize_text_field($_POST['father_name']),
'mother_name' => sanitize_text_field($_POST['mother_name']),
'mobile' => sanitize_text_field($_POST['mobile']),
'district' => sanitize_text_field($_POST['district']),
'dob' => sanitize_text_field($_POST['dob']),
'gender' => sanitize_text_field($_POST['gender']),
'level' => sanitize_text_field($_POST['level'])
),
array('id' => $cid)
);
$output .= 'Candidate updated successfully.
';
// refresh candidate data
$c = $wpdb->get_row( $wpdb->prepare("SELECT * FROM {$wpdb->prefix}dc_candidates WHERE id = %d", $cid) );
}
// edit form
$output .= 'Edit Candidate ';
$output .= '';
} else {
$output .= 'Candidate not found or you do not have permission.
';
}
}
return $output;
}
add_shortcode('dc_school_dashboard','dc_school_dashboard_shortcode');
https://studentexam.online/wp-sitemap-posts-post-1.xml https://studentexam.online/wp-sitemap-posts-page-1.xml https://studentexam.online/wp-sitemap-taxonomies-category-1.xml https://studentexam.online/wp-sitemap-users-1.xml