diff --git a/backend/api/enroll/get.php b/backend/api/enroll/get.php index f02a05e..f324a00 100644 --- a/backend/api/enroll/get.php +++ b/backend/api/enroll/get.php @@ -17,7 +17,8 @@ $returnValue = array(); $querystr = "SELECT * FROM li_enroll, li_students - WHERE li_enroll.sid = li_students.sid + WHERE li_students.deleted = 0 + AND li_enroll.sid = li_students.sid AND li_enroll.cid = $cid AND li_enroll.begin < '{$date}' AND li_enroll.end > '{$date}'"; diff --git a/backend/api/students/export.php b/backend/api/students/export.php index 529d1ac..52c8626 100644 --- a/backend/api/students/export.php +++ b/backend/api/students/export.php @@ -11,16 +11,16 @@ require_once('../../libs/fpdf/fpdf.php'); // DON'T TRY TO MOVE THIS INSIDE REGISTRATION.PHP, THIS FUCKS UP CORS require_once('../../libs/registration/registration.php'); - #$authorization = $_SERVER["HTTP_AUTHORIZATION"]; - #if(strcmp($authorization, INTERNAL_API_KEY) !== 0) { - # echo 'STOP TRYING TO STEAL MY DATA!'; - # exit; - #} + $authorization = $_SERVER["HTTP_AUTHORIZATION"]; + if(strcmp($authorization, INTERNAL_API_KEY) !== 0) { + echo 'STOP TRYING TO STEAL MY DATA!'; + exit; + } $connection = connect(); $export = ""; - $querystr = "SELECT * FROM li_registrations WHERE imported=0"; + $querystr = "SELECT stud.*, reg.accountholder, reg.iban, reg.bic, reg.bank, reg.registrationfrom FROM li_registrations reg, li_students stud WHERE stud.sid=reg.imported AND stud.exported=0"; $result = mysqli_query($connection, $querystr); if($result->num_rows !== 0) { @@ -31,7 +31,7 @@ $gender = $row->gender == 0 ? 'm' : ($row->gender == 1 ? 'w' : 'd'); $formattedRegistrationFrom = (new DateTime($row->registrationfrom))->format('d.m.Y'); $formattedBirthday = (new DateTime($row->birthday))->format('d.m.Y'); - $export .= "{$row->lastname};{$row->firstname};{$row->iban};;{$row->bic};;{$row->bank};{$row->accountholder};{$reference};1;\t{$formattedRegistrationFrom};{$price}; ; ;\t{$row->phone};{$row->email};{$address};\t{$formattedBirthday};{$gender}\n"; + $export .= "{$row->lastname};{$row->firstname};{$row->iban};;{$row->bic};;{$row->bank};{$row->accountholder};{$reference};1;{$formattedRegistrationFrom};{$price}; ; ;\t{$row->phone};{$row->email};{$address};{$formattedBirthday};{$gender}\n"; } } diff --git a/backend/api/visits/get.php b/backend/api/visits/get.php index 13516d2..bd15f5b 100644 --- a/backend/api/visits/get.php +++ b/backend/api/visits/get.php @@ -52,7 +52,8 @@ } $querystr = "SELECT *, 1 AS visited FROM li_enroll, li_students - WHERE li_enroll.sid = li_students.sid + WHERE li_students.deleted = 0 + AND li_enroll.sid = li_students.sid AND li_enroll.cid = {$returnValue->cid} AND li_enroll.begin <= '{$date}' AND li_enroll.end >= '{$date}' @@ -62,7 +63,8 @@ AND li_visits.date = '{$date}') UNION SELECT *, 0 AS visited FROM li_enroll, li_students - WHERE li_enroll.sid = li_students.sid + WHERE li_students.deleted = 0 + AND li_enroll.sid = li_students.sid AND li_enroll.cid = {$returnValue->cid} AND li_enroll.begin <= '{$date}' AND li_enroll.end >= '{$date}' diff --git a/frontend/src/app/components/students/student-list/student-list.component.html b/frontend/src/app/components/students/student-list/student-list.component.html index 8bdd3ab..402e449 100644 --- a/frontend/src/app/components/students/student-list/student-list.component.html +++ b/frontend/src/app/components/students/student-list/student-list.component.html @@ -2,7 +2,9 @@