DETECTION E-BANKING PHISING WEBSITE USING

ASSOCIATIVE CLASSIFICATION
A project Report

Submitted by
MOHAMMED ABDALRAHIM EDRIS BABIKER
(Reg.No: RCAS2020MIT010)

Under the guidance of

Dr.K.JULIANA GNANASELVI, M.Sc., M.Phil., Ph.D.,
Head of the Department, Information Technology

In partial fulfillment for the award of the degree

of
Master of Science in Information Technology

DEPARTMENT OF INFORMATION TECHNOLOGY

RATHINAM COLLEGE OF ARTS AND SCIENCE (AUTONOMOUS)

COIMBATORE - 641021

APRIL - 2022
 DECLARATION
This is to certify that the project work entitled “DETECTION E-BANKING PHISING

WEBSITE USING ASSOCIATIVE CLASSIFICATION” submitted to the

RATHINAM COLLEGE OF ARTS AND SCIENCE (AUTONOMOUS),Coimbatore. in
partial fulfillment of the requirements for the award of Master of Science (Information
Technology) is a record of original work done by me during the period of study(2020-2022) in
RATHINAM COLLEGE OF ARTS AND SCIENCE (AUTONOMOUS),Coimbatore.

Name : MOHAMMED ABDALRAHIM EDRIS BABIKER.

Register No : RCAS2020MIT010

Signature of the Candidate

 RATHINAM COLLEGE OF ARTS AND SCIENCE (AUTONOMOUS)

COIMBATORE - 641021

APRIL - 2022

DEPARTMENT OF INFORMATION TECHNOLOGY

BONAFIDE CERTIFICATE

This is to certify that this is bonafide project work done by the candidate under my supervision in
in partial fulfillment of the requirements for the award of Master of Science (Information
Technology)

Name : MOHAMMED ABDALRAHIM EDRIS BABIKER.

Register No : RCAS2020MIT010

Signature of the Guide: Signature of the HOD

Place :

Date :

Submitted for the Viva-Voice held on _______________

Internal Examiner External Examiner

 ACKNOWLEDGEMENT
On successful completion for internship look back to thank who made in possible. First
and foremost, thank “THE ALMIGHTY” for this blessing on us without which we could have
not successfully our project.

I am extremely grateful to Mr.Madan.A.Sendhil, M.S., Chairman, Rathinam Group of

Institutions, Coimbatore and Mrs. ShimaSendhil, M.S., Secretary, Rathinam Group of
Institutions, Coimbatore for giving me opportunity to study in this college.

I am extremely grateful to Dr. R.Manickam,MCA.,M.Phil.,Ph.D., Secretary&CEO,

Rathinam Group of Institutions, Coimbatore.

Extend deep sense of valuation to Dr.R.Muralidharan, M.Sc., M.Phil., M.C.A., Ph.D.,

Principal, Rathinam College of Arts and Science (Autonomous) who has permitted to undergo
theinternship.

Unequally thank Dr. K. Juliana Gnanaselvi,M.Sc.,M.Phil., Ph.D., Head, Department of

Information Technology for her constructive suggestions, advice during the course of study.

I convey special thanks, to the supervisor Dr.K.JulianaGnanaselvi, M.Sc.,M.Phil.,

Ph.D., Head, Department of Information Technology,who offered their inestimable support,
guidance, valuable suggestion, motivations, helps given for the completion of the internship.Also
I extend my thanks to all the staff members of the department.

I dedicated sincere respect to my parents for their moral motivation in completing

theinternship.

MOHAMMED ABDALRAHIM EDRIS BABIKER

(Reg.No: RCAS2020MIT010)
 CONTENTS

TABLE OF THE CONTENTS

CHAPTER TITLE PAGE.NO

I INTRODUCTION 1

1.1 AN OVERVIEW 1
1.2 MODULES 1

II SYSTEM ANALYSIS

2.1 EXISTING SYSTEM 2

2.2 PROPOSED SYSTEM 2
SYSYTEM SPECIFICATION
III 3.1 SOFTWARE SPECIFICATION 4
3.2 HARDWARE SPECIFICATION 4

IV SYSTEM DESIGN AND DEVELOPMENT

4.1 INPUT DESIGN 8

4.2 OUTPUT DESIGN 8

V MODULE DESCRIPTION 9

5.1DATA FLOW DIAGRAM 11

5.2 FILE DESIGN 13

5.3 DATABASE DESIGN 13

5.4 SAMPLE FORMS 14

5.5 SAMPLE CODING 15

5.6 SAMPLE OUTPUTS 18

5.7 SMAPLE REPORTS 19

VI TESTING AND IMPLEMENTATION

6.1. SYSTEM TESTING 20

6.2 SYSTEM IMPLEMENTATION 22

7. CONCLUSION 24
BIBLIOGRAPHY 25
APPENDIX
(A) DATABASE TABLES DESIGN 26
(B) SOURCE CODE 27
(C) SCREEN-SHOTS 41
 Detection E-Banking Phising Website using Associative Classification

INTRODUCTION

Detection E-Banking Phising Website using Associative Classification is a web-based

application implemented PHP using MYSQL Server as the database.People often purchase
products online and make payment through e-banking. There are many E-banking phishing
websites. In order to detect the e-banking phishing website our system uses an e ective classi
cation data mining algo-rithm. The e-banking phishing website can be detected based on some
impor-tant characteristics like URL and Domain Identity, and security and encryption criteria in
the nal phishing detection rate.

1. The phishing website can be detected based on some important char-acteristics like URL and
Domain Identity, and security and encryption criteria in the nal phishing detection rate.
2. This application can be used by many E-commerce enterprises in order to make the whole
transaction process secure.
3. Data mining algorithm used in this system provides better performance as compared to other
traditional classi cations algorithms
4. System uses machine learning technique to add new keywords into database.

Modules

● Admin and user Registraton Modules

● use Algorithm Modules

● Pattern Matching Modules

● Weburl analysis Modules

1
 2-SYSTEM STUDY
2.1 Existing System:

Lack of security of data.

● More man power.
● Time consuming.
● Consumes large volume of pare work.
● Needs manual calculations.
● No direct role for the higher officials.
● To avoid all these limitations and make the working more accurately the system needs to
be computerized.

2. 2PROPOSED SYSTEM: 

The drawback of the existing system is that it is very difficult to retrieve data
from case files. The manual system is so time-consuming. The proposed system is very easy to
operate. Speed and accuracy are the main advantages of proposed system. There is no
redundancy of data. The data are stored in the computer’s secondary memories like hard disk,
etc. The proposed system will easily handle all the data and the work done by the existing
systems. The proposed systems eliminate the drawbacks of the existing system to a great extent
and it provides tight security to data.

ADVANTAGES OF THE PROPOSED SYSTEM

The system is very simple in design and to implement. The system requires very low
system resources and the system will work in almost all configurations. It has got following
features
● Security of data.
● Ensure data accuracy’s.
● Proper control of the higher officials.
● Reduce the damages of the machines.
● Minimize manual data entry.

2
● Minimum time needed for the various processing.
● Greater efficiency.
● Better service.
● User friendliness and interactive.

3
 3 SYSTEM SPECIFICATION

3.1 SOFTWARE REQUIREMENTS

OS : MS WINDOWS 7

Front End : PHP,HTML,CSS and JavaScript

Back End : MYSQL Server

Framework :Xampp Server.

3.2 Hardware Requirements

Processor : i3 Processor or above

Clock speed : 500 MHZ

System bus : 32 bits

RAM : 4GB of RAM

HDD : 500 GB or higher

Monitor : LCD Monitor

Keyboard : 108 keys

Mouse : 2 button mouse

SOFTWARE DESCRIPTION:

PHP started out as a small open source project that evolved as more and more people found out
how useful it was. RasmusLerdorf unleashed the first version of PHP way back in 1994.

● PHP is a recursive acronym for "PHP: Hypertext Preprocessor".

● PHP is a server side scripting language that is embedded in HTML. It is used to manage
dynamic content, databases, session tracking, even build entire e-commerce sites.

4
 ● It is integrated with a number of popular databases, including MySQL, PostgreSQL,
Oracle, Sybase, Informix, and Microsoft SQL Server.

● PHP is pleasingly zippy in its execution, especially when compiled as an Apache

module on the Unix side. The MySQL server, once started, executes even very complex
queries with huge result sets in record-setting time.

● PHP supports a large number of major protocols such as POP3, IMAP, and LDAP. PHP4
added support for Java and distributed object architectures (COM and CORBA), making
n-tier development a possibility for the first time.

● PHP is forgiving: PHP language tries to be as forgiving as possible.

● PHP Syntax is C-Like.

Common uses of PHP

● PHP performs system functions, i.e. from files on a system it can create, open, read,
write, and close them.

● PHP can handle forms, i.e. gather data from files, save data to a file, through email you
can send data, return data to the user.

● You add, delete, modify elements within your database through PHP.

● Access cookies variables and set cookies.

● Using PHP, you can restrict users to access some pages of your website.

● It can encrypt data.

Characteristics of PHP

Five important characteristics make PHP's practical nature possible −

● Simplicity

● Efficiency

● Security

5
BACK END:MYSQL
● It is a software, developed by Microsoft, which is implemented from the specification of
RDBMS.
● It is also an ORDBMS.
● It is platform dependent.
● It is both GUI and command based software.
● It supports SQL (SEQUEL) language which is an IBM product, non-procedural,
common database and case insensitive language.

Usage of SQL Server

● To create databases.
● To maintain databases.
● To analyze the data through SQL Server Analysis Services (SSAS).
● To generate reports through SQL Server Reporting Services (SSRS).
● To carry out ETL operations through SQL Server Integration Services (SSIS).
SQL Server works in client-server architecture, hence it supports two types of components − (a)
Workstation and (b) Server.
● Workstation components are installed in every device/SQL Server operator’s machine.
These are just interfaces to interact with Server components. Example: SSMS, SSCM,
Profiler, BIDS, SQLEM etc.
● Server components are installed in centralized server. These are services. Example:
SQL Server, SQL Server Agent, SSIS, SSAS, SSRS, SQL browser, SQL Server full text
search etc.

Instance of SQL Server

● An instance is an installation of SQL Server.

● An instance is an exact copy of the same software.

● If we install 'n' times, then 'n' instances will be created.

● There are two types of instances in SQL Server a) Default b) Named.

● Only one default instance will be supported in one Server.

6
 ● Multiple named instances will be supported in one Server.

● Default instance will take the server name as Instance name.

● Default instance service name is MSSQLSERVER.

● 16 instances will be supported in 2000 version.

● 20 instances will supported in 2005 and later versions.

Advantages of Instances

● To install different versions in one machine.

● To reduce cost.

● To maintain production, development, and test environments separately.

● To reduce temporary database problems.

● To separate security privileges.

● To maintain standby server.

7
 4.SYSTEM DESIGN AND DEVELOPMENT

4.1 INPUT DESIGN

Input design is one of the most important phases of the system design. Input design is the process
where the input received in the system are planned and designed, so as to get necessary
information from the user, eliminating the information that is not required. The goal of the input
design is to make the data entry logical and free from errors. Input data are collected and
organized into a group of similar data. Once identified input media are selected for processing. In
the software, importance is given to develop Graphical User Interface (GUI), which is an
important factor in developing efficient and user- friendly software. For inputting user data,
attractive forms are designed. User can also select desired options from the menu, which
provides all possible facilities.Input is any data or instructions entered into the memory of a
computer. Two types of input are data and instructions. Data is a collection of unorganized items
that can include

4.2 OUTPUT DESIGN

Computer output is the most important direct source of information to the user. The output
design refers to the result and information that it’s generated by the system forms many end
users. To produce the output which are displayed in a screen, efficient and intelligent output
design improves the system relationship with the users and help indecision making. It is
designed in a user-friendly way to avoid user burden.
Two of the most output media today are printers and screen. Most customers now access
their reports from a hard copy or screen display. Computer’s output is the most important and
direct source of information to the user, efficient, logical, output design should improve the
systems relations with the user and help in decision-making. As the outputs are the most
important source of information to the user, better design should improve the system’s relation
and also should help in decision-making.

8
 5.Modules Description

● Admin and user Registraton Modules

● use Algorithm Modules

● Pattern Matching Modules

● Weburl analysis Modules

The concept is an end-host based anti-phishing algorithm, called the Link Guard, by utilizing
the generic characteristics of the hyperlinks in phishing attacks. The Link Guard algorithm
works as follows. In its main routine LinkGuard, it rst extracts the DNS names from the
actual and the visual links.

The Link Guard algorithm works as follows. In its main routine LinkGuard, it rst extracts the

DNS names from the actual and the visual links. It then compares the actual and visual DNS

names, if these names are not the same, then it is phishing of category..If dotted decimal IP

address is directly used in actual DNS, it is then a possible phishing attack of category.If the

actual link or the visual link is encoded, we rst decode the links, then recursively call Link

Guard to return a result. When there is no destination information (DNS name or dotted IP

address) in the visual link, Link Guard calls Analyses to analyse the actual DNS. Link Guard

therefore handles all the five categories of phishing attacks.

Analyses and the related subroutines. In Analyse DNS, if the actual DNS name is contained
in the blacklist, then we are sure that it is a phishing attack. Similarly, if the actual DNS is

9
contained in the whitelist, it is therefore not a phishing attack. If the actual DNS is not
contained in either whitelist or blacklist, Pattern Matching is then invoked.

Pattern Matching Modules

Pattern matching is designed to handle unknown attacks (blacklist/whitelist is useless in this

case). For category five of the phishing attacks, all the information we have is the actual link
from the hyperlink (since the visual link does not contain DNS or IP address of the
destination site), which provide very little information for further analysis. In order to
resolve this problem, we try two methods:

Weburl Modules

First, we extract the sender email address from the e-mail. Since phishers
generally try to fool users by using (spoofed) legal DNS names in the sender. e-mail address,
we expect that the DNS name in the sender address will be di erent from that in the actual
link. Second, we proactively collect DNS names that are manually input by the user when
she surfs the Internet and store the names into a seed set, and since these names are input by
the user by hand, we assume that these names are trustworthy.Weburl then checks if the
actual DNS name of a hyperlink is di erent from the DNS name in the senders address , and
if it is quite similar (but not identical) with one or more names in the seed set by invoking the
Similarity procedure.

The similarity index between two strings are determined by calculating the minimal number
of changes (including insertion, deletion, or revision of a character in the string) needed to
transform a string to the other string. If the number of changes is 0, then the two strings are
identical; if the number of changes is small, then they are of high similarity; otherwise, they
are of low similarity.

10
5.1 Data Flow Diagram

Data Flow Diagram (DFD) is a two-dimensional diagram that describes how data is processed
and transmitted in a system. The graphical depiction recognizes each source of data and how it
interacts with other data sources to reach a mutual output. In order to draft a data flow diagram
one must
● Identify external inputs and outputs

● Determine how the inputs and outputs relate to each other

● Explain with graphics how these connections relate and what they result in.

Role of DFD:
● It is a documentation support which is understood by both programmers and
non-programmers. As DFD postulates only what processes are accomplished not how
they are performed.

● A physical DFD postulates where the data flows and who processes the data.

● It permits analyst to isolate areas of interest in the organization and study them by
examining the data that enter the process and viewing how they are altered when they
leave.

11
DFD : user and Admin

12
5.2 FILE DESIGN:
One problem that would overcome is how to deal with the relations and searching to
minimize I/O operations. All fields are variable length apart from the id, year & length. Server
should be able to synchronize the database to all clients with minimal operations. When a client
comes online, all changes part the date sync back to the client. Another way to do this would
have a separate table on the server which lists all the operations that have happened and the date
they happened; and sync in a similar happened.
Fast read operations for clients.Some sort of index will have to be stored for each table for
where each record starts. This could be small enough to load into memory and could be
stores in files separate to the actual tables to avoid issues.
Minimise I/O operations.The server will store an “index” of the tracks database in memory
with the id and file name so read operations are kept to a minimum. The main problem will
be fragmentation when a record is deleted. Because of the variable length fields, a new
record cannot be added in that place. So fixed length fields should not be used either (as the
filename could be huge for instance).
5.3 DATABASE DESIGN
Data base is designed to manage large bodies of information. The management of data
involves both the definitions of structures for the storage of information. In addition the data base
system must provide for the safety of the information solved, despite system crashes or due to
attempts at unauthorized access. For developing an efficient database we have to fulfil certain
conditions such as controlled redundancy.
● Defining the data
● Inputting the data
● Locating the data
● Accessing the data
● Communicating the data
● Revising the data
Objectives of Data base deign

13
For designing data base design several objectives have to be met as follows:
● Ease of use
● Control of data integrity
● Control of redundancy
● Data independence (logical & physical)

5.4 Sample Forms:

14
5.5 Sample Codings:
<?php
session_start();
if ($_SESSION['first_name'] === null || $_SESSION['last_name'] === null ||
$_SESSION['email'] === null) {
header("Location: ../login_and_register/index.php");
}

$db = new mysqli('localhost', 'root', '', 'esas')

15
or die("Error connecting to database!");

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['firstname']) && isset($_POST['lastname']) && isset($_POST['email'])) {
$_id = $_POST['_id'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
$position = $_POST['position'];

if (isset($_POST['available'])) {
$available = true;
} else {
$available = false;
}

switch ($position) {
case 'professor':
$noa = 1;
break;
case 'associateProfessor':
$noa = 2;
break;
case 'assistantProfessor':
$noa = 4;
break;
case 'lecturer':
$noa = 6;
break;
default:
$noa = 0;
break;
}

$sql = "UPDATE staff SET "

."firstname = '$firstname', "
."lastname = '$lastname', "
."email = '$email', "
."position = '$position', "
."noa = '$noa', "

16
."available = '$available' "
."WHERE _id = '$_id'";

if ($db->query($sql)) {
header("Location: viewStaff.php");
} else {
$sql = "SELECT * from staff where _id = '$_id'";
$res = $db->query($sql);
$row = $res->fetch_assoc();
}
} else {
$_id = $_POST['update_id'];
$sql = "SELECT * from staff where _id = '$_id'";
$res = $db->query($sql);
$row = $res->fetch_assoc();
}
}

?>

<!DOCTYPE html>
<html>
<head>
<title>VES-ESAS</title>
<link rel="stylesheet" type="text/css" href="addStaff.css" />
<link
href="https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,9
00i" rel="stylesheet">
<script type="text/javascript" src="addStaff.js"></script>
</head>
<body>

17
5.6 .Sample Outputs

18
5.7.Sample Reports

19
 TESTING AND IMPLEMENTATION
6.1 INTRODUCTION:
Testing is the process of detecting errors for which the required open web application
secure employment portal specifications stated. Testing performs a very critical role for quality
assurance and for ensuring the reliability of software. The results of testing are used later on
during the software maintenance. The aim of testing is often used to demonstrate that a program
works by showing that it has no errors. The basic purpose of testing phase is to detect the errors
that may be present in the program. Hence one should not start testing with the intent of showing
that a program works, but the intent should be to show that a program doesn’t work. The main
objective of testing is to uncover an error in systematic way with minimum effort and time.
TESTING OBJECTIVES
The testing objectives are summarized in the following three steps:
⮚ Testing is process of executing a program with the intent of finding an error.
⮚ A good test case is one that has high probability of finding an undiscovered error.
⮚ A successful test is one that uncovers an as yet undiscovered error.
TESTING TYPES
The different types of testing are:
● Unit testing
● Integration testing
● System testing
● Acceptance testing
Unit Testing:
This test focuses on verification effort on the smallest unit of software module. Using the
detailed design and the process specifications testing is done to uncover errors within the
boundary of the module. All the modules must be successful in the unit test before the start of

20
the integration testing begins. In this project each service is a module like Login, Forms etc.
Each module has to be tested by giving different sets of inputs. The inputs are validated when
accepting from user.
Integration Testing:
After the unit testing the integration of modules has to be done and then integration
testing can be done. The goal here is to see if modules can be integrated properly, the emphasis
being on testing interfaces between different modules.
System Testing:
In the system testing the entire web portal is tested according the software requirement
specifications document.
Acceptance Testing:
The acceptance testing is performed with realistic data of the client, which focus on the
external behaviour of the system; the internal logic of the program is emphasized. Software
testing is a critical element of software quality assurance and represents the ultimate review of
specification, design and coding. Testing is the exposure of the system to trial input to see
whether it produces correct output.
TESTING PHASES:
Software testing phases include the following:
● Test activities are determined and test data selected.
● The test is conducted and test results are compared with the expected results.

TESTING METHODS:
Testing is a process of executing a program to find out errors. If testing is conducted
successfully, it will uncover all the errors in the software.

Any testing can be done basing on two ways:

● White Box Testing
● Black Box Testing

21
White Box Testing:
It is a test case design method that uses the control structures of the procedural design to
derive test cases.
Using this testing a software Engineer can derive the following test cases:
● Exercise all the logical decisions on either true or false sides.
● Execute all loops at their boundaries and within their operational boundaries.
● Exercise the internal data structures to assure their validity.
Black Box Testing:
It is a test case design method used on the functional requirements of the software. It will help a
software engineer to derive sets of input conditions that will exercise all the functional
requirements of the program.
Black Box testing attempts to find errors in the following categories:
● Incorrect or missing functions
● Interface errors
● Errors in data structures
● Performance errors
● Initialization and termination errors

By black box testing we derive a set of test cases that satisfy the following criteria:
● Test cases that reduce by a count that is greater than one
● The number of additional test cases that must be designed to achieve reasonable testing.
TESTING PLANS:
Testing can be done in two ways:
● Bottom up approach
● Top down approach

22
6.2 SYSTEM IMPLEMENTATION
System implementation is the important stage of project when the theoretical design is tunes
into practical system. The main stages in the implementation are as follows:
● Planning
● Training
● System testing and
● Changeover planning
Planning is the first task in the system implementation. Planning is deciding on the method
and the time scale to be adapted. At the time of implementation of any system people from
different departments and system analysis involve. They are confirmed to practical problem of
controlling various activities of people outside their own data processing departments.
The line manager controlled through an implementation co-ordinate committee. The
committee consists of idea, problems and complaints of user department. It must also be
consider,
● The implementation of system environment.
● Self-selection and allocation for implementation tasks.
● Consultation with unions and resources available.
● Standby facilities and channels of communication.

23
 CONCLUSION

While developing the system a conscious effort has been made to create and develop a
software package, making use of available tools, techniques and resources - that would generate a
proper system.
While making the system, an eye has been kept on making it as user-friendly, as
cost-effective and as flexible as possible. As such one may hope that the system will be
acceptable to any user and will adequately meet his or her needs.
As in case of any system development processes where there are a number of
shortcomings, there have been some shortcomings in the development of this system also. The
project is still under modification.

24
 BIBLIOGRAPHY

BOOK REFERENCES
● Doyle, Matt. Beginning PHP 5.3 (Wrox Programmer to Programmer), 2009.
● Lerdorf, Rasmus. PHP Pocket Reference, O'Reilly, 2000.
● Nixon, Robin. Learning PHP, MySQL, JavaScript, and CSS: A Step-by-Step Guide to
Creating Dynamic Websites, O'Reilly, 2012.
● Nixon, Robin. Robin Nixon's PHP Crash Course: Learn PHP in 14 easy lectures,
O'Reilly, 2012.
● Ullman, Larry. PHP Advanced and Object-Oriented Programming: Visual QuickPro
Guide (3rd Edition), 2012.
● Ullman, Larry. PHP for the Web: Visual QuickStart Guide, 2011.
● Welling, Luke and Thomson, Laura. PHP and MySQL Web Development, Third
Edition, Sams, 2008.
WEBSITE REFERENCES
● www.codecademy.com/learn/PHP
● www.tutorialspoint.com/PHP
● www.learnonline.com
● www.w3.school.com

25
 Appendix:

A.Database Design

user details

Field DataType Constraints

id Int Primary Key
Emailid Varchar(20) Null
username Varchar(20) Null
password Varchar(20) Null
category Varchar(20) Null

URlink Details

Field DataType Constraints

id Int Primary Key
Websitename Varchar(20) Null
WebsiteAddres Varchar(20) Null
Blockedlist Varchar(20) Null
Datetime Varchar(20) Null

Blockedlinksites

Field DataType Constraints

id Int Primary Key
blockeddescription Varchar(20) Null
blockid Varchar(20) Null
content Varchar(20) Null
datetime Varchar(20) Null

Search Table
Field DataType Constraints
sid Int Primary Key

26
Search content Varchar(20) Null
searchdescription Varchar(20) Null
datetime Varchar(20) Null
Weblink avilable Varchar(20) Null
datertime Varchar(20) Null
B.SOURCE CODE:

<?php
session_start();
if ($_SESSION['first_name'] === null || $_SESSION['last_name'] === null ||
$_SESSION['email'] === null) {
header("Location: ../login_and_register/index.php");
}

$db = new mysqli('localhost', 'root', '', 'esas')

or die("Error connecting to database!");

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['firstname']) && isset($_POST['lastname']) && isset($_POST['email'])) {
$_id = $_POST['_id'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
$position = $_POST['position'];

if (isset($_POST['available'])) {
$available = true;
} else {
$available = false;
}

switch ($position) {
case 'professor':
$noa = 1;
break;
case 'associateProfessor':
$noa = 2;
break;
case 'assistantProfessor':
$noa = 4;
break;

27
case 'lecturer':
$noa = 6;
break;
default:
$noa = 0;
break;
}

$sql = "UPDATE staff SET "

."firstname = '$firstname', "
."lastname = '$lastname', "
."email = '$email', "
."position = '$position', "
."noa = '$noa', "
."available = '$available' "
."WHERE _id = '$_id'";

if ($db->query($sql)) {
header("Location: viewStaff.php");
} else {
$sql = "SELECT * from staff where _id = '$_id'";
$res = $db->query($sql);
$row = $res->fetch_assoc();
}
} else {
$_id = $_POST['update_id'];
$sql = "SELECT * from staff where _id = '$_id'";
$res = $db->query($sql);
$row = $res->fetch_assoc();
}
}

?>

<!DOCTYPE html>
<html>
<head>
<title>VES-ESAS</title>
<link rel="stylesheet" type="text/css" href="addStaff.css" />

28
<link
href="https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,9
00i" rel="stylesheet">
<script type="text/javascript" src="addStaff.js"></script>
</head>
<body>

<!-- header component -->

<div class="gen_header">

<div class="header_img">
<img src="../login_and_register/ves-logo.png" />
</div>

<div class="header_title">
<a href="../home/index.php">VESIT - ESAS</a>
<hr>
<div class="header_subtitle">VESIT Examination Staff Allotment System</div>
<div class="header_info">Welcome <?php echo $_SESSION['first_name']."
".$_SESSION['last_name']."!"; ?></div>
</div>

<div class="logout">
<button onclick="location.href='../login_and_register/logout.php'">LOGOUT</button>
</div>

</div>
<div class="home_navigator">
<div class="link"><a href="viewStaff.php">🡨 Go Back</a></div>
</div>

<!-- content body -->

<div class="container_body">
<div class="container">

<div class="exam_form_header">
<div class="title">Update Staff Member!</div>
<div class="subtitle">Update staff member details: </div>
</div>

29
<div class="exam_form">

<div class="form_content" style="padding-left: 50px;">

<form method="POST" name="staffForm" action="updateStaff.php" onsubmit="return

validateRegisterForm();">

<input type="hidden" name="_id" value='<?php echo $row['_id'] ?>' placeholder="ID" />

<div class="form_title">First Name*: </div>

<input type="text" name="firstname" value='<?php echo $row['firstname'] ?>'
placeholder="First Name" />

<div class="form_title">Last Name*: </div>

<input type="text" name="lastname" value='<?php echo $row['lastname'] ?>' placeholder="Last
Name" />

<div class="form_title">E-mail*: </div>

<input type="text" name="email" value='<?php echo $row['email'] ?>' placeholder="E-mail" />

<div class="form_title">Position*: </div>

<div class="styled-select slate">
<select name="position">
<?php
if ($row['position'] == 'professor') {
echo '<option value="professor" selected>Professor</option>';
} else {
echo '<option value="professor">Professor</option>';
}

if ($row['position'] == 'associateProfessor') {
echo '<option value="associateProfessor" selected>Associate Professor</option>';
} else {
echo '<option value="associateProfessor">Associate Professor</option>';
}

if ($row['position'] == 'assistantProfessor') {
echo '<option value="assistantProfessor" selected>Assistant Professor</option>';
} else {
echo '<option value="assistantProfessor">Assistant Professor</option>';

30
}

if ($row['position'] == 'lecturer') {
echo '<option value="lecturer" selected>Lecturer</option>';
} else {
echo '<option value="lecturer">Lecturer</option>';
}
?>
</select>
</div>

<div>
<div class="form_title">Available: </div>
<div style="height: 15px;"><input type="checkbox" name="available" value="yes"
<?php if ($row['available']) {echo "checked";} ?>></div>
</div>
<br />

<div class="update_button">
<button type="submit">UPDATE</button>
</div>

</form>

</div>

</div>

</div>
</div>

</body>
</html>

<?php
session_start();
if ($_SESSION['first_name'] === null || $_SESSION['last_name'] === null ||
$_SESSION['email'] === null) {
header("Location: ../login_and_register/index.php");

31
}

$db = new mysqli('localhost', 'root', '', 'esas')

or die("Error connecting to database!");

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['delete'])) {
if ($_POST['delete'] == 'yes') {
$_id = $_POST['_id'];
$sql = "DELETE FROM staff WHERE _id = '$_id'";
if ($db->query($sql)) {
header("Location: viewStaff.php");
}
} else {
header("Location: viewStaff.php");
}

} else {
$_id = $_POST['delete_id'];
$sql = "SELECT * from staff where _id = '$_id'";
$res = $db->query($sql);
$row = $res->fetch_assoc();

}
} else {
$_id = $_POST['delete_id'];
$sql = "SELECT * from staff where _id = '$_id'";
$res = $db->query($sql);
$row = $res->fetch_assoc();
}
?>

<div class="gen_header">

<div class="header_img">
<img src="../login_and_register/ves-logo.png" />
</div>

<div class="header_title">

32
<a href="../home/index.php">VESIT - ESAS</a>
<hr>
<div class="header_subtitle">VESIT Examination Staff Allotment System</div>
<div class="header_info">Welcome <?php echo $_SESSION['first_name']."
".$_SESSION['last_name']."!"; ?></div>
</div>

<div class="logout">
<button onclick="location.href='../login_and_register/logout.php'">LOGOUT</button>
</div>

</div>
<div class="home_navigator">
<div class="link"><a href="viewStaff.php">🡨 Go Back</a></div>
</div>

<!-- content body -->

<div class="container_body">
<div class="container">

<div class="exam_form_header">
<div class="title">Delete Staff Member!</div>
<div class="subtitle">Confirm your request: </div>
</div>

<div class="exam_form">

<div class="form_content" style="padding-left: 50px;">

<form method="POST" action="deleteStaff.php">

<div class="delete_confirmation">
Are you sure you want to delete the following Staff Member?
</div>

<div class="delete_details">

<input type="hidden" name="_id" value='<?php echo $row['_id'] ?>' placeholder="ID" />

33
<div class="delete_title">First Name: <span class="info"><?php echo $row['firstname']
?></span></div>

<div class="delete_title">Last Name: <span class="info"><?php echo $row['lastname']

?></span></div>

<div class="delete_title">E-mail: <span class="info"><?php echo $row['email']

?></span></div>

<div class="delete_title">Position: <span class="info">

<?php
switch ($row['position']) {
case 'professor':
echo "Professor";
break;
case 'associateProfessor':
echo "Associate Professor";
break;
case 'assistantProfessor':
echo "Assistant Professor";
break;
case 'lecturer':
echo "Lecturer";
break;
default:
echo "Not Assigned";
break;
}
?>
</span></div>

<div class="delete_title">Available for: <span class="info"><?php echo $row['noa']." times"

?></span></div>

<div class="delete_title">Is Available: <span class="info"><?php if($row['available']) { echo

"Yes"; } else { echo "No"; } ?></span></div>

</div>

<div class="delete_yes">

34
<button type="submit" name="delete" value="yes">YES</button>
</div>

<div class="delete_no">
<button type="submit" name="delete" value="no">NO</button>
</div>

</form>

</div>

</div>

</div>
</div>

</body>
</html>
<?php
session_start();
if ($_SESSION['first_name'] === null || $_SESSION['last_name'] === null ||
$_SESSION['email'] === null) {
header("Location: ../login_and_register/index.php");
}
$_SESSION['message'] = 'Please enter your details!';

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['firstname']) && isset($_POST['lastname']) && isset($_POST['email'])) {

$db = new mysqli('localhost', 'root', '', 'esas')

or die("Error connecting to database!");

$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
$position = $_POST['position'];

if (isset($_POST['available'])) {
$available = true;

35
} else {
$available = false;
}

switch ($position) {
case 'professor':
$noa = 1;
break;
case 'associateProfessor':
$noa = 2;
break;
case 'assistantProfessor':
$noa = 4;
break;
case 'lecturer':
$noa = 6;
break;
default:
$noa = 0;
break;
}

$sql = "INSERT INTO staff (firstname, lastname, email, position, noa, available)"
."VALUES ('$firstname', '$lastname', '$email', '$position', '$noa', '$available')";

if ($db->query($sql) === true) {

$_SESSION['message'] = "User added successfully!";
} else {
$_SESSION['message'] = "Error adding user to the database!";
}

} else {
$_SESSION['message'] = "Error: Fields not set!";
}
}
?>

<!DOCTYPE html>
<html>

36
<head>
<title>ESAS</title>
<link rel="stylesheet" type="text/css" href="addStaff.css" />
<link
href="https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,9
00i" rel="stylesheet">
<script type="text/javascript" src="addStaff.js"></script>
</head>

<body>

<!-- header component -->

<div class="gen_header">

<div class="header_img">
<img src="../login_and_register/ves-logo.png" />
</div>

<div class="header_title">
<a href="../home/index.php">VESIT - ESAS</a>
<hr>
<div class="header_subtitle">VESIT Examination Staff Allotment System</div>
<div class="header_info">Welcome <?php echo $_SESSION['first_name']."
".$_SESSION['last_name']."!"; ?></div>
</div>

<div class="logout">
<button onclick="location.href='../login_and_register/logout.php'">LOGOUT</button>
</div>

</div>
<div class="home_navigator">
<div class="link"><a href="../home/index.php">🡨 Go Back</a></div>
</div>

<!-- content body -->

<div class="container_body">

<div class="container">

37
<table width="100%">

<tr>

<td>
<div class="exam_form_header">
<div class="title">Add Staff Member!</div>
<div class="subtitle">Enter staff member details: </div>
</div>
</td>

<td>
<div class="staff_list_header">
<div class="title">Staff Member List</div>
<div class="subtitle"><a href="addStaff.php">Refresh</a></div>
</div>
</td>

</tr>

<tr>

<td width="40%">

<div class="exam_form">

<div class="form_content">

<form method="POST" name="staffForm" action="addStaff.php" onsubmit="return

validateRegisterForm();">
<div class="form_title">First Name*: </div>
<input type="text" name="firstname" placeholder="First Name" />

<div class="form_title">Last Name*: </div>

<input type="text" name="lastname" placeholder="Last Name" />

<div class="form_title">E-mail*: </div>

<input type="text" name="email" placeholder="E-mail" />

<div class="form_title">Position*: </div>

38
<div class="styled-select slate">
<select name="position">
<option value="professor">Professor</option>
<option value="associateProfessor">Associate Professor</option>
<option value="assistantProfessor">Assistant Professor</option>
<option value="lecturer">Lecturer</option>
</select>
</div>

<div>
<div class="form_title">Available: </div>
<div style="height: 15px;"><input type="checkbox" name="available" value="yes"></div>
</div>
<br />
<div class="submit">
<button type="submit">Submit</button>
</div>

</form>

</div>

</div>

</td>

<td width="60%">

<div class="staff_list">

<table width="100%">

<tr>
<th>Sr. No.</th>
<th>First Name</th>
<th>Last Name</th>
<th>E-Mail</th>
<th>Position</th>
<th>Times Available</th>
<th>Available</th>

39
</tr>
<?php
$db = new mysqli('localhost', 'root', '', 'esas')
or die("Error connecting to database!");

$sql = "SELECT * from staff";

$results = $db->query($sql);

$i = 1;
while($row = $results->fetch_assoc()) {
?>

<tr>
<td><?php echo $i; ?></td>
<td><?php echo $row['firstname']; ?></td>
<td><?php echo $row['lastname']; ?></td>
<td><?php echo $row['email']; ?></td>
<td>
<?php
switch ($row['position']) {
case 'professor':
echo "Professor";
break;
case 'associateProfessor':
echo "Associate Professor";
break;
case 'assistantProfessor':
echo "Assistant Professor";
break;
case 'lecturer':
echo "Lecturer";
break;
default:
<!DOCTYPE html>
<html>
<head>
<title>VES-ESAS</title>
<link rel="stylesheet" type="text/css" href="addStaff.css" />

40
<link
href="https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,9
00i" rel="stylesheet">
</head>
<body>

<!-- header component -->

C.Screenshots:

41
42
43
44
45