SWEN-Project/Student_remove.php at main · E2co/SWEN-Project · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
<?php

$host = 'localhost';
$dbname = 'school_db';
$username = 'root';
$password = '';

try {
    $pdo = new PDO("mysql:host=$host;dbname=$dbname", $username, $password);

    $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

    if ($_SERVER["REQUEST_METHOD"] == "POST") {
        $student_id = filter_input(INPUT_POST, 'student_id', FILTER_VALIDATE_INT);

        if (!$student_id) {
            http_response_code(400);
            echo json_encode([
                'status' => 'error',
                'message' => 'Invalid student ID'
            ]);
            exit;
        }

        $pdo->beginTransaction();

        try {
            $check_stmt = $pdo->prepare("SELECT COUNT(*) FROM students WHERE id = ?");
            $check_stmt->execute([$student_id]);

            if ($check_stmt->fetchColumn() == 0) {
                $pdo->rollBack();
                http_response_code(404);
                echo json_encode([
                    'status' => 'error',
                    'message' => 'Student not found'
                ]);
                exit;
            }

            $stmt_parent = $pdo->prepare("DELETE FROM parents_contact WHERE student_id = ?");
            $stmt_parent->execute([$student_id]);

            $stmt_student = $pdo->prepare("DELETE FROM students WHERE id = ?");
            $stmt_student->execute([$student_id]);

            $stmt_attendance = $pdo->prepare("DELETE FROM student_attendance WHERE student_id = ?");
            $stmt_attendance->execute([$student_id]);

            $auditStmt = $pdo->prepare("INSERT INTO student_audit (student_id, operation) VALUES (:student_id, 'Removed')");
            $auditStmt->execute(['student_id' => $student_id]);

            $pdo->commit();

            http_response_code(200);
            echo json_encode([
                'status' => 'success',
                'message' => "Student with ID $student_id removed successfully"
            ]);
            exit;

        } catch (PDOException $e) {
            $pdo->rollBack();

            http_response_code(500);
            echo json_encode([
                'status' => 'error',
                'message' => 'Database error: ' . $e->getMessage()
            ]);
            exit;
        }
    } else {
        http_response_code(405);
        echo json_encode([
            'status' => 'error',
            'message' => 'Method Not Allowed'
        ]);
        exit;
    }
} catch (PDOException $e) {
    http_response_code(500);
    echo json_encode([
        'status' => 'error',
        'message' => 'Connection failed: ' . $e->getMessage()
    ]);
    exit;
}
?>