A PHP-developed secondary school performance management system

Write in front

Blog for a long time did not update, recently saw MSRA cattle Liu Weipeng Blog (www.mindhacks.cn), deep feelings, feel learned a lot of things, about algorithmic learning, thinking methods, career development and so on, so read a few of his blog after I did two things

Upload all my project code to GitHub and continue blogging.

Just this week. Commissioned by a high school in PHP write a performance management system, so the system development process recorded, as a summary, but also with you friends of the park, to improve progress together.

Because I am still only in school students, so the knowledge experience must exist a great shortage, the content of the article will inevitably be overlooked superficial, if there are biased places hope that we understand a lot. Communication progress is the ultimate goal, thank you!

The role and function of the performance management System 1. Administrator

1.1 Importing user information (including students and teachers)

1.2.1 Registration examinations (including county exams, whole school examinations, class tests)

1.2.2 Query Exam Information

1.3 Import Results

1.4 Change Password

1.5 User Lookup

2. Teachers

2.1 View all students in this class (including scores, scores, rankings)

2.2 Change Password

3. Students

3.1 Viewing all of your test scores

3.2 Change Password

The specific techniques used

Background language: PHP

Front desk language and framework: Html+javascript+jquery

Deployment server: Linux+nginx

Development process 1. Database design

There are 3 tables in the database: grades (score table), Users (user table), exams (Test list)

The user ID in the users table is the foreign key of the UserID in the grades table

Exam ID in exams table is the foreign key of Examid in grades

2. Login

Login interface

The login interface is a good-looking login screen found on the Internet with jquery, which provides the following download address:

Http://www.veryhuo.com/down/html/55826.html

Login logic

If the user login is successfully read the user type (Administrator, teacher, student), of course, in order to avoid SQL such as, the user input has been done special character filtering processing, and the user's user name, user type, user ID and other information read into $_session, Then the different pages (admin.php, teacher.php, student.php) are respectively directed, and the session is re-validated on these pages to prevent unauthorized users from accessing the page directly. When the user clicks Exit, it leaves some variables in the session empty.

3. User interface

Administrator to import user information and score information are used php-reader this third-party plug-in to read the uploaded Excel information, which is also available in this plugin download address: http://code.google.com/p/php-reader/

This plugin provides some handy ways to get data from Excel files, even to read additional information such as cell border color, but note that this plugin can only read. xls files and cannot read. xlxs files.

Other teacher and student interface functions are simply tabular return results, with no complicated functionality.

Some specific functions are also detailed in the implementation of the details. The previous user Action interface diagram

4. Using logic

Administrators import user information (including students and teachers) administrators register for exam information, the system obtains the exam ID and returns it to the Administrator (in order to differentiate the results data from the import grades table need to assign an ID to each exam) the administrator imports the score table (one column is the test ID obtained in the second step) Teacher and Student Login query results

(about the exam management here is the reason for the administrator to get an exam ID is because I worry about the administrator input test results when there is a missing record, in order to let the system know that the results of the record is the previous record of the results, you need an exam ID to connect them, So the seemingly jumbled steps to get the exam ID are introduced.

Some details are implemented

1. Teacher interface Query All student grades in this class

Because I put all the students in the same form grades, and this table each record is a student a test of the record, so to the teacher class students related to the exam results are queried and each exam according to rank, so inevitably involves the problem of multi-table query, And because the score field is more, it also makes me the longest SQL ever ($exam _id is the exam ID number that was previously queried by all students in the teacher's Class):

SELECT T1.sx,t1.yw,t1.yy,t1.wl,t1.hx,t1.sw,t1.ls,t1.zz,t1.dl,              (COALESCE (t1.sx,0) +coalesce (t1.yw,0) +coalesce (t1.yy,0) +coalesce (wl,0)              +coalesce (hx,0) +coalesce (sw,0) +coalesce (ls,0) +coalesce (dl,0) +coalesce (zz,0))        As Sumscore,t2.realname from  myphpcj.grades as T1, users as T2 where  t1.userid=t2.id and exam_id= ". $exam _id." Ord ER by sumscore desc ";

It may look a bit long, here's a general explanation, T1 is the grades table, T2 is the user table. The two-table joint query results in the examination of each student's name, number, score, total, and finally sorted by total score, because some subjects did not attend or this exam is not included, so the MySQL coalesce function to deal with the null value. The use of federated tables was seldom used before, and this trial found that it was possible to simplify many program logic and improve program efficiency. This time the database design using a number of foreign keys, can be said to simplify program exception handling also played a big role. In short, the sense of database development also has a deeper understanding.

2. Save files with duplicate names

Because to import the user results, I would like to upload the file to the files directory, and then read the file content import information. I want to name all the files with a date time stamp, which involves uploading multiple file overlays on the same day, and finally thinking of a way to upload the same file after uploading the upload sequence. 。 At the same time, if a file is deleted in the middle, then the uploaded file will fill the digital location. So in the upload code to add the following processing:

$i =1;              $save _filename= "Files/users". Date ("y-m-d["). $i. "]. XLS ";              while (File_exists ("Files/users". Date ("y-m-d["). $i. "]. XLS "))              {                     $i = $i +1;                     $save _filename= "Files/users". Date ("y-m-d["). $i. "]. XLS ";                                         }              Move_uploaded_file ($_files["Grade_file" ["Tmp_name"],        $save _filename);

The final effect is this:

Some of the other features are relatively simple, and this is not the case. As far as security is concerned, because there is nothing relevant to the experience, just in all forms basically do a special character filter to avoid SQL injection, user login also did log on failure count to prevent brute force hack. As for the XSS, the website does not provide the external registration, the closed sex is stronger also did not think much.

Written in the last

I have been using. NET to develop the Web, this time on the W3school on the two-day PHP tutorial (here to like this site, not clear students can Baidu, the tutorial content streamlined without losing focus!) After the start took 3 days to do this thing, and finally although the function is relatively simple, the interface effect is general, but their own is relatively satisfied, on the one hand to add a skill, on the other hand, the two technologies have made a simple contrast, the individual think PHP and HTML and JS combination is better, so do the front-end relatively easy , and the development efficiency of personal feeling is more than. NET higher, but after all, the scripting language, security is certainly not. NET good, basically a full function, a larger system is prone to a variety of vulnerabilities. As for efficiency, I have not measured, and have no say, of course, this is only opinion, both are excellent language, otherwise it will not be so popular. We also welcome the exchange of views on different points of view.

Finally the project has been open source https://code.google.com/p/phpscores/

