File: /srv/www/rectt-csmcri.res.in/public_html/process_scientist.php
<?php
session_start();
// Remove in production
// ini_set("display_errors", 1);
// ini_set("display_startup_errors", 1);
// error_reporting(E_ALL);
require_once 'sites/config/config.php';
require_once 'gen_scientist.php';
function validateDate($date, $format = 'Y-m-d')
{
$d = DateTime::createFromFormat($format, $date);
return $d && $d->format($format) === $date;
}
if (!isset($_SESSION['registered']) || $_SERVER['REQUEST_METHOD'] !== 'POST') {
header("location: login.php");
exit;
}
// Throw exceptions on MySQLi errors
// mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$conn->begin_transaction();
try {
if (!isset($_SESSION['registered']) || $_SERVER['REQUEST_METHOD'] !== 'POST') {
header("location: login.php");
exit;
}
if (!isset($_SESSION['user_id'], $_SESSION['session_token'])) {
session_destroy();
header("Location: logout.php");
exit;
}
$user_id = $_SESSION['user_id'];
$token = $_SESSION['session_token'];
$stmt = $conn->prepare("SELECT session_token FROM users WHERE id = ?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
$stmt->bind_result($db_token);
$stmt->fetch();
$stmt->close();
if ($token !== $db_token) {
session_destroy();
die("You have been logged out because your account was logged in elsewhere.");
}
// $user_id = $_SESSION['user_id'];
$ad_id = $_POST['ad_id'] ?? null;
$post_id = $_POST['post_id'] ?? null;
$category = $_SESSION['category'] ?? 'General';
$disability = $_SESSION['disability'] ?? 'No';
if (!$user_id || !$ad_id || !$post_id) {
die("Invalid access or session expired.");
}
$status = 'submitted';
$phd_status = $_POST['phd_status'] ?? '';
$phd_guide_name = $_POST['phd_guide_name'] ?? '';
$phd_guide_email = $_POST['phd_guide_email'] ?? '';
$phd_date = $_POST['phd_date'] ?? '';
$phd_title = $_POST['phd_title'] ?? '';
$phd_area = $_POST['phd_area'] ?? '';
$phd_department = $_POST['phd_department'] ?? '';
$phd_university = $_POST['phd_university'] ?? '';
$rd_experience = $_POST['rd_experience'] ?? '';
$statement_of_purpose = $_POST['statement_of_purpose'] ?? '';
$min_initial_pay = $_POST['min_initial_pay'] ?? null;
$expected_pay = $_POST['expected_pay'] ?? null;
$joining_time = $_POST['joining_time'] ?? null;
$payment_reference_no = $_POST['paymentReferenceNo'] ?? '';
$declaration = isset($_POST['agree']) ? 1 : 0;
// === 1. Insert main application ===
// Determine if user is fee exempt
$is_exempt = in_array($category, ['SC', 'ST']) ||
($_SESSION['gender'] ?? '') === 'Female' ||
($_SESSION['ex_servicemen'] ?? '') === 'Yes' ||
($_SESSION['csir_employee'] ?? '') === 'Yes' ||
$disability === 'Yes';
$payment_date = $_POST['payment_date'] ?? null;
$payment_date = ($is_exempt || !validateDate($payment_date)) ? null : $payment_date;
// === 1. Insert main application ===
$stmt = $conn->prepare("INSERT INTO scientist_applications
(user_id, advertisement_id, post_id, rd_experience, statement_of_purpose, min_initial_pay, expected_pay, joining_time, payment_reference_no, payment_date, declaration, status)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
$stmt->bind_param(
"iiisssssssis",
$user_id,
$ad_id,
$post_id,
$rd_experience,
$statement_of_purpose,
$min_initial_pay,
$expected_pay,
$joining_time,
$payment_reference_no,
$payment_date,
$declaration,
$status
);
if (!$stmt->execute()) {
die("Error saving application: " . $stmt->error);
}
$application_id = $stmt->insert_id;
$stmt->close();
// $stmt = $conn->prepare("INSERT INTO scientist_applications
// (user_id, advertisement_id, post_id, rd_experience, statement_of_purpose, min_initial_pay, expected_pay, joining_time, payment_reference_no, declaration, status)
// VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
// $stmt->bind_param(
// "iiissssssis",
// $user_id,
// $ad_id,
// $post_id,
// $rd_experience,
// $statement_of_purpose,
// $min_initial_pay,
// $expected_pay,
// $joining_time,
// $payment_reference_no,
// $declaration,
// $status
// );
// if (!$stmt->execute()) {
// die("Error saving application: " . $stmt->error);
// }
// $application_id = $stmt->insert_id;
// $stmt->close();
// === 1a. Insert Ph.D. details (if any provided) ===
$phd_status = $_POST['phd_status'] ?? null;
$valid_statuses = ['Awarded', 'Submitted'];
if (!in_array($phd_status, $valid_statuses, true)) {
$phd_status = null;
}
$phd_guide_name = $_POST['phd_guide_name'] ?? null;
$phd_guide_email = $_POST['phd_guide_email'] ?? null;
$phd_date = $_POST['phd_date'] ?? null;
if ($phd_date === '' || !DateTime::createFromFormat('Y-m-d', $phd_date)) {
$phd_date = null;
}
$phd_title = $_POST['phd_title'] ?? null;
$phd_area = $_POST['phd_area'] ?? null;
$phd_department = $_POST['phd_department'] ?? null;
$phd_university = $_POST['phd_university'] ?? null;
if (
$phd_status || $phd_guide_name || $phd_guide_email || $phd_date ||
$phd_title || $phd_area || $phd_department || $phd_university
) {
$phd_stmt = $conn->prepare("INSERT INTO scientist_phd_details
(application_id, status, guide_name, guide_email, date, title, area, department, university)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)");
$phd_stmt->bind_param(
"issssssss",
$application_id,
$phd_status,
$phd_guide_name,
$phd_guide_email,
$phd_date,
$phd_title,
$phd_area,
$phd_department,
$phd_university
);
$phd_stmt->execute();
$phd_stmt->close();
}
// === 2. Insert qualifications ===
$levels = [
'ssc' => 'SSC',
'hsc' => 'HSC',
'be_btech' => 'B.E./B.Tech.',
'me_mtech' => 'M.E./M.Tech.',
'bsc' => 'BSc',
'msc' => 'MSc'
];
$qual_stmt = $conn->prepare("INSERT INTO scientist_qualifications
(application_id, qualification_type, school_college, board_university, subjects, marks, scale, passing_date, mode_of_study, remarks)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
foreach ($levels as $key => $label) {
$school = $_POST[$key . '_school'] ?? '';
$board = $_POST[$key . '_board'] ?? '';
$subjects = $_POST[$key . '_subjects'] ?? '';
$marks = $_POST[$key . '_marks'] ?? '';
$scale = $_POST[$key . '_scale'] ?? '';
$pass_date = $_POST[$key . '_pass_date'] ?? '';
if ($pass_date === '' || !DateTime::createFromFormat('Y-m-d', $pass_date)) {
$pass_date = null;
}
if (!$pass_date) {
$pass_date = null;
}
$mode = $_POST[$key . '_mode'] ?? '';
if ($mode === '') {
$mode = null;
}
$remarks = $_POST[$key . '_remarks'] ?? '';
// Insert only if at least one field has data
if ($school || $board || $subjects || $marks || $scale || $pass_date || $mode || $remarks) {
$qual_stmt->bind_param(
"isssssssss",
$application_id,
$label,
$school,
$board,
$subjects,
$marks,
$scale,
$pass_date,
$mode,
$remarks
);
$qual_stmt->execute();
}
}
$qual_stmt->close();
// === 3. Insert experiences ===
if (isset($_POST['experience']) && is_array($_POST['experience'])) {
$exp_stmt = $conn->prepare("INSERT INTO scientist_experiences
(application_id, org_type, organization, designation, nature, last_pay, status_of_job, from_date, to_date)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)");
foreach ($_POST['experience'] as $exp) {
$org_type = $exp['org_type'] ?? '';
$organization = $exp['organization'] ?? '';
$designation = $exp['designation'] ?? '';
$nature = $exp['nature'] ?? '';
$last_pay = $exp['last_pay'] ?? '';
$status = $exp['status'] ?? '';
$from = $exp['from'] ?? '';
if ($from === '' || !DateTime::createFromFormat('Y-m-d', $from)) {
$from = null;
}
$to = $exp['to'] ?? '';
if ($to === '' || !DateTime::createFromFormat('Y-m-d', $to)) {
$to = null;
}
$exp_stmt->bind_param(
"issssssss",
$application_id,
$org_type,
$organization,
$designation,
$nature,
$last_pay,
$status,
$from,
$to
);
$exp_stmt->execute();
}
$exp_stmt->close();
}
// === 4. Scientific contributions ===
$sciSections = ['Product Development', 'Technology Innovation', 'Applied Technology', 'Translational Research'];
$sci_stmt = $conn->prepare("INSERT INTO scientific_contributions
(application_id, section, contributed, patented, patent_details)
VALUES (?, ?, ?, ?, ?)");
foreach ($sciSections as $type) {
$slug = strtolower(str_replace(' ', '_', $type));
$contributed = $_POST[$slug . '_contributed'] ?? '';
$patented = $_POST[$slug . '_patented'] ?? '';
$patent_details = $_POST[$slug . '_patent_details'] ?? '';
if ($patented !== 'Yes' && $patented !== 'No') {
$patented = null;
}
if ($contributed !== 'Yes' && $contributed !== 'No') {
$contributed = null;
}
$sci_stmt->bind_param(
"issss",
$application_id,
$type,
$contributed,
$patented,
$patent_details
);
$sci_stmt->execute();
}
$sci_stmt->close();
// === 5. Publications ===
if (isset($_POST['publication']) && is_array($_POST['publication'])) {
$pub_stmt = $conn->prepare("INSERT INTO scientist_publications
(application_id, journal_type, paper_title, authorship, total_authors, journal_name, year, volume_no, page_no, citations, impact_factor, file_path)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
// Create the publication upload directory for this application, if not exists
$upload_dir = "sites/upload/scientist_applications/{$application_id}/";
// CHMOD 0777
if (!is_dir($upload_dir)) mkdir($upload_dir, 0777, true);
foreach ($_POST['publication'] as $i => $pub) {
$file_path = '';
if (isset($_FILES['publication']['name'][$i]['file']) && $_FILES['publication']['name'][$i]['file']) {
// Handle publication file upload
$file = $_FILES['publication'];
$tmp_name = $file['tmp_name'][$i]['file'];
$name = $file['name'][$i]['file'];
$ext = pathinfo($name, PATHINFO_EXTENSION);
// Generate a unique safe filename
$safeName = uniqid('publication_', true) . '.' . $ext;
$dest = $upload_dir . $safeName;
if (move_uploaded_file($tmp_name, $dest)) {
$file_path = $dest;
}
}
// Assign all array values to variables before bind_param
$journal_type = $pub['journal_type'] ?? '';
$paper_title = $pub['paper_title'] ?? '';
$authorship = $pub['authorship'] ?? '';
// int
$total_authors = $pub['total_authors'] ?? 0;
$journal_name = $pub['journal_name'] ?? '';
$year = $pub['year'] ?? null;
if (!$year || !is_numeric($year) || $year < 1901 || $year > 2155) {
$year = null;
}
$volume_no = $pub['volume'] ?? '';
$page_no = $pub['page'] ?? '';
$citations = $pub['citations'] ?? 0;
$impact_factor = $pub['impact'] ?? 0;
// $file_path is already set
$pub_stmt->bind_param(
"isssisissids",
$application_id,
$journal_type,
$paper_title,
$authorship,
$total_authors,
$journal_name,
$year,
$volume_no,
$page_no,
$citations,
$impact_factor,
$file_path
);
$pub_stmt->execute();
}
$pub_stmt->close();
}
// === 6. Patents ===
if (isset($_POST['patent']) && is_array($_POST['patent'])) {
$pat_stmt = $conn->prepare("INSERT INTO scientist_patents
(application_id, title, inventors, status, country, patent_no, patent_date)
VALUES (?, ?, ?, ?, ?, ?, ?)");
foreach ($_POST['patent'] as $pat) {
$title = $pat['title'] ?? '';
$inventors = $pat['inventors'] ?? '';
$status = $pat['status'] ?? '';
if (!in_array($status, ['Filed', 'Granted'], true)) {
$status = null;
}
$country = $pat['country'] ?? '';
$patent_no = $pat['number'] ?? '';
$patent_date = $pat['date'] ?? '';
$patent_date = $pat['date'] ?? '';
if ($patent_date === '' || !DateTime::createFromFormat('Y-m-d', $patent_date)) {
$patent_date = null;
}
$pat_stmt->bind_param(
"issssss",
$application_id,
$title,
$inventors,
$status,
$country,
$patent_no,
$patent_date
);
$pat_stmt->execute();
}
$pat_stmt->close();
}
// === 7. Books/Chapters ===
if (isset($_POST['book']) && is_array($_POST['book'])) {
$book_stmt = $conn->prepare("INSERT INTO scientist_books
(application_id, book_title, chapter_title, publication_agency, role)
VALUES (?, ?, ?, ?, ?)");
foreach ($_POST['book'] as $book) {
$book_title = $book['book_title'] ?? '';
$chapter_title = $book['chapter_title'] ?? '';
$publication_agency = $book['agency'] ?? '';
$role = $book['role'] ?? '';
if (!in_array($role, ['Author', 'Co-Author'], true)) {
$role = null;
}
$book_stmt->bind_param(
"issss",
$application_id,
$book_title,
$chapter_title,
$publication_agency,
$role
);
$book_stmt->execute();
}
$book_stmt->close();
}
// === 8. Seminars/Conferences ===
if (isset($_POST['seminar']) && is_array($_POST['seminar'])) {
$sem_stmt = $conn->prepare("INSERT INTO scientist_seminars
(application_id, event_name, paper_title, place, date, organizer)
VALUES (?, ?, ?, ?, ?, ?)");
foreach ($_POST['seminar'] as $sem) {
$event_name = $sem['event'] ?? '';
$paper_title = $sem['paper_title'] ?? '';
$place = $sem['place'] ?? '';
$date = $sem['date'] ?? '';
if ($date === '' || !DateTime::createFromFormat('Y-m-d', $date)) {
$date = null;
}
$organizer = $sem['organizer'] ?? '';
$sem_stmt->bind_param(
"isssss",
$application_id,
$event_name,
$paper_title,
$place,
$date,
$organizer
);
$sem_stmt->execute();
}
$sem_stmt->close();
}
// === 9. Awards ===
if (isset($_POST['award']) && is_array($_POST['award'])) {
$award_stmt = $conn->prepare("INSERT INTO scientist_awards
(application_id, name, year, sponsor)
VALUES (?, ?, ?, ?)");
foreach ($_POST['award'] as $award) {
$name = $award['name'] ?? '';
$year = $award['year'] ?? null;
if (!is_numeric($year) || strlen((string)$year) !== 4 || $year < 1900 || $year > (int)date('Y')) {
$year = null;
}
$sponsor = $award['sponsor'] ?? '';
$award_stmt->bind_param(
"isis",
$application_id,
$name,
$year,
$sponsor
);
$award_stmt->execute();
}
$award_stmt->close();
}
// === 10. Country Visits ===
if (isset($_POST['visit']) && is_array($_POST['visit'])) {
$visit_stmt = $conn->prepare("INSERT INTO scientist_visits
(application_id, country, from_date, to_date, institute, purpose, sponsorer)
VALUES (?, ?, ?, ?, ?, ?, ?)");
foreach ($_POST['visit'] as $visit) {
$country = $visit['country'] ?? '';
$from_date = $visit['from'] ?? '';
if ($from_date === '' || !DateTime::createFromFormat('Y-m-d', $from_date)) {
$from_date = null;
}
$to_date = $visit['to'] ?? '';
if ($to_date === '' || !DateTime::createFromFormat('Y-m-d', $to_date)) {
$to_date = null;
}
$institute = $visit['institute'] ?? '';
$purpose = $visit['purpose'] ?? '';
$sponsorer = $visit['sponsorer'] ?? '';
$visit_stmt->bind_param(
"issssss",
$application_id,
$country,
$from_date,
$to_date,
$institute,
$purpose,
$sponsorer
);
$visit_stmt->execute();
}
$visit_stmt->close();
}
// === 11. Referees ===
if (isset($_POST['referee']) && is_array($_POST['referee'])) {
$ref_stmt = $conn->prepare("INSERT INTO scientist_referees
(application_id, name, occupation, address, mobile, email)
VALUES (?, ?, ?, ?, ?, ?)");
foreach ($_POST['referee'] as $ref) {
$name = $ref['name'] ?? '';
$occupation = $ref['occupation'] ?? '';
$address = $ref['address'] ?? '';
$mobile = $ref['mobile'] ?? '';
$email = $ref['email'] ?? '';
$ref_stmt->bind_param(
"isssss",
$application_id,
$name,
$occupation,
$address,
$mobile,
$email
);
$ref_stmt->execute();
}
$ref_stmt->close();
}
// === 12. Document uploads ===
function handleUpload($field, $application_id, $document_type, $max_size = 1048576)
{
// Check if file is present and upload is successful
if (!isset($_FILES[$field]) || $_FILES[$field]['error'] !== UPLOAD_ERR_OK) return null;
// Check size limit
if ($_FILES[$field]['size'] > $max_size) return null;
// Allow only certain MIME types (optional but recommended)
$allowedMimes = ['image/jpeg', 'image/png', 'application/pdf'];
$mime = (new finfo(FILEINFO_MIME_TYPE))->file($_FILES[$field]['tmp_name']);
if (!in_array($mime, $allowedMimes)) return null;
// Make sure upload directory exists
$upload_dir = "sites/upload/scientist_applications/" . $application_id . "/";
if (!is_dir($upload_dir)) mkdir($upload_dir, 0777, true);
// Generate a unique, safe filename
$ext = pathinfo($_FILES[$field]['name'], PATHINFO_EXTENSION);
$safeName = uniqid($document_type . '_', true) . '.' . $ext;
$dest = $upload_dir . $safeName;
// Move uploaded file to destination
if (move_uploaded_file($_FILES[$field]['tmp_name'], $dest)) {
global $conn;
// Store the RELATIVE path in the DB (recommended), or use $dest if that is your convention
$stmt = $conn->prepare("INSERT INTO scientist_uploads (application_id, document_type, file_path) VALUES (?, ?, ?)");
$stmt->bind_param("iss", $application_id, $document_type, $dest);
$stmt->execute();
$stmt->close();
return $dest; // or return $safeName or $upload_dir . $safeName as needed
}
return null;
}
$upload_fields = [
['ssc_marksheet', 'SSC Marksheet', 1048576],
['hsc_marksheet', 'HSC Marksheet', 1048576],
['be_btech_marksheet', 'B.E._B.Tech. Marksheet', 1048576],
['me_mtech_marksheet', 'M.E._M.Tech. Marksheet', 1048576],
['bsc_marksheet', 'BSc Marksheet', 1048576],
['msc_marksheet', 'MSc Marksheet', 1048576],
['phd_certificate', 'Ph.D. Certificate', 1048576],
['photograph', 'Photograph', 102400],
['signature', 'Signature', 102400],
];
if ($category !== 'General') {
$upload_fields[] = ['category_certificate', 'Reserved Category Certificate', 1048576];
}
if ($disability === 'Yes') {
$upload_fields[] = ['disability_certificate', 'Disability Certificate', 1048576];
}
foreach ($upload_fields as [$field, $type, $max]) {
handleUpload($field, $application_id, $type, $max);
}
$date_only = date("dmY");
$registration_id = $date_only . "U" . $user_id . "A" . $ad_id . "P" . $post_id;
$outputPath = genScientistApplicationHtml($user_id, $post_id, $application_id, $registration_id, $ad_id);
// === 13. Insert into all_applications for dashboard tracking ===
$app_type = 'scientist';
$status = 'submitted';
$all_stmt = $conn->prepare("INSERT INTO all_applications (user_id,registration_id, post_id, ad_id, application_type, application_table_id, status, pdf_path) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
$all_stmt->bind_param("isiisiss", $user_id, $registration_id, $post_id, $ad_id, $app_type, $application_id, $status, $outputPath);
$all_stmt->execute();
$all_stmt->close();
$conn->commit();
$_SESSION['app_submitted'] = "True";
unset($_SESSION['active_post_id']);
// echo "SUCCESSFUL SUBMIT";
header("Location: dashboard.php?submitted=1");
exit;
} catch (Throwable $e) {
$conn->rollback();
// echo "<pre>Error: " . $e->getMessage() . "</pre>";
$_SESSION['flash'] = [$e->getMessage()];
header("Location: scientist_form.php?post_id=$post_id");
exit;
} finally {
$conn->close();
}
// header("Location: dashboard.php?submitted=1");
// exit;