EduManage Pro LMS - Master System Documentation

Version: 5.0 (Consolidated & Final)
System: EduManage Pro Learning Management System
Stack: PHP (8.x), MySQL, Vanilla CSS/Bootstrap

DB: DB
UI: UI
System: User Mgt

1. System Overview & Philosophy

EduManage Pro is a modular, web-based Learning Management System (LMS) designed to manage users, courses, assignments, assessments, and communication. It utilizes an Object-Oriented Programming (OOP) approach with a Modular MVC-Lite architecture.

Core Philosophy

Modular Design: Features are self-contained within specific module folders (e.g., modules/course/, modules/user/).
Separation of Concerns:
- UI (View): PHP files rendering HTML/Bootstrap.
- Actions (Controller): Scripts handling data logic and form processing.
- Classes (Model): Business logic and database interaction.
Security by Design: Implementation of PDO prepared statements, Bcrypt encryption, and Role-Based Access Control (RBAC).
Role-Based Access: System access is controlled based on user roles (Admin, Teacher, Student, Parent).

2. Architecture & Design Pattern

The system follows a Model-View-Controller (MVC) Lite pattern tailored for PHP.

Architectural Layers

The Data Layer (Model): Located in includes/classes/. Each file represents a real-world entity (e.g., User.php, Course.php).
The Logic Layer (Controller): Located in modules/[module]/actions/. These scripts process form submissions (POST requests) and interact with the Classes.
The Presentation Layer (View): Located in the module root folders. These are the PHP files rendered in the browser.

Fundamental Data Flow

Request: User interacts with a UI file (e.g., form.php).
Action: Form submits data to an action script (e.g., save_action.php).
Class: Action script instantiates a Class and calls a method (e.g., Course->update()).
Database: Class uses PDO to execute SQL on MySQL.
Response: User is redirected back to a UI file with a status message.

Diagram Note: The following Mermaid code represents the General Request Lifecycle. To visualize this, copy the code into a Mermaid live editor or ensure your Blogger theme supports Mermaid JS.

sequenceDiagram
    participant User
    participant UI as View (modules/course/form.php)
    participant Action as Controller (actions/save_action.php)
    participant Class as Model (includes/classes/Course.php)
    participant DB as Database (MySQL)

    User->>UI: Fills Form & Clicks Submit
    UI->>Action: POST Data
    Action->>Action: Validate Input & Check Permissions
    Action->>Class: Instantiate Course($db) & Call create()/update()
    Class->>DB: Execute PDO Prepared Statement
    DB-->>Class: Return Result
    Class-->>Action: Return Success/Failure
    Action->>UI: Redirect (header("Location: ..."))
    UI-->>User: Display Success Message

3. Global Directory Structure

The project is organized into four main directories:

Directory	Purpose
`assets/`	Static files: Global CSS (`style.css`), JavaScript libraries, and Icons.
`includes/`	The Core: Database connection, Header/Footer/Sidebar, and Core Classes (`classes/`).
`modules/`	The Features: Every system feature (Course, Student, User, etc.) has its own sub-directory here.
`uploads/`	Storage: Sub-folders for avatars, course materials, assignment submissions, and recordings.

Key Files in `includes/`

header.php: Included in every page. Initializes sessions, database connection ($db), and checks user permissions via the Role class.
sidebar.php: Generates the navigation menu dynamically based on $_SESSION['user_role_id'].
footer.php: Standardized page footer and JavaScript inclusions.
classes/: Contains PHP classes handling business logic.

4. Core Classes (`includes/classes/`)

These files contain the business logic. For every major feature, there is a corresponding class.

Class File	Purpose
`Database.php`	Singleton-style PDO connection management.
`User.php`	Authentication, registration, profile updates, and encryption.
`Course.php`	CRUD for courses, instructors, and module synchronization.
`Assessment.php`	Base class for quizzes and assignments.
`Quiz.php`	Handles quiz creation, questions, and attempt submissions.
`Assignment.php`	Manages assignment creation and file attachments.
`Gradebook.php`	Central logic for retrieving and saving student scores.
`Enrollment.php`	Connects students to courses; tracks status.
`Analytics.php`	Aggregates system-wide data for dashboard visualization.
`LiveClass.php`	Handles scheduling and recording links for live sessions.
`Message.php`	Logic for private messages and forum threads/posts.
`Guardian.php`	Manages the student-parent relationship.
`Role.php`	Manages permissions and feature access for user types.

5. Module Breakdown (Granular Guide)

Each module follows a consistent structure: UI Files (Views) and Action Files (Controllers).

A. User Management (`modules/user/`)

Responsible for accounts, authentication, and role-based access.

UI Files: login.php, register.php, users.php, user_view.php, user_edit.php, roles.php, import.php, manage_children.php.
Action Files: user_register.php, user_update.php, user_delete.php (Soft delete), role_action.php, import_action.php, manage_children_action.php.

B. Course Management (`modules/course/`)

The core of the LMS—where teachers build their classes.

UI Files: courses.php, form.php, materials.php, enrollment.php.
Action Files: add_course_action.php, update_course_action.php, delete_course_action.php, enroll_student_action.php, upload_material_action.php.

C. Assessment & Grading (`modules/assessment/`)

Handles quizzes, assignments, and the gradebook.

UI Files: assignments.php, quizzes.php, gradebook.php.
Action Files: create_assignment_action.php, create_quiz_action.php, save_grade_action.php.

D. Communication (`modules/communication/`)

UI Files: messages.php, forums.php, announcements.php.
Action Files: send_message.php, create_thread.php, create_announcement.php.

E. Classroom (`modules/classroom/`)

UI Files: live.php, recordings.php.
Action Files: schedule_class_action.php, update_recording_action.php.

F. Student & Parent Portals

Student (modules/student/): dashboard.php, course_view.php, take_quiz.php, submit_assignment.php.
Parent (modules/parent/): progress.php, communication.php.

6. Data Flow & Engineering

Technical Deep Dive: User Registration Flow

This section details the specific engineering behind user registration, highlighting security and data integrity.

Diagram Note: Copy the code below into a Mermaid renderer to visualize the User Registration Flow.

flowchart TD
    A[User fills register.php] -->|POST Data| B[actions/user_register.php]
    B --> C{Validation Check}
    C -->|Fail| D[Return Error JSON]
    C -->|Pass| E[Check Uniqueness]
    E -->|Email Exists| D
    E -->|Unique| F[Call User->register($data)]
    F --> G[Begin SQL Transaction]
    G --> H[Insert into 'users' table]
    H --> I{Insert Success?}
    I -->|No| J[Rollback Transaction]
    I -->|Yes| K[Insert into 'user_profiles' table]
    K --> L{Insert Success?}
    L -->|No| J
    L -->|Yes| M[Commit Transaction]
    M --> N[Hash Password via Bcrypt]
    N --> O[Redirect to Login]

Data Storage (`uploads/`)

Files uploaded by users are stored in specific sub-directories:

assignments/: Teacher-uploaded handouts.
submissions/: Student-uploaded assignment turn-ins.
materials/: General course resources.
avatars/: User profile pictures.

7. Security & Coding Standards

1. Database Security

PDO Prepared Statements: Never write raw SQL in UI files. Always use :placeholder in Classes to prevent SQL Injection.

// Correct Usage in Class
$query = "SELECT * FROM users WHERE email = :email";
$stmt = $this->conn->prepare($query);
$stmt->bindParam(':email', $email);

Transactions: Use SQL transactions for multi-table operations (e.g., users and user_profiles) to prevent orphaned data.

2. Input/Output Security

XSS Prevention: Always wrap echoed user data with htmlspecialchars().
```
echo htmlspecialchars($user['username'], ENT_QUOTES, 'UTF-8');
```
Password Encryption: Passwords are never stored as text.
- Storage: password_hash($password, PASSWORD_DEFAULT)
- Verification: password_verify($input, $hash)

3. Session & Access Control

Header Initialization: Every page includes includes/header.php, which starts the session and checks permissions via the Role class.
Redirect After Post: After an action script finishes, always use header("Location: ...") to prevent "form resubmission" errors on refresh.

8. Beginner's Tips & Best Practices

Start at header.php: To understand system startup, security, or session management, examine this file first.
Check Database.php: Ensure DB credentials are correct when setting up locally.
Follow the Sidebar: Look at includes/sidebar.php to understand how menu items link to different modules based on roles.
Use the Classes: Never write raw SQL in your UI files. Always add a method to the relevant class in includes/classes/.
Soft Deletes: We never actually delete user data. We set a timestamp (deleted_at = NOW()) to allow for data recovery.
Sorting: Managed via SQL ORDER BY and UI-side DataTables for real-time sorting.

Documentation Consolidated from Versions 1.0 - 5.0
EduManage Pro LMS Development Team

📘 EduManage Pro LMS - Technical Documentation

Version: 4.0 (Comprehensive Guide) | Stack: PHP 8.x, MySQL, Bootstrap

🔑 Key Files in `includes/`

header.php: Initializes the session, database connection ($db), and handles authentication/permissions for every page.
sidebar.php: Defines the navigation menu dynamically based on $_SESSION['user_role_id'].
classes/: Contains PHP classes that handle business logic (e.g., User.php for login/registration, Course.php for course management).

📦 Module Breakdown (Granular Guide)

A. User Management (`modules/user/`)

🖥️ UI Files:

login.php - User authentication interface
register.php - Registration form with role selection
users.php - Table view of all users with search/filter
user_view.php - Read-only detailed profile view
user_edit.php - Multi-tab form for updating profile, password, settings
roles.php - List of system roles and their permissions
manage_children.php - Interface for parents to link accounts to students

⚙️ Action Files (`modules/user/actions/`):

user_register.php - Validates and persists new user accounts
user_update.php - Processes profile changes and redirects
user_delete.php - Removes a user account (Soft delete)
role_action.php - Updates permissions assigned to a specific role
import_action.php - Processes CSV uploads for bulk user registration
manage_children_action.php - Links students to a guardian (Parent) account

B. Course & Content (`modules/course/`)

courses.php - Grid/Table view of all courses
form.php - Unified form for adding and editing courses
materials.php - Interface for managing course handouts and links
enrollment.php - Form to enroll students into a course
Actions: add_course_action.php, upload_material_action.php, enroll_student_action.php

C. Assessment & Grading (`modules/assessment/`)

assignments.php - Management dashboard for teacher-created assignments
quizzes.php - Dashboard for managing online quizzes
gradebook.php - Interactive table for entering grades
Actions: create_quiz_action.php, save_grade_action.php

💡 Other modules like Classroom, Student, and Communication follow the same UI/Action pattern.

🏗️ Architecture & Coding Structure

The system follows a classic Model-View-Controller (MVC) Lite pattern:

A. The Data Layer (Model)

Located in includes/classes/. Each file represents a real-world entity.

Example: Database.php handles the PDO connection to MySQL. User.php contains methods like login() and register().

B. The Logic Layer (Controller)

Located in modules/[module_name]/actions/. These files process form submissions (POST requests) and interact with the classes.

Flow: UI Form → Action Script → Class Method → Database

C. The Presentation Layer (View)

Located in the main folder and modules/. These are the PHP files the user sees in their browser.

Example: index.php (Dashboard), modules/course/courses.php (Course List)

🔍 Deep Dive: User Module Engineering

A. How Data Saves to Database (Flow)

UI Layer (register.php): The user enters data (Full Name, Email, Password). The form uses POST to send data to the action script.
Action Layer (modules/user/actions/user_register.php):
- Validation: Checks if required fields are empty.
- Lookup: Calls $user->emailExists() and $user->usernameExists() to ensure uniqueness.
- File Handling: If a profile photo is uploaded, it is moved to uploads/profile/ and a record is created in the files table.
Class Layer (includes/classes/User.php):
- The action script calls $user->register($data).
- Transaction: The class uses $this->conn->beginTransaction() to ensure that both the users and user_profiles tables are updated, or neither is (Atomicity).
Persistence (SQL): The class uses prepared statements to insert data safely.

B. Coding Style & Security

1. Encryption (Password Security)

We use the industry-standard PASSWORD_DEFAULT (Bcrypt) algorithm.

Saving: When registering, we use password_hash($password, PASSWORD_DEFAULT).
Verifying: During login, we fetch the hash from the DB and use password_verify($entered_password, $stored_hash).

// Sample from User.php
$password_hash = password_hash($data['password'], PASSWORD_DEFAULT);

// ... later in login() ...
if ($user && password_verify($password, $user['users_password_hash'])) {
   return $user; // Success
}

2. Database Operations (CRUD)

INSERT: Performed in register() using a transaction.
SELECT: Performed in getAllUsers(). Uses LEFT JOIN to combine users, user_profiles, and roles tables.
UPDATE: Performed in updateUser(). Updates core account and profile details separately.
DELETE: We use Soft Deletes. Instead of removing the row, we set users_deleted_at = NOW(). This allows for data recovery.
SORT: Handled via SQL ORDER BY u.users_created_at DESC and UI-side using DataTables (jQuery) for real-time sorting.

3. Data Validation

Validation happens in the Action script before bothering the database:

if (empty($data['email']) || empty($data['password'])) {
   $response['message'] = 'Required fields are missing.';
   echo json_encode($response);
   exit;
}

C. Example: Database Interaction Component

The code uses PDO (PHP Data Objects) with named placeholders like :email to prevent SQL Injection attacks.

$query = "SELECT users_id FROM users WHERE users_email = :email";
$stmt = $this->conn->prepare($query);
$stmt->bindParam(':email', $email);
$stmt->execute();

🧩 Core Classes Overview

Class	Purpose
`Database`	Manages the PDO connection
`User`	Handles authentication, profile management, and permissions
`Course`	Manages course creation, updates, and materials
`Analytics`	Fetches dashboard statistics and logs recent activity
`Enrollment`	Tracks which students are in which courses
`Role`	Manages permissions and feature access for different user types

🔄 Modules & Data Flow

Each module follows a consistent structure. Let's look at the Course Module as an example:

Module Structure (`modules/course/`)

courses.php - Displays a list of all courses
form.php - UI for adding or editing a course
enrollment.php - Manages student lists for a course
actions/ - Contains scripts like course_save_action.php which handle the actual database saving

How Data Flows (Example: Saving a Course)

User Input: User fills out the form in modules/course/form.php.
Submission: The form submits data via POST to modules/course/actions/course_save_action.php.
Processing: The action script creates a new Course($db) object and calls $course->update() or $course->create().
Persistence: The class interacts with the MySQL database via PDO.
Feedback: The script redirects the user back to courses.php with a success message.

🎓 Beginner's Tips

✅ Start at header.php: If you want to understand how the system starts up or how security works, look here.
✅ Check Database.php: Make sure your DB credentials are correct if you're setting this up locally.
✅ Follow the Sidebar: Look at includes/sidebar.php to see how the menu items link to different modules.
✅ Use the Classes: Never write raw SQL in your UI files. Always add a method to the relevant class in includes/classes/.

Generated for EduManage Pro LMS Beginners Guide
Comprehensive Technical Documentation v4.0

🚀 Master GCE O/L A/L ICT | Your IT Degree with Expert Guidance!

Online Individual & Group Classes in English | Sinhala | Tamil

Struggling with assignments, projects, or exams? Get personalized support tailored for BIT (University of Moratuwa), UCSC, and other IT degree students in Sri Lanka.

✨ What You'll Get

✅ Live Online Classes (Individual or Group)
✅ Sample Projects & Assignments (PHP, MySQL, Java, Python, Web Dev)
✅ Past Exam Papers + Model Answers
✅ Easy-to-Follow Tutorials & Study Notes
✅ Final Year Project Guidance – From Idea to Implementation
✅ Doubt-Clearing Sessions & Exam Prep Strategies

🌍 Taught in Your Preferred Language

English | Sinhala | Tamil

📞 Get Started Today!

Call / WhatsApp: +94 72 962 2034

Email: itclasssl@gmail.com

Quick response guaranteed! Share your syllabus or project topic, and we'll craft a learning plan just for you.

🔗 Free Resources & Community Links

Tags: #BIT #UCSC #UniversityOfMoratuwa #ITClassesSriLanka #PHPProject #MySQL #FinalYearProject #OnlineTuition #SinhalaMedium #TamilMedium #ProgrammingHelp #WebDevelopment

Main Menu

Friday, February 27, 2026