Skip to content

API Documentation

Jump to bottom
Vishal Pawar edited this page Mar 20, 2026 · 1 revision

API Documentation

The EduManage backend uses a set of PHP-based API endpoints located in the /api directory to handle dynamic actions and data processing.

πŸ“‘ Endpoints Overview

πŸ“‹ 1. Course Management (/api/course_action.php)

Handles all administrative and instructor actions related to courses.

  • POST action=add: Creates a new course record with image upload support.
  • POST action=edit: Updates an existing course record.
  • POST action=delete: Permanently removes a course.

🎲 2. Instructor Randomization (/api/randomize_instructors.php)

An administrative tool to shuffle assignments for testing.

  • GET: Safely reassigns all active courses to a random pool of active instructors.

πŸ“₯ 3. Data Import (/api/import_courses.php, /api/import_users.php)

Supports bulk data operations via CSV files.

  • POST: Validates CSV structure, sanitizes input, and performs bulk inserts into the database.

πŸŽ“ 4. Student Enrollment (/api/enroll.php)

Manages the relationship between students and academic content.

  • POST: Validates student session, checks for duplicate enrollment, and records the new entry.

πŸ› οΈ Security for APIs

Every endpoint is protected by:

  • Role Verification: Calls to requireRole() ensure only authorized users can trigger API actions.
  • Input Sanitization: All incoming data is passed through the sanitize() helper to prevent XSS and tag injection.
  • Prepared Statements: All data persistence is handled via PDO to prevent SQL injection.

Β© 2026 EduManage CMS | Premium Course Management Platform
Maintained by Vishal Pawar

πŸ“– Navigation

πŸ›‘οΈ Core Resources

Clone this wiki locally