Go Back

Brookhaven Colleigiate Institute : Student Database

Enter your credentials

For this DEMONSTRATION DATABASE, the logins are
admin, teamMember, generic.

The password for all three is "FloralCanoe"
(but it might be changed by users).

The SQL database will be restored to its original condition each Wednesday and Saturday nights.
Username:
Password:  
This is a database program that has three purposes:
  1. It provides a quick way to see students' timetables and photos.
  2. It provides a handy way that staff can record teacher contacts with students (especially during the pandemic). It is used as a medium to facilitate communication between staff (and also administration) to help track student progress.
  3. It is also used by the "At Risk team" or "Student Success Team". This team can record more detailed comments about at-risk students. This intra-team communication tool is used for their team meetings.
There are three categories of users:
  1. admin: The admins can add more team member users. They can also see the reports, as well as see all of the comments and next steps for the at-risk students. The team admins are the only ones who can perform certain functions on the At-Risk student information. They can highlight the names (for discussion at the next team meeting), add students to the at-risk list, remove them from the list, etc.
  2. team member: Team members have their own personal logins and passwords. They can read and add comments to at-risk students. They can also see the reports. Along with admin, they can edit student information (which will remain until the next update of student data).
  3. generic teacher: This is a user who has no access whatsoever to the At-Risk comment side of things. The generic teacher can only add in student contact information.
Security:
  • Users can change their own passwords (they login with a generic password when their account is created). All passwords are hashed and salted before storing.
    $hashPassword = password_hash($newpass, PASSWORD_DEFAULT);
  • All database queries involving user input are done with prepared statements.
  • We have not thought it worth creating a specific login for every single teacher, since our staff is so large, but it wouldn't be out of the question.
  • All comments entered are not able to be subsequently modified.
  • All comments and next steps entered on the At-Risk page are encrypted before they are stored (AES_encrypt), password is 32 character random alphanumeric string (generated upon installation).

Data source:
For this demonstration database: random first names were generated (and attempted to match with gender), random last names were generated, random student numbers were generated (9 digits, beginning with 3, all unique). Random birthdays were generated for students. Random phone numbers and guardian emails were generated. Photos are of actual students, but their student numbers have been randomly generated. Teacher names are randomly generated. Actual course codes and timetables were used as it wasn't really necessary to generate fake ones.