3279308836
/
LRR
forked from mrlan/LRR
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

merge into: 3279308836:SeleniumIbrahim-Ibrahim
Branches Tags
3279308836:Bug200-Ward
3279308836:SeleniumIbrahim-Ibrahim
3279308836:master
3279308836:SeleniumIbrahimUpdate-Ibrahim
3279308836:Bug37-Dmytro
3279308836:bug231-Ibrahim
3279308836:bug312-Golden
3279308836:Bug203-Hui
3279308836:Hui-improve-README.md
3279308836:Hui-UserDoc
3279308836:Hui-DeleteUnnecessaryImages
3279308836:ProjectHomePage
3279308836:Hui-Bug330
3279308836:Hui-CodeIndentation
3279308836:Hui-Bug29
3279308836:Hui-Bug337
3279308836:SIMPLICITY_link
3279308836:Hui-IndentCode
3279308836:Mabasa-bugfix-199
3279308836:Mabasa-readmefix
3279308836:Mvondo-bugfix-21
3279308836:Hui-LecturerEmail
3279308836:SIMPLICITY_Bug-189_Course_Delete_btn
mrlan:Hui-Organize
mrlan:Bug193-Martha
mrlan:Bug430-Eden
mrlan:Bug486-Nartey
mrlan:Nartey-Testscript
mrlan:Eden-Testscript
mrlan:BUG352-NEIL2
mrlan:Bug352-Neil-Revised
mrlan:Bug418-Yaaqob
mrlan:update-MPIANA-tests
mrlan:Bug418-YAAQOB-MPIANA
mrlan:Bug557-Ayoub
mrlan:BUG352-NEIL
mrlan:Bug430-Eden2
mrlan:nar
mrlan:master
mrlan:Hui-improve-README.md
mrlan:Bug469-Hui
mrlan:Bug519-Hui
mrlan:Refactor-Moyo
mrlan:Bug469-kingsley
mrlan:Bug457-YAAQOB
mrlan:Bug510-Abdulai
mrlan:Bug485-Abdulai
mrlan:Xuxuan
mrlan:Bug196-Ward
mrlan:Bug404-Edson
mrlan:niweicong-bug-458-revised
mrlan:Bug34-Lamashevskyi
mrlan:Bug418-Lamashevskyi
mrlan:Bug37-Dmytro
mrlan:Bug_461_Martha
mrlan:niweicong-bug-458&459
mrlan:SPM-Zayid-468
mrlan:Bug23-Haji
mrlan:bug23-Haaji
mrlan:SMP-ZAYID-468-FEATURE
mrlan:LiangLigang
mrlan:Bug256-Umar
mrlan:Bug246-Petros
mrlan:AutoTesting-Golden
mrlan:IDVerificationBug-Golden
mrlan:Bug200-Ward
mrlan:SeleniumIbrahim-Ibrahim
mrlan:SeleniumIbrahimUpdate-Ibrahim
mrlan:bug231-Ibrahim
mrlan:bug312-Golden
mrlan:Bug203-Hui
mrlan:Hui-UserDoc
mrlan:Hui-DeleteUnnecessaryImages
mrlan:ProjectHomePage
mrlan:Hui-Bug330
mrlan:Hui-CodeIndentation
mrlan:Hui-Bug29
mrlan:Hui-Bug337
mrlan:SIMPLICITY_link
mrlan:Hui-IndentCode
mrlan:Mabasa-bugfix-199
mrlan:Mabasa-readmefix
mrlan:Mvondo-bugfix-21
mrlan:Hui-LecturerEmail
mrlan:SIMPLICITY_Bug-189_Course_Delete_btn
mrlan:sunflower
...
pull from: mrlan:master
Branches Tags
mrlan:Hui-Organize
mrlan:Bug193-Martha
mrlan:Bug430-Eden
mrlan:Bug486-Nartey
mrlan:Nartey-Testscript
mrlan:Eden-Testscript
mrlan:BUG352-NEIL2
mrlan:Bug352-Neil-Revised
mrlan:Bug418-Yaaqob
mrlan:update-MPIANA-tests
mrlan:Bug418-YAAQOB-MPIANA
mrlan:Bug557-Ayoub
mrlan:BUG352-NEIL
mrlan:Bug430-Eden2
mrlan:nar
mrlan:master
mrlan:Hui-improve-README.md
mrlan:Bug469-Hui
mrlan:Bug519-Hui
mrlan:Refactor-Moyo
mrlan:Bug469-kingsley
mrlan:Bug457-YAAQOB
mrlan:Bug510-Abdulai
mrlan:Bug485-Abdulai
mrlan:Xuxuan
mrlan:Bug196-Ward
mrlan:Bug404-Edson
mrlan:niweicong-bug-458-revised
mrlan:Bug34-Lamashevskyi
mrlan:Bug418-Lamashevskyi
mrlan:Bug37-Dmytro
mrlan:Bug_461_Martha
mrlan:niweicong-bug-458&459
mrlan:SPM-Zayid-468
mrlan:Bug23-Haji
mrlan:bug23-Haaji
mrlan:SMP-ZAYID-468-FEATURE
mrlan:LiangLigang
mrlan:Bug256-Umar
mrlan:Bug246-Petros
mrlan:AutoTesting-Golden
mrlan:IDVerificationBug-Golden
mrlan:Bug200-Ward
mrlan:SeleniumIbrahim-Ibrahim
mrlan:SeleniumIbrahimUpdate-Ibrahim
mrlan:bug231-Ibrahim
mrlan:bug312-Golden
mrlan:Bug203-Hui
mrlan:Hui-UserDoc
mrlan:Hui-DeleteUnnecessaryImages
mrlan:ProjectHomePage
mrlan:Hui-Bug330
mrlan:Hui-CodeIndentation
mrlan:Hui-Bug29
mrlan:Hui-Bug337
mrlan:SIMPLICITY_link
mrlan:Hui-IndentCode
mrlan:Mabasa-bugfix-199
mrlan:Mabasa-readmefix
mrlan:Mvondo-bugfix-21
mrlan:Hui-LecturerEmail
mrlan:SIMPLICITY_Bug-189_Course_Delete_btn
3279308836:Bug200-Ward
3279308836:SeleniumIbrahim-Ibrahim
3279308836:master
3279308836:SeleniumIbrahimUpdate-Ibrahim
3279308836:Bug37-Dmytro
3279308836:bug231-Ibrahim
3279308836:bug312-Golden
3279308836:Bug203-Hui
3279308836:Hui-improve-README.md
3279308836:Hui-UserDoc
3279308836:Hui-DeleteUnnecessaryImages
3279308836:ProjectHomePage
3279308836:Hui-Bug330
3279308836:Hui-CodeIndentation
3279308836:Hui-Bug29
3279308836:Hui-Bug337
3279308836:SIMPLICITY_link
3279308836:Hui-IndentCode
3279308836:Mabasa-bugfix-199
3279308836:Mabasa-readmefix
3279308836:Mvondo-bugfix-21
3279308836:Hui-LecturerEmail
3279308836:SIMPLICITY_Bug-189_Course_Delete_btn
mrlan:sunflower

48 Commits
SeleniumIb ... master

Author SHA1 Message Date
mrlan 244af4c11b Hui-improve-README.md (#56) 
More detail on installation.

Co-authored-by: Lan Hui <1348141770@qq.com>
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/56
Co-authored-by: mrlan <mrlan@noreply.121.4.94.30>
Co-committed-by: mrlan <mrlan@noreply.121.4.94.30>
 2023-07-30 16:29:50 +08:00
mrlan 0539b7053a Bug469-Hui (#55) 
修复 [Bug 469](http://118.25.96.118/bugzilla/show_bug.cgi?id=469)
修改 SESSION 的键名,使其更合适。

Hui

Co-authored-by: Hui Lan <lanhui@zjnu.edu.cn>
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/55
Co-authored-by: mrlan <mrlan@noreply.121.4.94.30>
Co-committed-by: mrlan <mrlan@noreply.121.4.94.30>
 2023-01-20 17:43:30 +08:00
mrlan f4c373611b Merge pull request 'Fix typos listed in Bug 519.' (#54) from Bug519-Hui into master 
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/54
 2023-01-19 21:26:31 +08:00
Hui Lan d94421a160 Fix typos listed in Bug 519. 2023-01-19 18:30:04 +08:00
mrlan a02b3bec4b YAAQB: this commit fixes Bug 457 - Can't remove a group or group member in LRR (#53) 
Demo video shows that the modification works

Co-authored-by: Hui Lan <lanhui@zjnu.edu.cn>
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/53
Co-authored-by: mrlan <mrlan@noreply.121.4.94.30>
Co-committed-by: mrlan <mrlan@noreply.121.4.94.30>
 2023-01-19 18:22:39 +08:00
Adjei Kingsley 3214b26d5d changed info_Remarking to Reflect 2022-12-22 05:57:20 +08:00
Adjei Kingsley f76cc2eb49 add confirm ID and student valid ID 2022-12-22 05:50:32 +08:00
mrlan f7f9558721 Bug510-Abdulai (#51) 
- Fixed Bug 510

- Updated with Pull Request 49 (i.e., changes from the branch Bug485-Abdulai).

@abdulai

Please double check the updated branch Bug510-Abdulai still works.

Hui

Co-authored-by: GaoxingAbdullah <abduldoobia@yahoo.com>
Co-authored-by: Hui Lan <lanhui@zjnu.edu.cn>
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/51
Co-authored-by: mrlan <mrlan@noreply.121.4.94.30>
Co-committed-by: mrlan <mrlan@noreply.121.4.94.30>
 2022-12-19 19:24:06 +08:00
YAKUBU ABDULAI 1e8533090f Admin.php - Fixed Bug 485 Lecturer should not have the administration panel that allows him to create other Lecturer accounts (#49) 
Co-authored-by: GaoxingAbdullah <abduldoobia@yahoo.com>
Co-authored-by: Hui Lan <lanhui@zjnu.edu.cn>
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/49
Co-authored-by: YAKUBU ABDULAI <abduldoobia@yahoo.com>
Co-committed-by: YAKUBU ABDULAI <abduldoobia@yahoo.com>
 2022-12-01 21:41:27 +08:00
徐宣 74a8a68ee9 Xuxuan (#48) 
Co-authored-by: Xuxuan <1683793776@qq.com>
Co-authored-by: Hui Lan <lanhui@zjnu.edu.cn>
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/48
Co-authored-by: 徐宣 <1683793776@qq.com>
Co-committed-by: 徐宣 <1683793776@qq.com>
 2022-11-08 15:24:36 +08:00
YEBOAH MARTHA ASAMOAH e9a7af1059 Fixed wrong password alert (#43) 
The session start() function was on the wrong line in the logout.php file. I just changed it to the appropriate line of code, before the session destroy() function.

Co-authored-by: WhyteAsamoah <whyteasamoahgyamfi@outlook.com>
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/43
Co-authored-by: YEBOAH MARTHA ASAMOAH <3534763826@qq.com>
Co-committed-by: YEBOAH MARTHA ASAMOAH <3534763826@qq.com>
 2022-07-02 21:44:23 +08:00
mrlan 6831fdcd0f Merge pull request 'Fixed bug196 - Bizarre options on "list courses by faculty" dropdown list' (#46) from Bug196-Ward into master 
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/46
 2022-06-20 07:03:43 +08:00
ileaderx 868f5854a2 Fixed the Bug produced by fixing Bug196 2022-06-20 00:15:04 +03:00
ileaderx 8a47d3733c Fixed bug196 2022-06-19 15:49:56 +03:00
EDSON NYONI 0065489fcb Bug 404 Edson 201938330189 (#42) 
Writing the course code in lower letters, results in "No results found for your Search" i solved this issue by adding  $search=strtoupper($_GET['search']); line in courses.php file

Co-authored-by: edson <edsonnyoni92@gmail.com>
Co-authored-by: Lan Hui <lanhui@zjnu.edu.cn>
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/42
Co-authored-by: EDSON NYONI <edsonnyoni92@gmail.com>
Co-committed-by: EDSON NYONI <edsonnyoni92@gmail.com>
 2022-06-17 23:33:39 +08:00
mrlan 3bff64f400 Merge pull request 'update' (#45) from Hui-improve-README.md into master 
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/45
 2022-06-17 23:31:22 +08:00
Lan Hui 423010d225 update 2022-06-17 23:19:00 +08:00
mrlan 4dc9efc7b9 Merge pull request 'niweicong-bug-458-revised' (#44) from niweicong-bug-458-revised into master 
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/44
 2022-06-17 22:46:07 +08:00
Lan Hui fa1932c95c Max input length set to 11 characters. 2022-06-17 22:42:08 +08:00
Lan Hui f004756f3d Merge branch 'niweicong-bug-458&459' of http://121.4.94.30:3000/mrlan/LRR into niweicong-bug-458 2022-06-17 22:30:50 +08:00
Lan Hui 69a2da76c7 Merge branch 'master' of http://121.4.94.30:3000/mrlan/LRR 2022-06-17 22:24:03 +08:00
mrlan b0f1f313d6 Merge pull request 'pull request from SPM-Zayid-468 , Adding Filters On Course Search' (#38) from SPM-Zayid-468 into master 
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/38
 2022-06-17 22:22:57 +08:00
Lan Hui dd87db0c3c Merge branch 'master' of http://121.4.94.30:3000/mrlan/LRR 2022-06-17 22:13:20 +08:00
mrlan f0109db692 Merge pull request 'BUG23 FIXED' (#37) from Bug23-Haji into master 
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/37
 2022-06-17 22:12:51 +08:00
Lan Hui 38d398a693 Merge branch 'Hui-NoEmail' 2022-06-17 22:08:29 +08:00
Lan Hui 1fc6061e19 nothing to say 2022-06-17 22:02:40 +08:00
Lan Hui 8ecab98e21 git reset HEAD^ twice. 2022-06-17 21:58:14 +08:00
倪伟聪 4624186f50 Merge branch 'master' into niweicong-bug-458&459 2022-06-14 13:58:05 +08:00
倪伟聪 5c34bde3ca 上传文件至 '' 2022-06-14 13:57:49 +08:00
倪伟聪 a9d9f4a345 上传文件至 '' 2022-06-14 13:55:47 +08:00
倪伟聪 1c479d525b 更新 'Courses.php' 2022-06-14 13:54:41 +08:00
倪伟聪 639695bfb9 Merge pull request '上传文件至 ''' (#39) from niweicong-bug-458&459 into master 
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/39
 2022-06-14 13:47:32 +08:00
倪伟聪 3f302822e2 上传文件至 '' 2022-06-14 13:37:44 +08:00
SayidCali jamac bd8062502b show current academic courses and order them 
Implemented filters for the following:
Case 1: the user has entered something under "Find course by Code".
List the courses whose course code matches the entered course code, in reverse chronological order.

Case 2: the user has not entered something under "Find course by Code".
If there is a value for "List courses by faculty", list all courses that belong to the entered faulty, in reverse chronological order.

Otherwise, list the student's joined courses (already done), in reverse chronological order.
 2022-06-11 09:44:34 +03:00
SayidCali jamac ded10c1ff8 Revert "courses filter current year and ordering" 
This reverts commit eee1a5e8ad.
 2022-06-11 08:44:42 +03:00
SayidCali jamac eee1a5e8ad courses filter current year and ordering 2022-06-11 08:24:52 +03:00
hajigeek 035b92a053 cursor:auto 2022-06-09 19:46:47 +08:00
hajigeek 60471610a2 English typo is corrected 2022-06-06 17:40:31 +08:00
hajigeek ff1384f341 English typo is corrected 2022-06-03 09:19:10 +08:00
hajigeek a4dce34b92 English typo error is corrected 2022-06-03 09:09:51 +08:00
hajigeek 6860d7618f bug23-fixed 2022-05-28 11:01:19 +08:00
hajigeek c4f4dec22e BUG22 FIXED 2022-05-25 09:07:59 +08:00
梁立港 15a96c1b68 Merge pull request '“修改了部分bug”' (#36) from LiangLigang into master 
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/36
 2022-05-23 14:54:09 +08:00
bmth eb532d10af “LiangLigang” 2022-05-19 12:35:27 +08:00
HAYATU UMAR FARUQ 5fa0c1e040 Set session duration to 2 hours (#33) 
This pull request is for extending the login session duration to 2 hours as reported in [Bug256](http://118.25.96.118/bugzilla/show_bug.cgi?id=256).

Co-authored-by: faruq <hufarouq01@gmail.com>
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/33
Co-authored-by: HAYATU UMAR FARUQ <hufarouq01@gmail.com>
Co-committed-by: HAYATU UMAR FARUQ <hufarouq01@gmail.com>
 2022-04-20 20:14:02 +08:00
mrlan 8b91a8ed7f Merge pull request 'Fix the id number verification bug' (#31) from IDVerificationBug-Golden into master 
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/31
 2021-12-14 12:46:18 +08:00
mrlan 3f81266852 Merge pull request 'Update 3: test cases 07-16' (#30) from SeleniumIbrahim-Ibrahim into master 
Reviewed-on: http://121.4.94.30:3000/mrlan/LRR/pulls/30
 2021-12-14 12:45:51 +08:00
Goldenbwuoy dd75c24a30 Fix the id number verification bug 2021-12-13 12:00:06 +08:00
20 changed files with 1686 additions and 1290 deletions
Show Stats Expand all files Collapse all files

1
.htaccess Normal file
View File

@ -0,0 +1 @@
allow from all

74
Admin.php
View File

@ -7,14 +7,15 @@ $page = "admin";
include 'Header.php';
?>
<?php
if ($_SESSION['user_type'] != "Lecturer") {
$_SESSION["info_login"] = "You must log in first.";
echo $_SESSION["info_login"];
header("Location: index.php");
// Only Lecturer or Admin could access this page
if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
die("Sorry. Nothing to see here.");
}
?>
<style>
.col-md-4 {
border-right: 1px solid skyblue;
@ -36,10 +37,21 @@ if ($_SESSION['user_type'] != "Lecturer") {
<hr>
-->
<div class="col-md-6">
<h4> User Account Management </h4>
<hr>
<b>Lecturer / TA Accounts </b><br>
<?php
if ($_SESSION['user_type'] == "Lecturer") {
echo " <h4> TA Account Management </h4>
<hr> " ;
echo "<b>TA Accounts </b><br>" ;
}
else if($_SESSION['user_type'] == "Admin"){
echo " <h4> Lecturer Account Management </h4>
<hr> ";
echo "<b>Lecturer Accounts </b><br>";
}
?>
<div class="container">
@ -65,20 +77,45 @@ if ($_SESSION['user_type'] != "Lecturer") {
<div id="home" class="container tab-pane active"><br>
<b>Create Lecturer/TA Accounts </b>
<?php
if ($_SESSION['user_type'] == "Lecturer") {
echo "<b>Create TA Accounts </b>";
}
else if($_SESSION['user_type'] == "Admin"){
echo "<b>Create Lecturer Accounts </b>";
}
?>
<form method="post" action="Script.php" id="create_account_form">
<input type="hidden" name="frm_createlecturrer" value="true" required="" />
Full_Name
Full Name
<input type="text" name="fullname" placeholder="Full Name" class="form-control" required="">
Email
<input type="text" name="email" placeholder="Email / Student Number" class="form-control" required="">
Passport_Number / ID (Used as Intial Password)
Passport Number / ID (Used as Initial Password)
<input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required="">
<br> User Type :
<input type="radio" name="type" value="Lecturer" required="" id="role_lecturer"> Lecturer
<input type="radio" name="type" value="TA" required="" id="role_TA"> T/A
<?php
if ($_SESSION['user_type'] == "Lecturer") {
echo ' <input type="radio" name="type" value="TA" required="" id="role_TA"> TA (Teaching Assistant) ';
}
else if($_SESSION['user_type'] == "Admin"){
echo " <input type='radio' name = 'type' value = 'Lecturer' required = '' id='role_lecturer' > Lecturer ";
}
?>
<input type="submit" class="btn btn-primary" value="Create" id="create_btn"><br>
<?php
error_reporting(E_ALL);
@ -112,10 +149,21 @@ if ($_SESSION['user_type'] != "Lecturer") {
</tr>
<?php
if ($_SESSION['user_type'] == "Lecturer") {
$result = mysqli_query(
$con,
"SELECT * FROM Users_Table WHERE UserType in ('Lecturer','TA')"
"SELECT * FROM Users_Table WHERE UserType in ('TA')"
);
}
else if($_SESSION['user_type'] == "Admin"){
$result = mysqli_query(
$con,
"SELECT * FROM Users_Table WHERE UserType in ('Lecturer')"
);
}
while ($row = mysqli_fetch_assoc($result)) {
$pass = $row['Passport_Number'];
$btn = "<button class='btn-primary' onclick=\"updatePass(" . $row['User_ID'] . ",'$pass')\">Reset</button>";

387
Course.php
View File

@ -2,6 +2,7 @@
include 'NoDirectPhpAcess.php';
?>
<?php
$page='Courses+';
include 'Header.php';
@ -9,8 +10,10 @@ $student_id = $_SESSION["user_student_id"];
$group_id = $_SESSION["user_group_id"];
$c_date = date("Y-m-d H:i");
if (!empty($_GET["url"])) {
$course_url = $_GET["url"];
if(!empty($_GET["url"]))
{
$course_url = mysqli_real_escape_string($con, $_GET["url"]);
$result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
. " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` "
. " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table"
@ -19,6 +22,7 @@ if (!empty($_GET["url"])) {
if(mysqli_num_rows($result)==0) {
echo "No course matching the given course URL: ".$course_url;
} else {
while($row = mysqli_fetch_assoc($result)) {
$name = $row['Course_Name'];
@ -53,9 +57,9 @@ if (!empty($_GET["url"])) {
<?php
if (isset($_SESSION['info_ReMarking'])) {
echo '<hr><div class="alert alert-info" role="alert" style="float:left;">' . $_SESSION['info_ReMarking'] . '</div>';
$_SESSION['info_ReMarking'] = null;
if (isset($_SESSION['info_general'])) {
echo '<hr><div class="alert alert-info" role="alert" style="float:left;">' . $_SESSION['info_general'] . '</div>';
$_SESSION['info_general']=null;
}
if (isset($_SESSION['info_courses'])) {
@ -66,9 +70,12 @@ if (!empty($_GET["url"])) {
</div>
<?php
if ($_SESSION['user_type'] == "Student") {
if( $_SESSION['user_type'] == "Student")
{
?>
<hr>
@ -90,88 +97,7 @@ if ($_SESSION['user_type'] == "Student") {
<a class="nav-link" data-toggle="tab" href="#menu3">Submitted</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu4" id="marked_tab">Marked</a>
</li>
<!----------Delete Course Button----------->
<li>
<html>
<body>
<div class="modal fade" id="delcourse">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h2 class="modal-title">Please confirm!</h2>
<button type="button" class="close red" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<div class="modal-body">
<p>Are you sure about deleting this course? This action can not be reversed!</p>
</div>
<div class="modal-footer">
<form method="POST" action="">
<button type="button" class="btn action-button blue" data-dismiss="modal">Cancel</button>
<input type="submit" name="submit" class="btn action-button red" value="Delete" />
</form>
</div>
</div>
</div>
</div>
</div>
<div class="row">
<div class="col">
<button type="button" class="btn action-button red" data-toggle="modal" data-target="#delcourse">Delete Course</button>
</div>
</div>
</div>
</div>
<?php
// Connect to MySQL database
$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
if (isset($_POST['submit'])) {
header("Location: Courses.php");
$result = mysqli_query($con, "DELETE FROM course_students_table WHERE Course_ID='$course_id'");
}
?>
<script src="https://code.jquery.com/jquery-3.2.1.slim.min.js" integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>
<style>
/*--------------------[ Delete Course Button ]*/
.action-button {
font-family: 'Pacifico', cursive;
font-size: 18px;
color: #FFF;
text-decoration: none;
}
.red {
background-color: #E74C3C;
border-bottom: 5px solid #BD3E31;
text-shadow: 0px -2px #BD3E31;
}
.blue {
background-color: #4d4dff;
border-bottom: 5px solid #4d4dff;
text-shadow: 0px -2px #4d4dff;
}
</style>
</body>
</html>
<a class="nav-link" data-toggle="tab" href="#menu4">Marked</a>
</li>
</ul>
@ -184,13 +110,15 @@ if ($_SESSION['user_type'] == "Student") {
$sql="SELECT course_group_members_table.Course_Group_id FROM course_group_members_table INNER JOIN course_groups_table ON course_group_members_table.Course_Group_id = course_groups_table.Course_Group_id WHERE course_group_members_table.Student_ID=$student_id and course_groups_table.Course_id=$course_id";
$resultx1 = mysqli_query($con, $sql);
while ($row = mysqli_fetch_assoc($resultx1)) {
while($row = mysqli_fetch_assoc($resultx1))
{
$_SESSION['group_id'] = $row['Course_Group_id'];
}
$group_id = $_SESSION['group_id'];
if ($group_id == "") {
if($group_id == "")
{
$group_id = 0; // no group. If the student has a group, the group number should be greater than 0.
}
@ -199,16 +127,17 @@ if ($_SESSION['user_type'] == "Student") {
// (3) none of the student's group members have already submitted
// the assignment.
$var = "SELECT Type, Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`" .
$sql_stmt = "SELECT Type, Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`".
" FROM `lab_reports_table`".
" WHERE Course_ID=$course_id".
" AND (Deadline > '$c_date' OR Lab_Report_ID IN (SELECT `Lab_Report_ID` FROM `extended_deadlines_table` WHERE Student_ID=$student_id AND Extended_Deadline_Date > '$c_date' AND Lab_Report_ID IN (SELECT Lab_Report_ID FROM lab_reports_table WHERE Course_ID=$course_id)))".
" AND Lab_Report_ID NOT IN (SELECT Lab_Report_ID FROM lab_report_submissions WHERE Course_Group_id IN (SELECT Course_Group_id FROM course_group_members_table WHERE Student_ID=$student_id))".
" ORDER BY Lab_Report_ID DESC";
$result1 = mysqli_query($con, $var);
$result1 = mysqli_query($con, $sql_stmt);
if (mysqli_num_rows($result1) == 0) {
if(mysqli_num_rows($result1)==0)
{
echo "No active assignments for this course so far.";
} else {
@ -239,22 +168,23 @@ if ($_SESSION['user_type'] == "Student") {
}
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title ($type) <br> <span style='font-size:8pt'> $ins</span>
<br> <span style='font-size:8pt'>Posted : $posted &nbsp;&nbsp;&nbsp;&nbsp; Deadline : $deadline &nbsp;&nbsp;&nbsp;&nbsp;($Marks Marks) &nbsp; &nbsp;&nbsp;&nbsp; &nbsp;<a href='~\..\SubmitLab.php?id=$labid&url=$url' class='btn-sm btn-info' style='margin-left:50px;' id='submit_lab_report_btn'> Submit Lab Report</a><br> Attachments : $full_link </span>
<br> <span style='font-size:8pt'>Posted : $posted &nbsp;&nbsp;&nbsp;&nbsp; Deadline : $deadline &nbsp;&nbsp;&nbsp;&nbsp;($Marks Marks) &nbsp; &nbsp;&nbsp;&nbsp; &nbsp;<a href='~\..\SubmitLab.php?id=$labid&url=$url' class='btn-sm btn-info' style='margin-left:50px;'> Submit Lab Report</a><br> Attachments : $full_link </span>
</div></k>";
}
}
}}
echo "";
?>
</div>
<div id="menu2" class="container tab-pane"><br>
<?php
$group_id=$_SESSION['group_id'];
if ($group_id == "") {
$group_id = -1;
} // Individual assignment does not require the student to have a group id. Therefore, the group is an empty string. To make the following SQL statement work properly, initialize the group id to -1.
if($group_id == ""){$group_id = -1;} // Individual assignment does not require the student to have a group id. Therefore, the group is an empty string. To make the following SQL statement work properly, initialize the group id to -1.
$result = mysqli_query($con,"SELECT Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
FROM `lab_reports_table`
WHERE
@ -267,8 +197,12 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
. ""
. "ORDER by Lab_Report_ID DESC");
if (mysqli_num_rows($result) == 0) {
if(mysqli_num_rows($result)==0)
{
echo "You missed no lab reports in this course.";
} else {
while($row = mysqli_fetch_assoc($result)) {
$title=$row['Title'];
@ -282,6 +216,9 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
$att4=$row['Attachment_link_4'];
$id=$row['Lab_Report_ID'];
$full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
if($att2!=""){
@ -293,25 +230,28 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
if($att4!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
};
}
;
echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'><span class='btn-sm btn-warning' style='margin-left:0px;'>MISSED</span> $title ($marks Marks) <br> <span style='font-size:8pt'> $ins</span>
<br> <span style='font-size:8pt'>Posted: $posted<br> Deadline: $deadline &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;<br> Attachments : $full_link </span>
</div>";
}
}
}}
echo "";
?>
</div>
<div id="menu3" class="container tab-pane"><br>
<?php
$group_id = $_SESSION['group_id'];
if ($group_id == "") {
$group_id = -1;
} // This fixes "Submitted report not shown" http://118.25.96.118/bugzilla/show_bug.cgi?id=176
if($group_id==""){$group_id=-1;} // This fixes "Submitted report not shown" http://118.25.96.118/bugzilla/show_bug.cgi?id=176
$sql_stmt = "SELECT Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
FROM `lab_reports_table`
@ -320,8 +260,11 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
$resultx = mysqli_query($con, $sql_stmt);
if (mysqli_num_rows($resultx) == 0) {
if(mysqli_num_rows($resultx)==0)
{
echo "You have no lab report submissions in this course.";
} else {
while($row = mysqli_fetch_assoc($resultx)) {
$lab_repo_id=$row['Lab_Report_ID'];
@ -335,7 +278,8 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
$att3=$row['Attachment_link_3'];
$att4=$row['Attachment_link_4'];
$id = $row['Lab_Report_ID'];
if ($c_date < $deadline) {
if( $c_date < $deadline)
{
$submittedx="<a href='~\..\SubmitLab.php?id=$id&url=$url' class='btn-sm btn-default'><i class='fa fa-check-circle'></i> Re-Submit </a>";
}
@ -357,6 +301,7 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
<br> <span style='font-size:8pt'>Posted : $posted Deadline : $deadline ($marks Marks) &nbsp; &nbsp; $submittedx&nbsp; <span class='btn-sm btn-success' style='margin-left:50px;'><i class='fa fa-Edit-circle'></i> Submitted </span>
<br> Submitted files: ";
$Sub_result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
@ -366,8 +311,10 @@ Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$student_id')");
if (mysqli_num_rows($Sub_result) == 0) {
if(mysqli_num_rows($Sub_result) == 0)
{
echo "No Attachments found.";
} else {
while($row = mysqli_fetch_assoc($Sub_result)) {
$at1=$row['Attachment1'];
@ -394,21 +341,32 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
}
echo $full_link;
}
}
echo "</span></div></k>";
}
}
}}
echo "";
?>
</div>
<?php
$sqli=mysqli_query($con, "SELECT * from course_groups_table WHERE Course_Group_id=$group_id and Course_id=$course_id");
while ($row = mysqli_fetch_assoc($sqli)) {
$Group_Leader = $row['Group_Leader'];
while($row = mysqli_fetch_assoc($sqli))
{ $Group_Leader=$row['Group_Leader'];
$Group_Member=$row['Group_Member'];
$Group_Member2=$row['Group_Member2'];
$Group_Member3=$row['Group_Member3'];
@ -416,6 +374,8 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
}
?>
<div id="menu4" class="container tab-pane"><br>
<?php
$resultx = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_reports_table.`Lab_Report_ID`, `Student_id`, "
@ -436,10 +396,14 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
. " lab_reports_table.Lab_Report_ID in (select Lab_Report_ID from lab_report_submissions"
. " where (Status='Marked' or Status='Remarking') and (Student_id=$student_id or Course_Group_id=$group_id) and Course_ID=$course_id) ORDER by Submission_ID DESC");
if (mysqli_num_rows($resultx) == 0) {
if(mysqli_num_rows($resultx)==0)
{
echo "You have no marked submissions in this course";
} else {
while ($row = mysqli_fetch_assoc($resultx)) {
} else { while($row = mysqli_fetch_assoc($resultx)) {
$title=$row['Lab_Title'];
$marks=$row['Marks'];
$Originalmarks=$row['Original_marks'];
@ -455,17 +419,23 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
$notes=$row['Notes'];
$status= $row['Status'];
$remarking_reason=$row['Remarking_Reason'];
if ($status == 'Marked') {
if($status=='Marked')
{
$rm_data="\Script.php?remarking=yes&id=$Submission_ID&url=$url&status=Remarking";
$remarking = "<button onclick='remarking(\"$rm_data\")' class='btn-sm btn-success' id='request_remarking_btn'> Request Remarking </button>";
$remarking="<button onclick='remarking(\"$rm_data\")' class='btn-sm btn-success'> Request Remarking </button>";
}
if ($status == 'Remarking') {
if($status=='Remarking')
{
$remarking="<span style='color:orange'><i class='fa fa-info-circle'></i> Remarking Request sent </span> <br> Remarking Reason:<i>$remarking_reason </i> <br>";
}
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <b> ($marks Marks out of $Originalmarks)</b><br><small> Lecturer Feedback : $notes </small> &nbsp; $remarking <br> Submission files :";
$Sub_result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
@ -475,10 +445,11 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Student_id='$student_id'");
if (mysqli_num_rows($Sub_result) == 0) {
if(mysqli_num_rows($Sub_result)==0)
{
echo "No Attachments found.";
} else {
while ($row = mysqli_fetch_assoc($Sub_result)) {
} else { while($row = mysqli_fetch_assoc($Sub_result)) {
$at1=$row['Attachment1'];
$at2=$row['Attachment2'];
$at3=$row['Attachment3'];
@ -498,13 +469,21 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
}
echo $full_link;
}
}
}
}
}}
echo "</div></k>";
?>
</div>
</div>
@ -516,14 +495,15 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
<?php
$resultx1 = mysqli_query($con,"SELECT `Course_Group_id` FROM `course_groups_table` WHERE Course_id=$course_id");
while ($row = mysqli_fetch_assoc($resultx1)) {
$count_groups = $row['Course_Group_id'];
}
while($row = mysqli_fetch_assoc($resultx1)) {$count_groups=$row['Course_Group_id'];}
echo " <button onclick='CreateGroup()' class='btn btn-primary' id='create_group_btn'> Create Group</button>";
echo " <button onclick='CreateGroup()' class='btn btn-primary'> Create Group</button>";
?>
<hr>
<?php
@ -532,59 +512,99 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
FROM `course_group_members_table` INNER JOIN course_groups_table on
course_groups_table.Course_Group_id=course_group_members_table.Course_Group_id WHERE Student_id=$student_id and course_groups_table.Course_id=$course_id");
if (mysqli_num_rows($result) == 0) {
if(mysqli_num_rows($result)==0)
{
echo "You have no Group in this Course";
} else {
while ($row = mysqli_fetch_assoc($result)) {
} else { while($row = mysqli_fetch_assoc($result)) {
$name=$row['Group_Name'];
$id=$row['Course_Group_id'];
$status=$row['Status'];
$extra=" - <a href='#' class='' onclick='invite($id)'> Invite Others</a></small>";
if ($status == "Invited") {
if($status=="Invited")
{
$extra2=" <a href='#' class='' onclick='accept($id,1)'>Accept</a></small>";
$extra3=" <a href='#' class='' onclick='accept($id,0)'>Decline</a></small>";
}
echo "<div class='btn-default'><small> $name ($status) $extra $extra2 $extra3</small></div>";
# Add "delete group" button and allow only group creator to delete it
$extra4 = "<button onclick='delete_group($id)' class='btn btn-danger' style='height: 25px; width: 90px;
line-height: 10px; font-size: 10px'>DELETE GROUP</button>";
echo "<div class='btn-default'><small> $name ($status) $extra $extra2 $extra3" .
(($status == "Created")? "$extra4": "")
."</small></div>";
$rs2=mysqli_query($con,"SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID,
course_group_members_table.`Status`,users_table.Full_Name FROM `course_group_members_table`
INNER JOIN users_table on users_table.Student_ID=course_group_members_table.Student_ID
where course_group_members_table.Course_Group_id=$id");
#Check whether the current user in session is the creator of the group
$rs3 = mysqli_query($con, "SELECT `Status` from course_group_members_table where Student_ID = $student_id");
$flag = mysqli_fetch_assoc($rs3)['Status'] == "Created";
while($row = mysqli_fetch_assoc($rs2)) {
$name=$row['Full_Name'];
$id=$row['Course_Group_id'];
$status=$row['Status'];
$Student_ID=$row['Student_ID'];
echo "<li><small> $name-$Student_ID ($status)</small></li>";
#Show group members + remove button next to each member except the creator of the group
if($flag){
echo "<li><small> $name-$Student_ID ($status)</small>".(($status != "Created")?"<button onclick='remove_member($Student_ID, $id)'
class='btn btn-danger' style='height: 25px; width: 80px; line-height: 10px;'>remove</button>":"")."</li>";
}else{
echo "<li><small> $name-$Student_ID ($status)</small>";
}
}
}
}
?>
</div>
</div>
<?php
}
include 'Footer.php';
?>
<script src="./css/jquery-1.11.1.min.js"></script>
<script src="./css/jquery-ui.min.js"></script>
<link rel="stylesheet" href="./css/jquery-ui.css" />
<script>
function CreateGroup() {
try {
try
{
$('<form id="frm" method="get" action="Script.php"><input type="hidden" name="creategroup" value="true">\n\
<input type="hidden" name="student_id" value="<?php echo $student_id; ?>" > Group Name <input type="text" name="name" id="group_name">\n\
<input type="hidden" name="student_id" value="<?php echo $student_id; ?>" > Group Name <input type="text" name="name">\n\
<input type="hidden" name="url" value="<?php echo $url; ?>"> <input type="hidden" name="id" value="<?php echo $course_id; ?>"> </form>').dialog({
modal: true,
title:'Create Group',
@ -602,14 +622,18 @@ include 'Footer.php';
}
});
} catch (e) {
alert(e);
}
} catch(e){ alert(e); }
}
function invite(id) {
try {
try
{
$('<form id="frm" method="get" action="Script.php"><input type="hidden" name="groupinvite" value="true">\n\
<input type="hidden" name="groupid" value="'+id+'" > Enter Student_ID to Invite <input type="text" name="student_id">\n\
@ -630,14 +654,21 @@ include 'Footer.php';
}
});
} catch (e) {
alert(e);
}
} catch(e){ alert(e); }
}
function accept(id,val) {
try {
try
{
$('<form id="frm" method="get" action="Script.php"><input type="hidden" name="acceptinvite" value="true">\n\
<input type="hidden" name="groupid" value="'+id+'" > \n\ <input type="hidden" name="action" value="'+val+'" > \n\
@ -660,15 +691,75 @@ include 'Footer.php';
}
});
} catch (e) {
alert(e);
}
} catch(e){ alert(e); }
}
function remarking(data) {
function remarking(data)
{
var details = prompt("Please enter your remarking reasons","");
window.location.href = data+"&details="+details;
}
function remove_member(student_id, group_id) {
try
{
$('<form id="frm" method="get" action="Script.php"><input type="hidden" name="removemember" value="true">\n\
<input type="hidden" name="student_id" value="'+student_id+'" > \n\
<input type="hidden" name="group_id" value="'+group_id+'">\n\
<input type="hidden" name="url" value="<?php echo $url; ?>"></form>').dialog({
modal: true,
title:'Remove '+student_id+'?',
buttons: {
'Confirm': function () {
$('#frm').submit();
$(this).dialog('close');
},
'X': function () {
$(this).dialog('close');
}
}
});
} catch(e){ alert(e); }
}
function delete_group(id) {
try
{
$('<form id="frm" method="get" action="Script.php"><input type="hidden" name="deletegroup" value="true">\n\
<input type="hidden" name="group_id" value="'+id+'" > \n\
<input type="hidden" name="url" value="<?php echo $url; ?>"></form>').dialog({
modal: true,
title:'Delete this group?',
buttons: {
'Confirm': function () {
$('#frm').submit();
$(this).dialog('close');
},
'X': function () {
$(this).dialog('close');
}
}
});
} catch(e){ alert(e); }
}
</script>

356
Courses.php
View File

@ -2,37 +2,49 @@
include 'NoDirectPhpAcess.php';
?>
<?php
$page='Courses';
include 'Header.php';
$user_d = $_SESSION['user_id'];
if ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA") {
if( $_SESSION['user_type']=="Lecturer" || $_SESSION['user_type']=="TA")
{
?>
<!-- FOR LECTURER-->
<div class="row" style="width:80%;margin:auto; text-align:left;">
<script src="./css/jquery-1.11.1.min.js"></script>
<script src="./css/jquery-ui.min.js"></script>
<link rel="stylesheet" href="./css/jquery-ui.css" />
<script>
function extend_deadline(id) {
var dropstudents=$("#dropstudents").html();
try {
try
{
$('<form id="frm" method="get" action="Script.php">\n\
<input type="hidden" name="extenddeadline" value="true" >\n\
<input type="hidden" name="id" value="'+id+'" > \n\
New Date/Time <br><input type="date" name="date" required="" id="new_date"> <input type="time" name="time" required=""> \n\
New Date/Time <br><input type="date" name="date" required=""> <input type="time" name="time" required=""> \n\
\n\
<br><input type="radio" value="1" name="type" required="" id="extend_for_all"> Extend for All<hr> \n\
<br><input type="radio" value="1" name="type" required=""> Extend for All<hr> \n\
<input type="radio" value="2" name="type" required=""> Extend for these Individual Students \n\
'+dropstudents+' \n\
</form>').dialog({
@ -52,23 +64,23 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
}
});
} catch (e) {
alert(e);
}
}catch(e){ alert(e); }
}
</script>
<?php
if (!empty($_GET["course"])) {
$course_url = $_GET["course"];
if(!empty($_GET["course"]))
{
$course_url = mysqli_real_escape_string($con, $_GET["course"]);
$result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
. " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` "
. " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table"
. " ON users_table.User_ID=courses_table.Lecturer_User_ID where URL='$course_url' ");
if (mysqli_num_rows($result) == 0) {
} else {
while ($row = mysqli_fetch_assoc($result)) {
if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) {
$name=$row['Course_Name'];
$code=$row['Course_Code'];
$faculty=$row['Faculty'];
@ -91,8 +103,9 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
// ------------------------------Editing Lab Assignment by Lecturer ------------------------------------
if($_GET['act']=="edit"){
$getid = $_GET["cid"];
$getid = mysqli_real_escape_string($con, $_GET["cid"]);
$result1 = mysqli_query($con, "SELECT * from lab_reports_table WHERE Lab_Report_ID = '$getid'");
while($row1 = mysqli_fetch_assoc($result1)) {
@ -106,18 +119,19 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
}
if(isset($_POST['frm_uploadlab'])){
$deadlinedate = trim($_POST["deadlinedate"]); // remove spaces
$deadlinetime = trim($_POST["deadlinetime"]); // remove spaces
$instructions = $_POST["instructions"];
$title = $_POST["title"];
$marks = $_POST["marks"];
$type = $_POST["type"];
$deadlinedate = trim(mysqli_real_escape_string($con, $_POST["deadlinedate"])); // remove spaces
$deadlinetime = trim(mysqli_real_escape_string($con, $_POST["deadlinetime"])); // remove spaces
$instructions = mysqli_real_escape_string($con, $_POST["instructions"]);
$title = mysqli_real_escape_string($con, $_POST["title"]);
$marks = mysqli_real_escape_string($con, $_POST["marks"]);
$type = mysqli_real_escape_string($con, $_POST["type"]);
$Deadline = $deadlinedate." ".$deadlinetime;
$date = date("Y-m-d H:i");
$sql = "UPDATE `lab_reports_table` SET `Deadline` = ('" . $Deadline . "'), `Instructions` = ('" . $instructions . "'), `Title` = ('" . $title . "'), `Marks` = ('" . $marks . "'), `Type` = ('" . $type . "') WHERE `lab_reports_table`.`Lab_Report_ID` = '$getid'";
if ($con->query($sql) === TRUE) {
$_SESSION["info_Updated"]="Assignment information updated successfully.";
} else {
// echo "Error: " . $sql . "<br>" . $con->error;
echo "Serious error happened whiling updating assignment information.";
@ -139,14 +153,14 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
<input type='hidden' name='course_id' value='<?php echo "$id" ?>' required=''/>
<input type='hidden' name='url' value='<?php echo ".$course_url." ?>' required=''/>
Dealine Date/Time
Deadline Date/Time
<div class='row'>
<div class='col-md-7'><input type='date' id='date' name='deadlinedate' placeholder='' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Date : ""; ?>"> </div>
<div class='col-md-5'> <input type='text' id='time' class='form-control' name='deadlinetime' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Time : ""; ?>"> </div>
</div>
Title
<input type='text' name='title' placeholder='Ttle' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act'] == "edit" ? $Title : ""; ?>">
<input type='text' name='title' placeholder='Title' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Title : ""; ?>">
Instructions
<textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required='' ><?php echo isset($_GET['act']) && $_GET['act']=='edit' ? $Instructions : ''; ?></textarea>
Marks
@ -160,6 +174,7 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
Attachment 3
<input type='file' name='attachment3' placeholder='Attachment 1' class='form-control' >
Attachment 4
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
<br>
@ -172,12 +187,12 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
}
?>
<hr>
<input type='submit' class='btn btn-primary' value='Post Lab Assignment'><br>
</form><br><br><br><br>
<?php
}
} else {
}}else{
// ------------------------------Posting New Lab Assignment------------------------------------
@ -190,7 +205,7 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
<h3> Post new Lab Assignment </a></h3>
<form method='post' enctype='multipart/form-data' action='Script.php' id="newlab_form">
<form method='post' enctype='multipart/form-data' action='Script.php'>
<?php
$_SESSION['url']=$url;
?>
@ -198,18 +213,18 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
<input type='hidden' name='course_id' value='<?php echo "$id" ?>' required=''/>
<input type='hidden' name='url' value='<?php echo ".$course_url." ?>' required=''/>
Dealine Date/Time
Deadline Date/Time
<div class='row'>
<div class='col-md-7'><input type='date' id='date' name='deadlinedate' placeholder='' class='form-control' required='' value=""> </div>
<div class='col-md-5'> <input type='time' class='form-control' name='deadlinetime' value=""> </div>
</div>
Title
<input type='text' name='title' placeholder='Ttle' class='form-control' required='' value="" id="lab_title">
<input type='text' name='title' placeholder='Title' class='form-control' required='' value="">
Instructions
<textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required='' value="" id="lab_instructor"></textarea>
<textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required='' value=""></textarea>
Marks
<input type='text' name='marks' placeholder='Marks' class='form-control' required='' value="" id="lab_mark">
<input type='text' name='marks' placeholder='Marks' class='form-control' required='' value="">
Attachment 1
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control'>
@ -219,18 +234,20 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
Attachment 3
<input type='file' name='attachment3' placeholder='Attachment 1' class='form-control' >
Attachment 4
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
<br>
Submission Type <input type='radio' name='type' value='Individual' required='' id="lab_individual"> Individual
Submission Type <input type='radio' name='type' value='Individual' required=''> Individual
<input type='radio' name='type' value='Group' required='' id="lab_group"> Group
<input type='radio' name='type' value='Group' required=''> Group
<hr>
<input type='submit' class='btn btn-primary' value='Post Lab Assignment' id="submit_btn"><br>
<input type='submit' class='btn btn-primary' value='Post Lab Assignment'><br>
</form><br><br><br><br>
<?php
}
}
}
echo "</div>";
@ -250,17 +267,22 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
$_SESSION['info_courses']=null;
}
$result = mysqli_query($con," SELECT `Lab_Report_ID`,Type,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, "
. "`Attachment_link_4` FROM `lab_reports_table` WHERE Course_ID=$id ORDER by Lab_Report_ID DESC");
if ($_SESSION['user_type'] == "TA") {
if( $_SESSION['user_type']=="TA")
{
echo "<b style='color:gray'>*Only Lecturer can post a new lab report assignment</b><br>";
}
if (mysqli_num_rows($result) == 0) {
if(mysqli_num_rows($result)==0)
{
echo "No assignments posted so far.";
} else {
$counter = 0;
while ($row = mysqli_fetch_assoc($result)) {
} else { while($row = mysqli_fetch_assoc($result)) {
$marks=$row['Marks'];
$title=$row['Title'];
$ins=$row['Instructions'];
@ -274,7 +296,6 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
$cours_id=$row['Course_ID'];
$as_type=$row['Type'];
$full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
$counter += 1;
if($att2!=""){
$full_link= $full_link." &nbsp|&nbsp <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
@ -287,19 +308,15 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
$full_link= $full_link." &nbsp; | &nbsp <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
}
$resultx1 = mysqli_query($con,"Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id");
while ($row = mysqli_fetch_assoc($resultx1)) {
$count_subs = $row['cnt'];
}
while($row = mysqli_fetch_assoc($resultx1)) {$count_subs=$row['cnt'];}
$resultx2 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Marks is not null");
if (mysqli_num_rows($resultx2) == 0) {
$count_marked = 0;
} else {
while ($row = mysqli_fetch_assoc($resultx2)) {
$count_marked = $row['cnt'];
}
}
if(mysqli_num_rows($resultx2)==0){$count_marked=0;} else { while($row = mysqli_fetch_assoc($resultx2)) {$count_marked =$row['cnt'];}}
$header="Courses > ".$name."($code) > Assignments > ".$title;
@ -309,20 +326,28 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
<br> <span style='font-size:8pt'>Posted : $posted Deadline : <b> $deadline </b> &nbsp; ($marks Marks) &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; "
. "<br>"
. "<span class='btn-default'> &nbsp;&nbsp; $count_subs Submissions ( $count_marked Marked ) &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href='Courses.php?course=" . $url . "&act=edit&cid=" . $id . "'>Edit</a>&nbsp;&nbsp; |&nbsp;&nbsp;<a href='~\..\Submissions.php?id=$id&header=$header&total=$marks' onclick='' id='view_submissions_link_$counter'> View </a> &nbsp;&nbsp; |&nbsp;&nbsp; <a href='#' onclick='extend_deadline($id)' id='extend_deadline_link'> Extend Deadline </a> </span> <hr> Attachments : $full_link </span>"
. "<span class='btn-default'> &nbsp;&nbsp; $count_subs Submissions ( $count_marked Marked ) &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href='Courses.php?course=".$url."&act=edit&cid=".$id."'>Edit</a>&nbsp;&nbsp; |&nbsp;&nbsp;<a href='~\..\Submissions.php?id=$id&header=$header&total=$marks' onclick=''> View </a> &nbsp;&nbsp; |&nbsp;&nbsp; <a href='#' onclick='extend_deadline($id)'> Extend Deadline </a> </span> <hr> Attachments : $full_link </span>"
. "&nbsp;&nbsp;</div>
";
}
}
}}
echo "</div>";
$resultx1 = mysqli_query($con,"SELECT course_students_table.Student_ID,users_table.Full_Name FROM
`course_students_table`
INNER JOIN users_table on users_table.Student_ID=course_students_table.Student_ID
WHERE Course_ID=$course_id");
echo "<span id='dropstudents' style='display:none;'> <select name='stdid'>";
while ($row = mysqli_fetch_assoc($resultx1)) {
while($row = mysqli_fetch_assoc($resultx1))
{
$stdid=$row['Student_ID'];
$stdname=$row['Full_Name'];
@ -332,11 +357,17 @@ WHERE Course_ID=$course_id");
. "<input type='hidden' name='url' value='$course_url'>"
. " </span>";
return;
}
?>
<div class="col-md-8">
<?php
@ -348,20 +379,23 @@ WHERE Course_ID=$course_id");
</a></div>
";
$result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, "
. "`Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID where courses_table.Lecturer_User_ID=$user_d");
if ($_SESSION['user_type'] == "TA") {
if($_SESSION['user_type']=="TA")
{
$result = mysqli_query($con,"SELECT course_ta.Course_ID, `Course_Name`,
`Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table`
INNER JOIN
course_ta ON course_ta.Course_ID=courses_table.Course_ID where course_ta.TA=$user_d");
}
// $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID");
if (mysqli_num_rows($result) == 0) {
} else {
while ($row = mysqli_fetch_assoc($result)) {
if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) {
$id=$row['Course_ID'];
$name=$row['Course_Name'];
$code=$row['Course_Code'];
@ -379,6 +413,8 @@ where course_ta.Course_ID=$id");
$ta=$ta." - ".$rowTA['TA_NAME'];
}
echo"
<a href='~\..\Courses.php?course=$url'> <div class='btn btn-default'>
@ -386,13 +422,15 @@ where course_ta.Course_ID=$id");
<br> <span style='font-size:8pt'>Faculty : $faculty &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Year : $academic &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Lecturer :$lecturer &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TA:$ta </span>
</div></a>
";
}
} ?>
}}?>
</div>
<div class="col-md-4">
<br>
<b> Course Joining Requests </b>
<?php
$lecturer_id= $_SESSION['user_id'];
$result = mysqli_query($con,"SELECT course_students_table.ID,users_table.Full_Name, courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table`
@ -400,11 +438,11 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tab
INNER JOIN users_table on users_table.Student_ID=course_students_table.Student_ID
WHERE Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'");
if (mysqli_num_rows($result) == 0) {
if(mysqli_num_rows($result)==0)
{
echo "<br> <i class='fa fa-info-circle'></i> No Course joining request so far for all your courses <hr>";
} else {
while ($row = mysqli_fetch_assoc($result)) {
} else { while($row = mysqli_fetch_assoc($result)) {
$id=$row['ID'];
$name=$row['Course_Name'];
@ -417,12 +455,21 @@ WHERE Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'"
$std_name is Requesting to join <br> [($code) - $name ] &nbsp;&nbsp;&nbsp;&nbsp; <br><a href='~\..\Script.php?AcceptStudent=y&id=$id&rs=yes' class='btn-sm btn-success' onclick=return confirm(\"are you sure to join this course?\")' > Accept </a>
&nbsp;&nbsp;<a href='~\..\Script.php?AcceptStudent=y&id=$id&rs=no' class='btn-sm btn-danger' onclick=return confirm(\"are you sure to join this course?\")' > Decline </a>
</div>";
}
}
?>
<?php
if ($_SESSION['user_type'] == "TA") {
if( $_SESSION['user_type']=="TA")
{
echo "<center>Only Lecturers can Post new Lab report Assignments</center>";
}
if( $_SESSION['user_type']=="Lecturer"){ ?>
@ -433,28 +480,30 @@ WHERE Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'"
<input type="hidden" name="frm_createCourse" value="true" required=""/>
<input type="hidden" name="l" value="l" required=""/>
Course Name
<input type="text" name="name" placeholder="Course Name" class="form-control" required="" id="course_name">
<input type="text" name="name" placeholder="Course Name" class="form-control" required="">
Course Code
<input type="text" name="code" placeholder="Course Code" class="form-control" required="" id="course_code">
<input type="text" name="code" placeholder="Course Code" class="form-control" required="">
URL (Leave blank to use Course Code & Year)
<input type="text" name="url" placeholder="Choose Custom URL " class="form-control">
Academic Year
<input type="text" name="academic" placeholder="Academic Year" class="form-control" required="" id="academic_year">
<input type="text" name="academic" placeholder="Academic Year" class="form-control" required="">
Faculty <br>
<input type="text" name="faculty" placeholder="Faculty" class="form-control" required="" id="faculty">
<input type="text" name="faculty" placeholder="Faculty" class="form-control" required="">
<input type="hidden" name="lecturer" value="<?php echo $_SESSION['user_id']; ?>">
Verify Joining Students
<input type="radio" name="verify" value="1" id="join_yes"> Yes
<input type="radio" name="verify" value="0" checked="" id="join_no"> No
<input type="radio" name="verify" value="1"> Yes
<input type="radio" name="verify" value="0" checked=""> No
<br>
<input type="submit" class="btn btn-primary" value="Create Portal" id="portal_btn"><br>
<input type="submit" class="btn btn-primary" value="Create Portal"><br>
</form>
@ -462,12 +511,16 @@ WHERE Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'"
</div>
<!-- END LECTURER -->
<?php
}
if ($_SESSION['user_type'] == "Student") {
if( $_SESSION['user_type']=="Student")
{
?>
<!--STUDENT CODE-->
@ -487,32 +540,51 @@ if ($_SESSION['user_type'] == "Student") {
<div class="col-md-6"></div>
</div>
<div class="row" style="width:80%;margin:auto; text-align:left;">
<div class="col-md-6">
<?php
error_reporting(0);
$student_id= $_SESSION['user_student_id'];
if (!empty($_GET["search"]) || !empty($_GET["faculty"])) {
$search = trim($_GET["search"]);
$faculty = $_GET["faculty"];
// current academic year - i.e 2021 - 2022 , so we will show in search result:
// course containing either 2021 or 2022 as academic year.
$oldest_academic_year = date('Y') - 1;
if(!empty($_GET["search"]) || !empty($_GET["faculty"]))
{
$search = trim(mysqli_real_escape_string($con, $_GET["search"]));
$search = strtoupper($_GET['search']);
$faculty = mysqli_real_escape_string($con, $_GET["faculty"]);
if ($faculty == "") {
// the user has not entered something under "Find course by Code"
if($faculty=="")
{
echo "<h4> Search Results for Course Code $search</h4><hr>";
$result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
. " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` "
. " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table"
. " ON users_table.User_ID=courses_table.Lecturer_User_ID where Course_Code like '%{$search}%' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)");
} else {
. " ON users_table.User_ID=courses_table.Lecturer_User_ID where Academic_Year >= $oldest_academic_year and Course_Code like '%{$search}%' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id) order by Academic_Year desc");
}
// the user has entered something under "Find course by Code"
else
{
echo "<h3> Find Courses under faculty $faculty</h3>";
$result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,
`Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`
, users_table.Full_Name FROM `courses_table` INNER JOIN users_table
ON users_table.User_ID=courses_table.Lecturer_User_ID where Faculty='$faculty' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)");
ON users_table.User_ID=courses_table.Lecturer_User_ID where Academic_Year >= $oldest_academic_year and Faculty='$faculty' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id) order by Academic_Year desc");
}
if (mysqli_num_rows($result) == 0) {
if(mysqli_num_rows($result)==0)
{
echo "No results found for your Search <hr>";
} else {
while($row = mysqli_fetch_assoc($result)) {
@ -525,19 +597,20 @@ if ($_SESSION['user_type'] == "Student") {
$id=$row['Course_ID'];
$v=$row['Verify_New_Members'];
$msg2="Join Course";
if ($v > 0) {
if($v>0)
{
$msg="<i class='fa fa-exclamation-circle'></i> Lecturer verification required";
$msg2="Send Joining Request";
}
echo "<div class='btn btn-default' style='word-wrap:break-word'>
[$code] $name <br>($url) <br> <a href='~\..\Script.php?JoinCourse=y&id=$id&std=$student_id&joining=$v' class='btn-sm btn-success' onclick=return confirm(\"Are you sure to join this course?\")' id='join_btn'> $msg2 </a>
[$code] $name <br>($url) <br> <a href='~\..\Script.php?JoinCourse=y&id=$id&std=$student_id&joining=$v' class='btn-sm btn-success' onclick=return confirm(\"Are you sure to join this course?\")' > $msg2 </a>
<br> <span style='font-size:10pt'>Faculty: $faculty | Year: $academic | Lecturer: $lecturer </span><br>$msg</div>
";
}
}
}
// Otherwise, list the student's joined courses (already done), in reverse chronological order
echo "<h4> My Courses </h4>";
$result = mysqli_query($con,"SELECT users_table.Full_Name, course_students_table.Status, courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table`
INNER JOIN users_table
@ -545,9 +618,10 @@ INNER JOIN users_table
INNER JOIN course_students_table on course_students_table.Course_ID=courses_table.Course_ID
where course_students_table.Student_ID=$student_id");
where course_students_table.Student_ID=$student_id order by Academic_Year desc");
if (mysqli_num_rows($result) == 0) {
if(mysqli_num_rows($result)==0)
{
echo "<i class='fa fa-exclamation-circle'></i> You are not Enrolled in any Course";
} else {
while($row = mysqli_fetch_assoc($result)) {
@ -560,12 +634,15 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tabl
$id=$row['Course_ID'];
$Status=$row['Status'];
if ($Status == "Joined") {
if($Status=="Joined")
{
echo "<a href='~\..\Course.php?url=$url'> <div class='btn btn-default' style='word-wrap:break-word'>
($code) - $name <br>($url) &nbsp;&nbsp;&nbsp; <i class='fa fa-check-circle'></i> $Status &nbsp;&nbsp;&nbsp;&nbsp; <a href='~\..\Course.php?url=$url' class='btn-sm btn-primary'> Open</a>
<br> <span style='font-size:8pt'>Faculty : $faculty Year : $academic Lecturer :$lecturer </span></div></a>
";
} else {
}
else
{
echo "<div class='btn btn-default'>
($code) - $name <i class='btn-sm btn-danger'> $Status</i>
<br> <span style='font-size:8pt'>Faculty : $faculty Year : $academic Lecturer :$lecturer </span></div>
@ -574,45 +651,144 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tabl
}
}
echo "</div><div class='col-md-6'>
<form method='get' action='Courses.php'>
<div class='row'>
<div class='col-md-10'>
<div class='row'><div class='col-md-6'> Find course by Code
<input type='text' class='form-control' name='search' placeholder='Enter Course Code' id='search_field'>
<input type='text' class='form-control' name='search' maxlength='11' placeholder='Enter Course Code'>
</div><div class='col-md-6'>
List courses by faculty
<select name='faculty' class='form-control'>";
$result = mysqli_query($con,"SELECT DISTINCT(Faculty) as Faculty FROM `courses_table`");
if(mysqli_num_rows($result)==0){
} else {
echo"<option value=''> Search by faculty </option>";
while($row = mysqli_fetch_assoc($result)) {
$fname=$row['Faculty'];
echo "<option value=''> Search by faculty </option> <option value='$fname'> $fname </option>";
}
}
echo " <option value='$fname'> $fname </option>";
}}
echo "</select></div></div>
</div>
<div class='col-md-1'> <br>
<input type='submit' class='btn btn-primary' value='Find' id='find_btn'>
<input type='submit' class='btn btn-primary' value='Find'>
</div>
</div>
</form>
</div></div>";
}
?>
<style>
.form-control{
padding-top: 1px;
padding-bottom:1px;
}
</style>

7
Download.php
View File

@ -7,6 +7,11 @@ session_start();
// 修改这一行设置你的文件下载目录
// IMPORTANT: Do not delete the following conditional test
if (strpos($_GET['file'], "../") !== false) { // 检查是否有 ../,防止用户构造路径,访问某个他不应该访问的目录
die("Sorry. Nothing to download.");
}
$file = "./../../lrr_submission".$_GET['file'];
$filename = basename($file);
@ -20,7 +25,7 @@ $type = filetype($file);
$today = date("F j, Y, g:i a");
$time = time();
if ( (isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"])) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA") {
if ((isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"]) > 0) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA" ) {
// 发送文件头部
header("Content-type: $type");
header('Content-Disposition: attachment;filename="'.urldecode($filename).'"');

6
Header.php
View File

@ -22,6 +22,12 @@ if (mysqli_connect_errno()) {
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" />
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<!-- *this css file can be used across all the websites
and any new css class can be added there.
* The reason is to make the css code reusable.
* the css file is used by submissions.php
-->
<link href = "./css/main.css" rel = "stylesheet" type = "text/css" />
<script src="./css/jquery.min.js" type="text/javascript"></script>
<script src="./css/bootsrap.min.js" type="text/javascript"></script>

2
NoDirectPhpAcess.php
View File

@ -2,6 +2,6 @@
// https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file
if (!isset($_SERVER['HTTP_REFERER']) ) {
/* choose the appropriate page to redirect users */
die( header( 'location: index.php' ) );
die( header( 'location: logout.php' ) );
}
?>

56
README.md
View File

@ -18,15 +18,17 @@ Our mission is to make the experience of submitting assignments great for tens o
# Installation Instructions
## Hui's steps
## Hui steps
I spent about two hours installing LRR to a bare, remote Ubuntu server (Ubuntu 20.04 LTS).
LRR needs Apache and MySQL to run. I followed [How To Install Linux, Apache, MySQL, PHP (LAMP) stack on Ubuntu 20.04](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-20-04) to set up these server applications.
LRR needs Apache and MySQL to run. I followed [How To Install Linux, Apache, MySQL, PHP (LAMP) stack on Ubuntu 20.04](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-20-04) to set up these server applications. [How to install and configure PHP](https://ubuntu.com/server/docs/programming-php) is also a good guide.
LRR uses a database called `lrr`. I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server.
The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.txt`.
The command for importing is `mysql -u mnc -p lrr < lrr_database_dump.txt`. Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail.
LRR uses a database called `lrr`. So create this database using MySQL root account. Open MySQL's prompt using `sudo mysql`. Create the database using command `CREATE DATABASE lrr;`, and grant all privileges to MySQL user `lrr` using command `GRANT ALL PRIVILEGES ON lrr.* TO 'mnc'@'localhost' WITH GRANT OPTION;`. If MySQL user mnc does not exist, create it using command `CREATE USER 'mnc'@'localhost' IDENTIFIED BY 'password'`.
To facilitate data migration, I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server.
The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.txt`, where mnc after -u is MySQL's username, and lrr after -p is the database name.
The command for importing is `mysql -u mnc -p lrr < lrr_database_dump.txt`. Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail. Do not have lrr_database_dump.txt? You can use lrr_database.sql in this repo instead.
LRR also needs to store assignment submissions. We store them in a folder called `../../lrr_submission`. Note that `lrr_submission` is two levels above the project folder (where many PHP files reside). I copied this folder from the existing one. I think it is also OK if you create an empty folder.
We need to set a proper owner and accessibility for `lrr_submission` using the following two commands:
@ -49,7 +51,7 @@ Enable the site lrr: `sudo a2ensite lrr`. Restart the apache server: `sudo syst
Visit the LRR application by entering this URL in a web browser: http://121.4.94.30/.
## Enock's steps
## Enock steps
Enock, a graduate student here, has made a tutorial about how he deployed LRR to a remote server (http://lanlab.org/course/2021s/spm/PuTTY-Server.txt).
@ -171,49 +173,49 @@ We can also communicate through pull requests. You make a pull request, I revie
GitHub Account - Full Name - Student number
CODEwithZAKI - Omar Mohamud Mohamed - 202025800041
CODEwithZAKI - Omar Mohamud Mohamed - 2020041
BloudYoussef - Khayat Youssef - 202025800042
BloudYoussef - Khayat Youssef - 2020042
TanakaMichelle - Tanaka Michelle Sandati - 201732120134
TanakaMichelle - Tanaka Michelle Sandati - 2017134
WhyteAsamoah - Yeboah Martha Asamoah - 201732120135
WhyteAsamoah - Yeboah Martha Asamoah - 2017135
xiaoyusoil - ZhengXiaoyu - 201732120110
xiaoyusoil - ZhengXiaoyu - 2017110
Benny123-cell - ZhangBin - 201732120127
Benny123-cell - ZhangBin - 2017127
421281726 - LiJiaxing - 201732120118
421281726 - LiJiaxing - 2017118
zhenghongyu-david - ZhengHongyu - 201732120128
zhenghongyu-david - ZhengHongyu - 2017128
wkytz - YeHantao - 201732120125
wkytz - YeHantao - 2017125
zego000 - GaoZeng - 201732120117
zego000 - GaoZeng - 2017117
Richard1427 - XieJiacong - 201732120123
Richard1427 - XieJiacong - 2017123
yutengYing - YingYuteng - 201732120126
yutengYing - YingYuteng - 2017126
Samrusike - Samantha Rusike - 201632120140
Samrusike - Samantha Rusike - 2016140
*enockkays* <enockkhondowe94@yahoo.com>
*Teecloudy* - Ashly Tafadzwa Dhani - 201632120150
*Teecloudy* - Ashly Tafadzwa Dhani - 201150
GuedaliaBonheurSPM - Guedalia Youma - 201925800221
GuedaliaBonheurSPM - Guedalia Youma - 2019221
ACorneille - Alimasi Corneille - 201925800168
ACorneille - Alimasi Corneille - 2019168
Tabithakipanga - Kipanga Dorcas - 201925800170
Tabithakipanga - Kipanga Dorcas - 2019170
Mary-AK - Mary Akussah Doe - 201925800173
Mary-AK - Mary Akussah Doe - 2019173
pkkumson - Kumson Princewill Kum - 201925800166
pkkumson - Kumson Princewill Kum - 2019166
Twizere - Twizere Pacifique - 201925800174
Twizere - Twizere Pacifique - 2019174
Nicole-Rutagengwa - Nicole Rutagengwa - 201925800169
Nicole-Rutagengwa - Nicole Rutagengwa - 2019169
*hema-001* - Ibrahim Mohamed Ibrahim Ismail - omitted

4
Reset_password.php
View File

@ -8,8 +8,8 @@
include 'Header.php';
$token=$_GET['token'];
$email=$_GET['email'];
$token = htmlspecialchars($_GET['token']);
$email = htmlspecialchars($_GET['email']);
?>
<div class="row">

283
Script.php
View File

@ -34,39 +34,37 @@ function is_valid_student_number($student_id)
}
// ############################### SIGN UP ##################################
if (!empty($_POST["frm_signup_1"])) {
$student_id = trim(mysqli_real_escape_string($con, $_POST["student_id"]));
if (!empty($_POST["form_signup"])) {
$student_id = trim(mysqli_real_escape_string($con, $_POST["user_student_id"]));
// validate student number
if (!is_valid_student_number($student_id)) {
$_SESSION["info_signup1"] = "Invalid student number.";
header("Location: index.php");
$_SESSION["info_signup"] = "Invalid student number.";
header("Location: signup.php");
return;
}
// Check if this student number is a legal one
$result = mysqli_query($con, "SELECT * FROM `students_data` WHERE Student_ID='$student_id'");
if (mysqli_num_rows($result) == 0) {
$_SESSION["info_signup1"] = "Your entered student number could not be verified. Please contact Student Management Office <lanhui at zjnu.edu.cn>. Thanks.";
header("Location: index.php");
$_SESSION["info_signup"] = "Your entered student number could not be verified. Please contact Student Management Office <lanhui at zjnu.edu.cn>. Thanks.";
header("Location: signup.php");
return;
}
$result98 = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
if (mysqli_num_rows($result98) == 0) {
$_SESSION['user_student_id'] = $student_id;
// Check if the student number isn't already registered
$student_result = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
if (mysqli_num_rows($student_result) > 0) {
$_SESSION["info_signup"] = "This Student ID is already in use! Please contact Student Management Office <lanhui at zjnu.edu.cn> for help.";
header("Location: signup.php");
return;
} else {
$_SESSION["info_signup1"] = "This Student ID is already in use! Please contact Student Management Office <lanhui at zjnu.edu.cn> for help.";
header("Location: index.php");
return;
}
}
// ############################### CREATE STUDENT USER ##################################
if (!empty($_POST["frm_signup_2"])) {
if (!empty($_POST["form_signup"])) {
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
$student_id = mysqli_real_escape_string($con, $_POST["user_student_id"]);
$email = mysqli_real_escape_string($con, $_POST["email"]);
@ -79,7 +77,7 @@ if (!empty($_POST["frm_signup_2"])) {
// check confirmed password
if (strcasecmp($password, $confirmpassword) != 0) {
$_SESSION['info_signup2'] = "Password confirmation failed.";
$_SESSION['info_signup'] = "Password confirmation failed.";
$_SESSION['user_fullname'] = null; // such that Header.php do not show the header information.
header("Location: signup.php");
return;
@ -87,7 +85,7 @@ if (!empty($_POST["frm_signup_2"])) {
// validate email
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$_SESSION['info_signup2'] = "Invalid email address.";
$_SESSION['info_signup'] = "Invalid email address.";
header("Location: signup.php");
return;
}
@ -100,16 +98,15 @@ if (!empty($_POST["frm_signup_2"])) {
// check for strong password
if (!$containsAll) {
$_SESSION['info_signup2'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and sepcial characters (e.g., !?.,*^).";
$_SESSION['info_signup'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and special characters (e.g., !?.,*^).";
header("Location: signup.php");
return;
}
// check if email is taken
$result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
if(mysqli_num_rows($result) != 0)
{
$_SESSION["info_signup2"]="Email address ".$email." is already in use.";
if (mysqli_num_rows($result) != 0) {
$_SESSION["info_signup"] = "Email address " . $email . " is already in use.";
$_SESSION['user_fullname'] = null;
header("Location: signup.php");
return;
@ -149,7 +146,7 @@ if (!empty($_POST["frm_login"])) {
$password = mysqli_real_escape_string($con, $_POST["password"]);
$result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')");
if (mysqli_num_rows($result) == 0) {
$_SESSION["info_login"] = "Inavlid user name information.";
$_SESSION["info_login"] = "Invalid user name information.";
echo $_SESSION["info_login"];
header("Location: index.php");
} else {
@ -198,7 +195,6 @@ if (!empty($_POST["frm_recover_password"])) {
// validate student number
if (strlen($student_id) != 12 || is_numeric($student_id) == FALSE) {
$_SESSION["info_recover_password"] = "Invalid student number.";
#echo "Invalid student number.";
header("Location: recover_password.php");
return;
}
@ -250,7 +246,7 @@ if (!empty($_POST["frm_reset_password"])) {
// Password Update
$hashed_password = hash('sha512', $password);
$sql = "UPDATE users_table set HashPassword='$hashed_password' where User_ID=$userid;";
$sql = "UPDATE users_table set HashPassword='$hashed_password' where User_ID='$userid';";
if ($con->query($sql) === TRUE) {
error_reporting(0);
@ -272,20 +268,22 @@ if (!empty($_POST["frm_createlecturrer"])) {
$email = mysqli_real_escape_string($con, $_POST["email"]);
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
$type = mysqli_real_escape_string($con, $_POST["type"]);
$password = $passport;
$password = mysqli_real_escape_string($con, $_POST["passport"]);
// check if email is taken
$result = mysqli_query($con,
"SELECT * FROM Users_Table WHERE email='$email'");
if(mysqli_num_rows($result)!=0)
{
$result = mysqli_query(
$con,
"SELECT * FROM Users_Table WHERE email='$email'"
);
if (mysqli_num_rows($result) != 0) {
$_SESSION["info_Admin_Users"] = "Email address : " . $email . " is already in use.";
header("Location: Admin.php");
}
$password_hash = password_hash("$password", PASSWORD_DEFAULT);
$sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
. "('$email','$password','$fullname','$type')";
. "('$email','$password_hash','$fullname','$type')";
if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"] = $type . " user Created successfully : email " . $email . " and $password as Password.";
$_SESSION["info_Admin_Users"] = $type . " user created successfully. Use email " . $email . " as account name and $password as password.";
header("Location: Admin.php");
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -302,7 +300,7 @@ function is_valid_file_format($file)
'cvc', 'c', 'class', 'cpp', 'h', 'java', 'sh', 'swift', 'zip', 'rar', 'ods', 'xlr', 'bak', 'ico', 'swf'
);
utf8_encode($filename = $_FILES[$file]['name']);
$filename = $_FILES[$file]['name'];
$ext = pathinfo($filename, PATHINFO_EXTENSION);
$result = in_array($ext, $allowed);
return $result;
@ -432,7 +430,7 @@ if (!empty($_POST["frm_uploadlab"])) {
$sql = "INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`,
`Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`,Marks,Type)
VALUES ('$course_id','$date','$deadline','$instructions','$title','$targetfile','$targetfile2','$targetfile3','$targetfile3',$marks,'$type')";
VALUES ('$course_id','$date','$deadline','$instructions','$title','$targetfile','$targetfile2','$targetfile3','$targetfile3','$marks','$type')";
if ($con->query($sql) === TRUE) {
@ -454,10 +452,8 @@ function checksize($file)
}
// ############################### Submit Assignment ##################################
if (!empty($_POST["frm_submitlab"])) {
/* Posting values to database */
$lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]);
$student_id = $_POST["student_id"];
$group_id = $_POST["group_id"];
@ -471,7 +467,7 @@ if (!empty($_POST["frm_submitlab"])) {
$date = date("Y-m-d H:i:s");
// GET UPLOADED FILES
$labName = mysqli_query($con, "SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID=$lab_id");
$labName = mysqli_query($con, "SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID='$lab_id'");
while ($row = mysqli_fetch_assoc($labName)) {
$lab_name = $row['Title'];
$_SESSION['Sub_Type'] = $row['Type']; // submission type, either Individual or Group
@ -554,19 +550,19 @@ if (!empty($_POST["frm_submitlab"])) {
$targetfile4 = "";
if (strlen($_FILES['attachment1']['name']) > 2) { // why greater than 2???
$targetfile = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment1']['name'];
$targetfile = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment1']['name']);
}
if (strlen($_FILES['attachment2']['name']) > 2) {
$targetfile2 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment2']['name'];
$targetfile2 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment2']['name']);
}
if (strlen($_FILES['attachment3']['name']) > 2) {
$targetfile3 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment3']['name'];
$targetfile3 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment3']['name']);
}
if (strlen($_FILES['attachment4']['name']) > 2) {
$targetfile4 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment4']['name'];
$targetfile4 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment4']['name']);
}
// When $group_id is not properly initialized, use integer 0 as its value.
@ -575,13 +571,13 @@ if (!empty($_POST["frm_submitlab"])) {
$group_id = 0; // FIXME
}
$sql1 = "DELETE FROM lab_report_submissions where Lab_Report_ID=$lab_id and Student_id=$student_id and Course_Group_id=$group_id";
$sql1 = "DELETE FROM lab_report_submissions where Lab_Report_ID='$lab_id' and Student_id='$student_id' and Course_Group_id='$group_id'";
if ($con->query($sql1) === TRUE) {
}
$sql = "INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`,"
. " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)"
. " VALUES ('$date',$lab_id,$student_id,$group_id,'$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4',"
. " VALUES ('$date','$lab_id','$student_id','$group_id','$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4',"
. "'Pending','$title','')";
if ($con->query($sql) === TRUE) {
@ -599,9 +595,9 @@ if (!empty($_POST["frm_submitlab"])) {
// JOIN COURSE
if (!empty($_GET["JoinCourse"])) {
$id = $_GET["id"];
$student_id = $_GET["std"];
$joining = $_GET["joining"];
$id = mysqli_real_escape_string($con, $_GET["id"]);
$student_id = mysqli_real_escape_string($con, $_GET["std"]);
$joining = mysqli_real_escape_string($con, $_GET["joining"]);
$status = "Pending";
if ($joining == 0) {
@ -628,12 +624,12 @@ if (!empty($_GET["JoinCourse"])) {
if (!empty($_GET["savemarks"])) {
$id = $_GET["id"];
$marks = $_GET["marks"];
$total = $_GET["total"];
$feedback = $_GET["feedback"];
$header = $_GET["header"];
$labid = $_GET["labid"];
$id = mysqli_real_escape_string($con, $_GET["id"]);
$marks = mysqli_real_escape_string($con, $_GET["marks"]);
$total = mysqli_real_escape_string($con, $_GET["total"]);
$feedback = mysqli_real_escape_string($con, $_GET["feedback"]);
$header = mysqli_real_escape_string($con, $_GET["header"]);
$labid = mysqli_real_escape_string($con, $_GET["labid"]);
$status = "Marked";
if ($marks > $total) {
@ -662,14 +658,14 @@ if (!empty($_GET["savemarks"])) {
#Update Report Visibility
if (!empty($_GET["updatevisibility"])) {
$id = $_GET["id"];
$marks = $_GET["marks"];
$total = $_GET["total"];
$status = $_GET["status"];
$header = $_GET["header"];
$labid = $_GET["labid"];
$id = mysqli_real_escape_string($con, $_GET["id"]);
$marks = mysqli_real_escape_string($con, $_GET["marks"]);
$total = mysqli_real_escape_string($con, $_GET["total"]);
$status = mysqli_real_escape_string($con, $_GET["status"]);
$header = mysqli_real_escape_string($con, $_GET["header"]);
$labid = mysqli_real_escape_string($con, $_GET["labid"]);
$sql = "UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID=$id
$sql = "UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID='$id'
";
if ($con->query($sql) === TRUE) {
@ -685,18 +681,18 @@ if (!empty($_GET["updatevisibility"])) {
if (!empty($_GET["remarking"])) {
$id = $_GET["id"];
$url = $_GET["url"];
$id = htmlspecialchars(mysqli_real_escape_string($con, $_GET["id"]));
$url = htmlspecialchars(mysqli_real_escape_string($con, $_GET["url"]));
$status = $_GET["status"];
$details = $_GET["details"];
$status = htmlspecialchars(mysqli_real_escape_string($con, $_GET["status"]));
$details = htmlspecialchars(mysqli_real_escape_string($con, $_GET["details"]));
$sql = "UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID=$id
$sql = "UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID='$id'
";
if ($con->query($sql) === TRUE) {
$_SESSION["info_ReMarking"] = "Remarking Request Sent";
$_SESSION["info_general"] = "Remarking Request Sent";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -707,13 +703,13 @@ if (!empty($_GET["remarking"])) {
if (!empty($_GET["creategroup"])) {
$student_id = $_GET["student_id"];
$url = $_GET["url"];
$id = $_GET["id"];
$name = $_GET["name"];
$student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$id = mysqli_real_escape_string($con, $_GET["id"]);
$name = mysqli_real_escape_string($con, $_GET["name"]);
$sql = "INSERT INTO `course_groups_table`(`Group_Name`,
`Group_Leader`, `Course_id`) VALUES ('$name',$student_id,$id)";
`Group_Leader`, `Course_id`) VALUES ('$name','$student_id','$id')";
if ($con->query($sql) === TRUE) {
@ -723,9 +719,9 @@ if (!empty($_GET["creategroup"])) {
}
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
VALUES ($gid,$student_id,'Created')";
VALUES ('$gid','$student_id','Created')";
if ($con->query($sql) === TRUE) {
$_SESSION["info_ReMarking"] = "Course group Created";
$_SESSION["info_general"] = "Course group Created";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -739,18 +735,25 @@ if (!empty($_GET["creategroup"])) {
if (!empty($_GET["groupinvite"])) {
$student_id = $_GET["student_id"];
$url = $_GET["url"];
$courseid = $_GET["courseid"];
$groupid = $_GET["groupid"];
$student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$courseid = mysqli_real_escape_string($con, $_GET["courseid"]);
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
$student = mysqli_query($con, "SELECT * FROM students_data WHERE Student_ID = '$student_id' ");
if (mysqli_num_rows($student) > 0) {
$result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
if (mysqli_num_rows($result) > 0) {
$_SESSION["info_ReMarking"] = $student_id . " has already been invited";
$_SESSION["info_general"] = $student_id . " has already been invited.";
header("Location: Course.php?url=" . $url);
} else {
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
VALUES ($groupid,$student_id,'Invited')";
VALUES ('$groupid','$student_id','Invited')";
}
} else {
$_SESSION["info_general"] = $student_id . " is an invalid student number.";
header("Location: Course.php?url=" . $url);
}
if ($con->query($sql) === TRUE) {
@ -768,26 +771,26 @@ if (!empty($_GET["groupinvite"])) {
if ($Group_Member == '0') {
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
$_SESSION["info_general"] = $student_id . " was invited to the group.";
header("Location: Course.php?url=" . $url);
} elseif ($Group_Member2 == '0') {
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member2` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
$_SESSION["info_general"] = $student_id . " was invited to the group.";
header("Location: Course.php?url=" . $url);
} elseif ($Group_Member3 == '0') {
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member3` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
$_SESSION["info_general"] = $student_id . " was invited to the group.";
header("Location: Course.php?url=" . $url);
} elseif ($Group_Member4 == '0') {
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member4` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
$_SESSION["info_general"] = $student_id . " was invited to the group.";
header("Location: Course.php?url=" . $url);
} else {
$_SESSION["info_ReMarking"] = " You cant add any more members";
$_SESSION["info_general"] = " You cannot add any more members";
header("Location: Course.php?url=" . $url);
}
}
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
$_SESSION["info_general"] = $student_id . " was invited to the group.";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -798,21 +801,57 @@ if (!empty($_GET["groupinvite"])) {
if (!empty($_GET["acceptinvite"])) {
$student_id = $_GET["student_id"];
$url = $_GET["url"];
$action = $_GET["action"];
$groupid = $_GET["groupid"];
$student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$action = mysqli_real_escape_string($con, $_GET["action"]);
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
if ($action == 1) {
$sql = "Update `course_group_members_table` set Status='Joined' where Course_Group_id =$groupid and student_id=$student_id
$sql = "Update `course_group_members_table` set Status='Joined' where Course_Group_id ='$groupid' and student_id='$student_id'
";
} else {
$sql = "Delete from `course_group_members_table` where Course_Group_id =$groupid and student_id=$student_id
$sql = "Delete from `course_group_members_table` where Course_Group_id ='$groupid' and student_id='$student_id'
";
}
if ($con->query($sql) === TRUE) {
$_SESSION["info_ReMarking"] = " Group Invite Updated";
$_SESSION["info_general"] = " Group Invite Updated";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
}
}
#Remove a member from group
if (!empty($_GET["removemember"])) {
$student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$group_id = mysqli_real_escape_string($con, $_GET["group_id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$sql = "Delete from `course_group_members_table` where student_id=$student_id and Course_Group_id=$group_id";
if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = " Member " . $student_id . " removed from the group";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
}
}
#Delete a whole group
if (!empty($_GET["deletegroup"])) {
$group_id = mysqli_real_escape_string($con, $_GET["group_id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$sql1 = "Delete from `course_group_members_table` where Course_Group_id=$group_id";
$sql2 = "Delete from `course_groups_table` where Course_Group_id=$group_id";
if ($con->query($sql1) === TRUE && $con->query($sql2) === TRUE) {
$_SESSION["info_general"] = " Group has been deleted successfully. ";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -823,22 +862,22 @@ if (!empty($_GET["acceptinvite"])) {
if (!empty($_GET["extenddeadline"])) {
$id = $_GET["id"];
$date = $_GET["date"];
$time = $_GET["time"];
$type = $_GET["type"];
$id = mysqli_real_escape_string($con, $_GET["id"]);
$date = mysqli_real_escape_string($con, $_GET["date"]);
$time = mysqli_real_escape_string($con, $_GET["time"]);
$type = mysqli_real_escape_string($con, $_GET["type"]);
$stdid = $_GET["stdid"];
$reason = $_GET["reason"];
$url = $_GET["url"];
$stdid = mysqli_real_escape_string($con, $_GET["stdid"]);
$reason = mysqli_real_escape_string($con, $_GET["reason"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$deadline = $date . " " . $time;
if ($type == 1) {
$sql = "UPDATE `lab_reports_table` SET `Deadline`='$deadline' WHERE Lab_Report_ID=$id";
$sql = "UPDATE `lab_reports_table` SET `Deadline`='$deadline' WHERE Lab_Report_ID='$id'";
} else {
$sql = "INSERT INTO `extended_deadlines_table`(`Student_ID`, "
. "`Lab_Report_ID`, `Extended_Deadline_Date`,"
. " `ReasonsForExtension`) VALUES ($stdid,$id,'$deadline','$reason')";
. " `ReasonsForExtension`) VALUES ('$stdid','$id','$deadline','$reason')";
}
if ($con->query($sql) === TRUE) {
@ -854,13 +893,13 @@ if (!empty($_GET["extenddeadline"])) {
if (!empty($_GET["ignoreremarking"])) {
$id = $_GET["id"];
$total = $_GET["total"];
$header = $_GET["header"];
$id = mysqli_real_escape_string($con, $_GET["id"]);
$total = mysqli_real_escape_string($con, $_GET["total"]);
$header = mysqli_real_escape_string($con, $_GET["header"]);
$subid = $_GET["subid"];
$subid = mysqli_real_escape_string($con, $_GET["subid"]);
$sql = "UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID=$subid";
$sql = "UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID='$subid'";
if ($con->query($sql) === TRUE) {
@ -875,10 +914,10 @@ if (!empty($_GET["ignoreremarking"])) {
if (!empty($_GET["assignTA"])) {
$id = $_GET["id"];
$ta = $_GET["ta"];
$id = mysqli_real_escape_string($con, $_GET["id"]);
$ta = mysqli_real_escape_string($con, $_GET["ta"]);
$sql = "INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ($id,$ta)";
$sql = "INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ('$id','$ta')";
if ($con->query($sql) === TRUE) {
@ -893,13 +932,13 @@ if (!empty($_GET["assignTA"])) {
if (!empty($_GET["AcceptStudent"])) {
$id = $_GET["id"];
$rs = $_GET["rs"];
$id = mysqli_real_escape_string($con, $_GET["id"]);
$rs = mysqli_real_escape_string($con, $_GET["rs"]);
if ($rs == "yes") {
$sql = "Update course_students_table set Status='Joined' Where ID=$id";
$sql = "Update course_students_table set Status='Joined' Where ID='$id'";
} else {
$sql = "Delete FROM course_students_table Where ID=$id";
$sql = "Delete FROM course_students_table Where ID='$id'";
}
if ($con->query($sql) === TRUE) {
@ -921,12 +960,12 @@ if (!empty($_GET["AcceptStudent"])) {
if (!empty($_GET["action"])) {
$action = $_GET["action"];
$uid = $_GET["uid"];
$uid = mysqli_real_escape_string($con, $_GET["uid"]);
$pass = $_GET["pass"];
$pass = mysqli_real_escape_string($con, $_GET["pass"]);
$pass = password_hash($pass, PASSWORD_DEFAULT);
$status = $_GET["status"];
$status = mysqli_real_escape_string($con, $_GET["status"]);
// validate uid
if (intval($uid) < 0) {
@ -934,8 +973,8 @@ if (!empty($_GET["action"])) {
return;
}
if ($action == "passchange") {
$sql = "UPDATE users_table set Password='$pass' where User_ID=$uid;";
if ($action == "passchange" && $_SESSION['user_id'] == $uid) {
$sql = "UPDATE users_table set Password='$pass' where User_ID='$uid';";
if ($con->query($sql) === TRUE) {
error_reporting(0);
echo "Password has been changed";
@ -948,8 +987,8 @@ if (!empty($_GET["action"])) {
}
}
if ($action == "statuschange") {
$sql = "UPDATE users_table set Status='$status' where User_ID=$uid;";
if ($action == "statuschange" && $_SESSION['user_id'] == $uid && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) {
$sql = "UPDATE users_table set Status='$status' where User_ID='$uid';";
if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"] = $type . " user Status updated successfully ";
header("Location: Admin.php");
@ -1009,8 +1048,8 @@ if (!empty($_POST["frm_createCourse"])) {
if (!empty($_GET["exportgrade"])) {
$lab = $_GET["lab"];
$lab_name = $_GET["lab_name"];
$lab = mysqli_real_escape_string($con, $_GET["lab"]);
$lab_name = mysqli_real_escape_string($con, $_GET["lab_name"]);
error_reporting(0);
@ -1022,7 +1061,7 @@ INNER JOIN lab_reports_table on lab_reports_table.Lab_Report_ID=lab_report_submi
INNER JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
WHERE lab_report_submissions.Lab_Report_ID=$lab";
WHERE lab_report_submissions.Lab_Report_ID='$lab'";
$export = mysqli_query($con, $select);
@ -1052,7 +1091,7 @@ WHERE lab_report_submissions.Lab_Report_ID=$lab";
}
header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename=$lab_name Garde Sheet.xls");
header("Content-Disposition: attachment; filename=$lab_name Grade Sheet.xls");
header("Pragma: no-cache");
header("Expires: 0");
print "$header\n$data";

2
Student.php
View File

@ -9,7 +9,7 @@ include 'Header.php';
<div class="row" style="width:80%;margin:auto;">
<div class="col-md-6">
<h1> STUEDNT Account Created , Now you can Browse Course Portals </h1>
<h1> Student Account Created. Now you can Browse Course Portals </h1>
</div>
</div>

21
Submissions.php
View File

@ -10,7 +10,7 @@ $group_id = $_SESSION["user_group_id"];
$c_date = date("Y-m-d H:i");
if (!empty($_GET["id"])) {
$id = $_GET["id"];
$id = mysqli_real_escape_string($con, $_GET["id"]);
$course_id = $id;
}
@ -139,7 +139,6 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
if (mysqli_num_rows($result1) == 0) {
echo "No Un-Marked Submissions for this Lab Report.";
} else {
$mark_submission_btn_counter = 0;
while ($row = mysqli_fetch_assoc($result1)) {
$title = $row['Title'];
$Marks = $row['Marks'];
@ -158,7 +157,6 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
$groupname = $row['Group_Name'];
$groupleader = $row['Group_Leader'];
$student_id = $row['sub_std'];
$mark_submission_btn_counter += 1;
if ($submitted_group == 0) {
$submitted_by = $student_name . "(" . $student_id . ")";
@ -185,8 +183,8 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
}
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> by: <b> $submitted_by </b>
<br> <span style='font-size:8pt'>Submitted : $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)' id='mark_submission_btn_$mark_submission_btn_counter'> Mark Submission</button><br> Attachments : $full_link </span>
$title <br> by: <b> <span class = 'text-selectable'>$submitted_by </span> </b>
<br> <span style='font-size:8pt'>Submitted : $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark Submission</button><br> Attachments : $full_link </span>
</div></k>";
}
}
@ -264,8 +262,13 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Marked' Order by lab
if ($att4 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
}
// you will notice why i used span here to wrap the $submitted_by variable
// because if we wrap with span , the css class text-selectable can be used only by the submittedBy variable
// if you want to use text-selectable class on whole div, just call the css class
echo " <k href='#'> <div class='btn btn-default break-word ' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> by : <b> $submitted_by &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> &nbsp; Visibility : <b>$Visibility </b> <button class='btn-sm btn-success' style='margin-left:50px;' onclick='updatev($Submission_ID)'>Update visibility</button>
$title <br> by : <b> <span class = 'text-selectable'>$submitted_by </span> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> &nbsp; Visibility : <b>$Visibility </b> <button class='btn-sm btn-success' style='margin-left:50px;' onclick='updatev($Submission_ID)'>Update visibility</button>
<hr> Lecturer/TA notes : $notes<br> <span style='font-size:8pt'>Submitted : $posted <b> </b> <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Re-Mark Submission</button><br> Attachments : $full_link </span>
</div></k>";
}
@ -344,7 +347,7 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
}
echo " <k href='#'> <div class='btn btn-default break-word ' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> by : <b> $submitted_by &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> <br> Remarking Reason : <b>$remarking_reason </b>
$title <br> by : <b> <span class = 'text-selectable'>$submitted_by </span> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> <br> Remarking Reason : <b>$remarking_reason </b>
<hr> <span style='font-size:8pt'>Submitted : $posted <b> </b> "
. "<button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Re-Mark Submission</button>"
. " &nbsp; &nbsp;&nbsp;&nbsp;<a href='~\..\Script.php?ignoreremarking=yes&id=$id&subid=$Submission_ID&header=$header&total=$total&status=Marked' class='btn-sm btn-warning'> Ignore Request </a>"
@ -421,8 +424,8 @@ where course_group_members_table.Course_Group_id=$id");
try {
$('<form id="submit-form" method="get" action="Script.php">' + title + '(' + marks + ' marks) <input type="hidden" name="savemarks" value="true">\n\
<input type="hidden" name="total" value="' + marks + '" > <input type="hidden" name="id" value="' + id + '" ><br> Marks <input type="text" name="marks" id="marks">\n\
Comments <textarea name="feedback" id="feedback"></textarea> \n\
<input type="hidden" name="total" value="' + marks + '" > <input type="hidden" name="id" value="' + id + '" ><br> Marks <input type="text" name="marks">\n\
Comments <textarea name="feedback"></textarea> \n\
<input type="hidden" name="labid" value="<?php echo $course_id; ?>"> <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({
modal: true,
title: 'Mark Submission',

28
SubmitLab.php
View File

@ -9,18 +9,22 @@ include 'Header.php';
<div class='row' style='width:80%;margin:auto;'>
<?php
$c_date = date("Y-m-d H:i");
$student_id = $_SESSION["user_student_id"];
if (!empty($_GET["id"])) {
$id = $_GET["id"];
$url = $_GET["url"];
if(!empty($_GET["id"]))
{
$id = mysqli_real_escape_string($con, $_GET["id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$result1 = mysqli_query($con," SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and Deadline > '$c_date' ORDER by Lab_Report_ID DESC");
if (mysqli_num_rows($result1) == 0) {
if(mysqli_num_rows($result1) == 0)
{
echo "No active assignments for this course so far.";
} else {
while($row = mysqli_fetch_assoc($result1)) {
@ -44,12 +48,14 @@ include 'Header.php';
$_SESSION["Group_ID"] = $row['Course_Group_id'];
}
if ($_SESSION["Group_ID"] < 1) {
if($_SESSION["Group_ID"] < 1)
{
echo" <center><h3> This Lab report can only be submitted by Group Admin </h3> </center> ";
return;
}
}
$full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
if($att2!=""){
@ -80,6 +86,9 @@ include 'Header.php';
</div>
<div style="width:80%;margin:auto;">
<h3> Submit Lab Report Assignment </h3>
@ -88,7 +97,8 @@ include 'Header.php';
<div class="col-md-6">
<form method='post' enctype='multipart/form-data' action='Script.php' id="submit_lab_report_form">
<form method='post' enctype='multipart/form-data' action='Script.php'>
<input type='hidden' name='frm_submitlab' value='true' required=''/>
<input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/>
<input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/>
@ -96,10 +106,10 @@ include 'Header.php';
<input type='hidden' name='url' value='<?php echo $url; ?>' required=''/>
Title
<input type='text' name='title' placeholder='Ttle' class='form-control' required='' id="title">
<input type='text' name='title' placeholder='Ttle' class='form-control' required=''>
Attachment 1
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required='' id="attachment1">
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
Attachment 2
<input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
@ -115,7 +125,7 @@ include 'Header.php';
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
<br>
<input type='submit' class='btn btn-primary' value='Submit Lab Assignment' id="submit_lab_assignment_btn"><br>
<input type='submit' class='btn btn-primary' value='Submit Lab Assignment'><br>
</form>
</div>

5
batch_insert.php
View File

@ -19,7 +19,7 @@ if (!$conn) {
}
//获得用户名数据
$source = $_POST['users'];
$source = mysqli_real_escape_string($conn,$_POST['users']);
//如有多个空格,删除剩一个空格
$source1 = preg_replace('/\s\s+/', ' ', $source);
@ -31,13 +31,12 @@ $source2 = trim($source1);
//根据空格拆分
$user = explode(' ', $source2);
//插入数据
for($index=0; $index < count($user); $index++) {
$result = mysqli_query($conn, "SELECT * FROM `students_data` WHERE Student_ID='$user[$index]'");
if (mysqli_num_rows($result) < 1) {
if (! mysqli_query($conn, "REPLACE INTO `students_data`(`Student_ID`, `Passport_Number`) VALUES('$user[$index]', '')" ) ) {
echo "SQL Error: " . $sql_stmt . "<br>" . mysqli_error($conn);
echo "SQL Error: " . $sql_stmt . "<br>" .htmlspecialchars(mysqli_error($conn));
} else {
echo "<p>Student number $user[$index] added.</p>";
}

11
css/main.css Normal file
View File

@ -0,0 +1,11 @@
/* this css class is used to enable copying in text with the mouse. */
.text-selectable {
-webkit-user-select: text;
-moz-user-select: text;
-ms-user-select: text;
user-select: text;
cursor:auto
}

7
doc/UserDoc.md
View File

@ -17,5 +17,10 @@ After that, issue the following commands in the mysql prompt.
The first one uses a database called lrr in MySQL. The second one deletes a record from `users_table` where the student number is 201131129138.
Increasing session duration
-------------------
*Last modified on 1 June 2020 by Hui*
By default, the session duration in PHP is set to 1,440 seconds (24 minutes). However, this is not convenient in most software systems. Therefore, we may need to increase the duration to allow users to have more session time. To increase the session duration, we need to edit the variable *session.gc_maxlifetime* in **php.ini**. We can increase its default value to whatever we want (e.g., 7200).
On Ubuntu, the file is located at */etc/php/7.2/apache2/php.ini*. On XAMPP, the file is located at */xampp/php/php.ini*.
*Last modified on 20 April 2022 by Umar*

2
index.php
View File

@ -82,7 +82,7 @@ if (isset($_SESSION["user_fullname"])) {
<div id="footer">
LRR was originally developed as a <a href="http://lanlab.org/course/2018f/se/homepage.html" style="color:white;">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi. Please submit your suggestions or bug reports to lanhui _at_ zjnu.edu.cn. Last updated on 18/04/2020 by Ashly. <a href="./homepage" style="color:white;">More information ...</a>
LRR was originally developed as a <a href="http://lanlab.org/course/2018f/se/homepage.html" style="color:white;">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi. Please submit your suggestions or bug reports to lanhui. Last updated on 18/04/2020 by Ashly. <a href="./homepage" style="color:white;">More information ...</a>
</div>
</body>

8
logout.php
View File

@ -1,11 +1,11 @@
<?php
// Destory sessions & redirect to index
session_destroy();
session_unset();
// Start a new session
session_start();
// Destory sessions & redirect to index
session_destroy();
session_unset();
// Generate a new session ID
session_regenerate_id(true);

6
recover_password.php
View File

@ -27,9 +27,9 @@ include 'Header.php';
<div class="panel-body">
<form method="post" action="Script.php">
<input type="hidden" name="frm_recover_password" value="true"/>
Student number <input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo $_SESSION['student_number']; ?>">
Student number <input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['student_number']); ?>">
<br/>
Email <input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo $_SESSION['user_email']; ?>">
Email <input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['user_email']); ?>">
<br/>
<input type="submit" class="btn-primary" value="Recover">
@ -38,7 +38,7 @@ include 'Header.php';
<?php
if(isset($_SESSION['info_recover_password'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_recover_password'].'</div>';
echo '<hr><div class="alert alert-danger" role="alert">'.htmlspecialchars($_SESSION['info_recover_password']).'</div>';
$_SESSION['info_recover_password']=null;
}

8
signup.php
View File

@ -18,7 +18,7 @@ include 'Header.php';
<div class="panel-body">
<form method="post" action="Script.php" id="signup_form">
<input type="hidden" name="frm_signup_2" value="true" />
<input type="hidden" name="form_signup" value="true" />
Full Name
<input type="text" name="fullname" placeholder="Your full name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>" required="required" id="full_name"/>
@ -37,9 +37,9 @@ include 'Header.php';
<input type="submit" class="btn-primary" value="Sign up" id="signup_btn">
<?php
error_reporting(E_ALL);
if (isset($_SESSION['info_signup2'])) {
echo '<hr><div class="alert alert-danger" role="alert">' . $_SESSION['info_signup2'] . '</div>';
$_SESSION['info_signup2'] = null;
if (isset($_SESSION['info_signup'])) {
echo '<hr><div class="alert alert-danger" role="alert">' . $_SESSION['info_signup'] . '</div>';
$_SESSION['info_signup'] = null;
}
?>
</form>