From 1abe47788c906bf43f1cead0a7e9493abbd41f1a Mon Sep 17 00:00:00 2001
From: Hui Lan <lanhui@zjnu.edu.cn>
Date: Tue, 29 Sep 2020 17:38:14 +0800
Subject: [PATCH] Bug fixes for bug reports from 2020-09-24 to 2020-09-29.

---
 Course.php  | 10 +++++---
 Courses.php | 73 ++++++++++++++++++++++++++++-------------------------
 Script.php  | 15 +++++++----
 index.php   |  4 +--
 logout.php  |  4 +--
 signup.php  | 24 ++++++++++--------
 6 files changed, 73 insertions(+), 57 deletions(-)

diff --git a/Course.php b/Course.php
index 4964d1a..5485be5 100644
--- a/Course.php
+++ b/Course.php
@@ -1,4 +1,3 @@
-
 <?php
 $page='Courses+';
 include 'Header.php';
@@ -235,7 +234,12 @@ if(mysqli_num_rows($result)==0)
        </div>
    <div id="menu3" class="container tab-pane"><br>
          <?php
-         $group_id=$_SESSION['group_id'];
+
+
+$group_id = $_SESSION['group_id'];
+if($group_id==""){$group_id=-1;}  // This fixes "Submitted report not shown" http://118.25.96.118/bugzilla/show_bug.cgi?id=176
+
+
 $resultx  = mysqli_query($con,"SELECT Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
          FROM `lab_reports_table`
          
@@ -243,7 +247,7 @@ $resultx  = mysqli_query($con,"SELECT Lab_Report_ID,Marks, `Course_ID`, `Posted_
          . " where Status='Pending' and (Student_id=$student_id or Course_Group_id=$group_id)  and Course_ID=$course_id) ORDER by Lab_Report_ID DESC");
 if(mysqli_num_rows($resultx)==0)
     {
-     echo "You have  no Lab report submissions in this course";
+     echo "You have no lab report submissions in this course.";
      
     } else { while($row = mysqli_fetch_assoc($resultx)) {
       $lab_repo_id=$row['Lab_Report_ID'];
diff --git a/Courses.php b/Courses.php
index f695743..446064b 100644
--- a/Courses.php
+++ b/Courses.php
@@ -1,6 +1,3 @@
-
-
-
 <?php
 
 
@@ -100,7 +97,7 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
                   
                         <div class='alert> <a href='~\..\Courses.php?course=$url'>   <div class='panel'>
   ($code) - $name 
-   <br> <span style='font-size:8pt'>Faculty : $faculty  Year :   $academic  Lecturer  :$lecturer </span>
+   <br> <span style='font-size:8pt'>Faculty: $faculty | Year: $academic | Lecturer: $lecturer </span>
 </div></a>
                         <hr></div></div> <div class='row' style='width:80%;margin:auto; text-align:left;'>
  ";
@@ -108,7 +105,7 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
                  echo "<div class='col-md-5'>";
                 }
     
-// ------------------------------Editing Lab Assignment by Lecture------------------------------------
+// ------------------------------Editing Lab Assignment by Lecturer ------------------------------------
 
 
     if($_GET['act']=="edit"){ 
@@ -117,41 +114,42 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
 
     while($row1 = mysqli_fetch_assoc($result1)) {
       $Deadline = $row1['Deadline'];
-      // $datetime = explode(" ", $Deadline);  explode() is another famous way of spliting a string from the database
-      // $_SESSION['Date'] = $datetime[0];
-      // $_SESSION['Time'] = $datetime[1];
-      $_SESSION['Date'] = strstr($Deadline, ' ', true);
-      $_SESSION['Time'] = strstr($Deadline, ' ');
-      $_SESSION['Instructions']=$row1['Instructions'];
-      $_SESSION['Title']=$row1['Title'];
-      $_SESSION['Marks']=$row1['Marks'];
-      $_SESSION['Type']=$row1['Type'];
-
+      $_SESSION['Date'] = trim( strstr($Deadline, ' ', true) );
+      $_SESSION['Time'] = trim( strstr($Deadline, ' ') );
+      $_SESSION['Instructions'] = $row1['Instructions'];
+      $_SESSION['Title'] = $row1['Title'];
+      $_SESSION['Marks'] = $row1['Marks'];
+      $_SESSION['Type'] = $row1['Type'];
     }
-  if(isset($_POST['frm_uploadlab'])){
-    $deadlinedate=$_POST["deadlinedate"];
-    $deadlinetime=$_POST["deadlinetime"];
-    $instructions=$_POST["instructions"];
-    $title=$_POST["title"];
-    $marks=$_POST["marks"];
-    $Deadline = $deadlinedate." ".$deadlinetime;
-    $date=  date("Y-m-d H:i");
     
-    $sql = "UPDATE `lab_reports_table` SET `Deadline` = ('" . $Deadline . "'), `Instructions` = ('" . $instructions . "'), `Title` = ('" . $title . "'), `Marks` = ('" . $marks . "') WHERE `lab_reports_table`.`Lab_Report_ID` = '$getid'";
+  if(isset($_POST['frm_uploadlab'])){
+    $deadlinedate = trim( $_POST["deadlinedate"] ); // remove spaces
+    $deadlinetime = trim( $_POST["deadlinetime"] ); // remove spaces
+    $instructions = $_POST["instructions"];
+    $title = $_POST["title"];
+    $marks = $_POST["marks"];
+    $type  = $_POST["type"];
+    $Deadline = $deadlinedate." ".$deadlinetime;
+    $date =  date("Y-m-d H:i");
+    
+    $sql = "UPDATE `lab_reports_table` SET `Deadline` = ('" . $Deadline . "'), `Instructions` = ('" . $instructions . "'), `Title` = ('" . $title . "'), `Marks` = ('" . $marks . "'), `Type` = ('" . $type . "') WHERE `lab_reports_table`.`Lab_Report_ID` = '$getid'";
     if ($con->query($sql) === TRUE) {
-      $_SESSION["info_Updated"]="Information Updated Successfull";
+      $_SESSION["info_Updated"]="Assignment information updated successfully.";
        
    } else {
-       echo "Error: " . $sql . "<br>" . $con->error;
+       // echo "Error: " . $sql . "<br>" . $con->error;
+       echo "Serious error happened whiling updating assignment information.";
    }
   }
+  
   if( $_SESSION['user_type']=="Lecturer"){   
-    $Date=$_SESSION['Date'];
-    $Time=$_SESSION['Time'];
-    $Instructions=$_SESSION['Instructions'];
-    $Title=$_SESSION['Title'];
-    $Marks=$_SESSION['Marks'];
-     
+    $Date = $_SESSION['Date'];
+    $Time = $_SESSION['Time'];
+    $Instructions = $_SESSION['Instructions'];
+    $Title = $_SESSION['Title'];
+    $Marks = $_SESSION['Marks'];
+    $Type = $_SESSION['Type'];
+    
    echo "  <h3><a href='Courses.php?course=".$url."'> Editing Lab Assignment </a></h3>";
       ?> 
       <form method='post'   enctype='multipart/form-data' action=''>
@@ -184,9 +182,16 @@ Attachment 3
 Attachment 4
 <input type='file'  name='attachment4' placeholder='Attachment 4' class='form-control' >
 <br>
-Submission Type  <input type='radio' name='type' value='Individual' required=''> Invidual
 
-<input type='radio' name='type' required='' value='Group'> Group
+<?php
+if ($Type == "Individual") {
+  echo "Submission Type  <input type='radio' name='type' value='Individual' checked /> Invidual  <input type='radio' name='type' value='Group' /> Group";
+} else {
+  echo "Submission Type  <input type='radio' name='type' value='Individual' /> Invidual  <input type='radio' name='type' value='Group' checked> Group";
+}		 
+?>
+
+
 <hr>
 <input type='submit' class='btn btn-primary' value='Post Lab Assignment'><br>
 </form><br><br><br><br>
diff --git a/Script.php b/Script.php
index 144729a..84b568c 100644
--- a/Script.php
+++ b/Script.php
@@ -105,9 +105,12 @@ if (!empty($_POST["frm_signup_1"])) {
        $_SESSION['user_fullname'] = $fullname;
        $_SESSION['user_type'] = "Student";
        $_SESSION['user_email'] = $email;
+
     // check confirmed password
     if ( strcasecmp( $password, $confirmpassword ) != 0 ){
         $_SESSION['info_signup2']="Password confirmation failed.";
+	$_SESSION['user_fullname'] = null;
+	$_SESSION['user_type'] = null;
         header("Location: signup.php");
         return;
     }
@@ -119,15 +122,15 @@ if (!empty($_POST["frm_signup_1"])) {
       return;
    }
    
-   $upperLetter  = preg_match('@[A-Z]@',    $password);
-   $smallLetter  = preg_match('@[a-z]@',    $password);
+   $upperLetter     = preg_match('@[A-Z]@',    $password);
+   $smallLetter     = preg_match('@[a-z]@',    $password);
    $containsDigit   = preg_match('@[0-9]@', $password);
    $containsSpecial = preg_match('@[^\w]@', $password);
    $containsAll = $upperLetter && $smallLetter && $containsDigit && $containsSpecial;
 
    // check for strong password
-   if($containsAll < 8) {
-      $_SESSION['info_signup2']="Password must have at least characters that include letters, numbers and sepcial characters.";
+   if(! $containsAll) {
+      $_SESSION['info_signup2'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and sepcial characters (e.g., !?.,*^).";
       header("Location: signup.php");
       return;
     }
@@ -136,7 +139,9 @@ if (!empty($_POST["frm_signup_1"])) {
         "SELECT * FROM Users_Table WHERE email='$email'");
    if(mysqli_num_rows($result)!=0)
     {
-        $_SESSION["info_signup2"]="Email adress : ".$email."  already in use.";
+        $_SESSION["info_signup2"]="Email adress ".$email."  already in use.";
+	$_SESSION['user_fullname'] = null;
+	$_SESSION['user_type'] = null;	
         header("Location: signup.php"); 
         return;       
     }
diff --git a/index.php b/index.php
index bc59142..72594c3 100644
--- a/index.php
+++ b/index.php
@@ -35,10 +35,10 @@ session_start();
 <form method="post" action="Script.php" name="frm_login">
        <input type="hidden" name="frm_login" value="true"/>
 Student ID / Email
-<input type="text" name="user" placeholder="Email / Student Number" class="form-control">
+<input type="text" name="user" placeholder="Email / Student Number" class="form-control" required="required" />
  
   Password
-<input type="password" class="form-control"  name="password" placeholder="password">
+<input type="password" class="form-control"  name="password" placeholder="password" required="required" />
   <br> 
   <input type="submit" class="btn btn-primary" value="Login"><br> <a href="recover_password.php" style="font-weight:normal;color:orange">Reset my password</a>
 
diff --git a/logout.php b/logout.php
index 7818fe0..d09c644 100644
--- a/logout.php
+++ b/logout.php
@@ -1,8 +1,8 @@
 <?php
 
-// Destory sessions & refiret to index
+// Destory sessions & redirect to index
 
-   session_destroy();   
+    session_destroy();   
     session_unset();
     // Start a new session
 session_start();
diff --git a/signup.php b/signup.php
index 27b9c89..9817d02 100644
--- a/signup.php
+++ b/signup.php
@@ -6,7 +6,6 @@
  * and open the template in the editor.
  */
 
-
 include 'Header.php';
 
 ?>
@@ -21,27 +20,30 @@ include 'Header.php';
 <div class="list-group-item">
 
     <div class="panel-body">
+
+
 <form method="post" action="Script.php" >
       <input type="hidden" name="frm_signup_2" value="true"/>
        Full Name
-       <input type="text" name="fullname" placeholder="Your Full Name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>">
+       <input type="text" name="fullname" placeholder="Your Full Name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>"  required="required"/>
 
- Email
-<input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>">
+       Email
+       <input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>"  required="required" />
  
-  Password
-<input type="password" class="form-control"  name="password" placeholder="password">
- Confirm Password
-<input type="password" class="form-control"  name="confirmpassword" placeholder="Confirm password">
-  <br>
-<input type="submit" class="btn btn-primary" value="Sign up">
+       Password
+       <input type="password" class="form-control"  name="password" placeholder="password" required="required" />
 
+       Confirm Password
+       <input type="password" class="form-control"  name="confirmpassword" placeholder="Confirm password" required="required" />
+       <br>
+       <input type="submit" class="btn btn-primary" value="Sign up">
 <?php 
 
+
 error_reporting(E_ALL);
 if(isset($_SESSION['info_signup2'])) {
   echo  '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_signup2'].'</div>';
-  $_SESSION['info_signup2']=null;
+  $_SESSION['info_signup2'] = null;
 }
 
 ?>