From ada55d339479ce90b9bf2c7c92cf067c67afa72a Mon Sep 17 00:00:00 2001 From: Hui Lan Date: Fri, 2 Oct 2020 17:02:20 +0800 Subject: [PATCH] [Refactoring] Particularly make the SQL statement that shows new assigmments in Coruse.php less messy. --- Admin.php | 9 +- Course.php | 930 +++++++++--------- Courses.php | 974 ++++++++----------- Download.php | 37 + Header.php | 85 +- NoDirectPhpAcess.php | 7 + Script.php | 2182 ++++++++++++++++++------------------------ Submissions.php | 680 ++++++------- SubmitLab.php | 204 ++-- index.php | 175 ++-- recover_password.php | 4 + signup.php | 57 +- 12 files changed, 2357 insertions(+), 2987 deletions(-) create mode 100644 Download.php create mode 100644 NoDirectPhpAcess.php diff --git a/Admin.php b/Admin.php index 4982a35..b8bb7ba 100644 --- a/Admin.php +++ b/Admin.php @@ -1,3 +1,8 @@ + + + -->
-

User account Management


+

User Account Management


Lecturer / TA Accounts
@@ -359,4 +364,4 @@ echo " - Courses > $name ($code) > Lab Reports -
Faculty: $faculty | Year: $academic | Lecturer: $lecturer - - -
- "; - - }} - } + Courses > $name ($code) > Lab Reports
Faculty: $faculty | Year: $academic | Lecturer: $lecturer + "; + } else { + $ta_name = ""; + while ($row = mysqli_fetch_assoc($ta_result)) { + $ta_name = $ta_name.$row['Full_Name']." "; + } + $ta_name = trim ($ta_name); + echo "
+ Courses > $name ($code) > Lab Reports
Faculty: $faculty | Year: $academic | Lecturer: $lecturer | Teaching Assistant: $ta_name +
"; + } + } + } +} ?> +
- '; - $_SESSION['info_ReMarking']=null; + $_SESSION['info_ReMarking']=null; } - if (isset($_SESSION['info_courses'])) { +if (isset($_SESSION['info_courses'])) { echo '
'; - $_SESSION['info_courses']=null; + $_SESSION['info_courses']=null; } - ?> +?>
@@ -58,116 +74,116 @@ include 'Header.php'; +
+
-?> -
- -
- - - -
+
- -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- -
+

Class Groups

- Create Group"; + echo " "; ?> -
- + Invite Others"; + $extra=" - Invite Others"; - if($status=="Invited") - { - $extra2=" Accept"; - $extra3=" Decline"; + if($status=="Invited") + { + $extra2=" Accept"; + $extra3=" Decline"; - } - echo "
$name ($status) $extra $extra2 $extra3
"; + } + echo "
$name ($status) $extra $extra2 $extra3
"; - $rs2=mysqli_query($con,"SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID, + $rs2=mysqli_query($con,"SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID, course_group_members_table.`Status`,users_table.Full_Name FROM `course_group_members_table` INNER JOIN users_table on users_table.Student_ID=course_group_members_table.Student_ID where course_group_members_table.Course_Group_id=$id"); - while($row = mysqli_fetch_assoc($rs2)) { - $name=$row['Full_Name']; - $id=$row['Course_Group_id']; - $status=$row['Status']; - $Student_ID=$row['Student_ID']; + while($row = mysqli_fetch_assoc($rs2)) { + $name=$row['Full_Name']; + $id=$row['Course_Group_id']; + $status=$row['Status']; + $Student_ID=$row['Student_ID']; - echo "
  • $name-$Student_ID ($status)
  • "; + echo "
  • $name-$Student_ID ($status)
  • "; - } + } @@ -586,72 +557,25 @@ where course_group_members_table.Course_Group_id=$id"); - } } - ?> + } + ?> -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +
    + + + +} +include 'Footer.php'; +?> @@ -659,114 +583,114 @@ where course_group_members_table.Course_Group_id=$id"); + diff --git a/Courses.php b/Courses.php index 446064b..5005494 100644 --- a/Courses.php +++ b/Courses.php @@ -1,49 +1,45 @@ + + + - + -
    +
    - - - + + + - + -
    @@ -102,224 +98,224 @@ New Date/Time
    "; - echo "
    "; + echo "
    "; + } + + // ------------------------------Editing Lab Assignment by Lecturer ------------------------------------ + + + if($_GET['act']=="edit"){ + $getid = $_GET["cid"]; + $result1 = mysqli_query($con, "SELECT * from lab_reports_table WHERE Lab_Report_ID = '$getid'"); + + while($row1 = mysqli_fetch_assoc($result1)) { + $Deadline = $row1['Deadline']; + $_SESSION['Date'] = trim( strstr($Deadline, ' ', true) ); + $_SESSION['Time'] = trim( strstr($Deadline, ' ') ); + $_SESSION['Instructions'] = $row1['Instructions']; + $_SESSION['Title'] = $row1['Title']; + $_SESSION['Marks'] = $row1['Marks']; + $_SESSION['Type'] = $row1['Type']; } -// ------------------------------Editing Lab Assignment by Lecturer ------------------------------------ - - - if($_GET['act']=="edit"){ - $getid = $_GET["cid"]; - $result1 = mysqli_query($con, "SELECT * from lab_reports_table WHERE Lab_Report_ID = '$getid'"); - - while($row1 = mysqli_fetch_assoc($result1)) { - $Deadline = $row1['Deadline']; - $_SESSION['Date'] = trim( strstr($Deadline, ' ', true) ); - $_SESSION['Time'] = trim( strstr($Deadline, ' ') ); - $_SESSION['Instructions'] = $row1['Instructions']; - $_SESSION['Title'] = $row1['Title']; - $_SESSION['Marks'] = $row1['Marks']; - $_SESSION['Type'] = $row1['Type']; - } + if(isset($_POST['frm_uploadlab'])){ + $deadlinedate = trim( $_POST["deadlinedate"] ); // remove spaces + $deadlinetime = trim( $_POST["deadlinetime"] ); // remove spaces + $instructions = $_POST["instructions"]; + $title = $_POST["title"]; + $marks = $_POST["marks"]; + $type = $_POST["type"]; + $Deadline = $deadlinedate." ".$deadlinetime; + $date = date("Y-m-d H:i"); - if(isset($_POST['frm_uploadlab'])){ - $deadlinedate = trim( $_POST["deadlinedate"] ); // remove spaces - $deadlinetime = trim( $_POST["deadlinetime"] ); // remove spaces - $instructions = $_POST["instructions"]; - $title = $_POST["title"]; - $marks = $_POST["marks"]; - $type = $_POST["type"]; - $Deadline = $deadlinedate." ".$deadlinetime; - $date = date("Y-m-d H:i"); - - $sql = "UPDATE `lab_reports_table` SET `Deadline` = ('" . $Deadline . "'), `Instructions` = ('" . $instructions . "'), `Title` = ('" . $title . "'), `Marks` = ('" . $marks . "'), `Type` = ('" . $type . "') WHERE `lab_reports_table`.`Lab_Report_ID` = '$getid'"; - if ($con->query($sql) === TRUE) { - $_SESSION["info_Updated"]="Assignment information updated successfully."; + $sql = "UPDATE `lab_reports_table` SET `Deadline` = ('" . $Deadline . "'), `Instructions` = ('" . $instructions . "'), `Title` = ('" . $title . "'), `Marks` = ('" . $marks . "'), `Type` = ('" . $type . "') WHERE `lab_reports_table`.`Lab_Report_ID` = '$getid'"; + if ($con->query($sql) === TRUE) { + $_SESSION["info_Updated"]="Assignment information updated successfully."; - } else { - // echo "Error: " . $sql . "
    " . $con->error; - echo "Serious error happened whiling updating assignment information."; - } - } + } else { + // echo "Error: " . $sql . "
    " . $con->error; + echo "Serious error happened whiling updating assignment information."; + } + } - if( $_SESSION['user_type']=="Lecturer"){ - $Date = $_SESSION['Date']; - $Time = $_SESSION['Time']; - $Instructions = $_SESSION['Instructions']; - $Title = $_SESSION['Title']; - $Marks = $_SESSION['Marks']; - $Type = $_SESSION['Type']; + if( $_SESSION['user_type']=="Lecturer"){ + $Date = $_SESSION['Date']; + $Time = $_SESSION['Time']; + $Instructions = $_SESSION['Instructions']; + $Title = $_SESSION['Title']; + $Marks = $_SESSION['Marks']; + $Type = $_SESSION['Type']; - echo "

    Editing Lab Assignment

    "; - ?> -
    - - - + echo "

    Editing Lab Assignment

    "; + ?> + + + + -Dealine Date/Time -
    -
    ">
    -
    ">
    -
    + Dealine Date/Time +
    +
    ">
    +
    ">
    +
    -Title -"> -Instructions - -Marks -"> -Attachment 1 - + Title + "> + Instructions + + Marks + "> + Attachment 1 + -Attachment 2 - + Attachment 2 + -Attachment 3 - + Attachment 3 + -Attachment 4 - -
    + Attachment 4 + +
    Invidual Group"; -} else { - echo "Submission Type Invidual Group"; -} -?> + if ($Type == "Individual") { + echo "Submission Type Invidual Group"; + } else { + echo "Submission Type Invidual Group"; + } + ?> -
    -
    -




    +
    +
    +



    + ?> -

    Post new Lab Assignment

    +

    Post new Lab Assignment

    -
    - - - - + + + + + - Dealine Date/Time -
    -
    -
    -
    + Dealine Date/Time +
    +
    +
    +
    -Title - - Instructions - -Marks - - Attachment 1 - + Title + + Instructions + + Marks + + Attachment 1 + - Attachment 2 - + Attachment 2 + - Attachment 3 - + Attachment 3 + - Attachment 4 - -
    -Submission Type Invidual + Attachment 4 + +
    + Submission Type Invidual - Group -
    -
    -




    - Group +
    +
    +



    +"; + } + echo "
    "; - echo "

    Lab Report Assignment list

    "; + echo "

    Lab Report Assignment list

    "; - error_reporting(0); - if(isset($_SESSION["info_Updated"])){ - echo '
    '; - $_SESSION['info_Updated'] = null; - } -if (isset($_SESSION['info_courses'])) { - echo '
    '; - $_SESSION['info_courses'] = null; -} -if (isset($_SESSION['info_courses'])) { - echo '
    '; - $_SESSION['info_courses']=null; -} + error_reporting(0); + if(isset($_SESSION["info_Updated"])){ + echo '
    '; + $_SESSION['info_Updated'] = null; + } + if (isset($_SESSION['info_courses'])) { + echo '
    '; + $_SESSION['info_courses'] = null; + } + if (isset($_SESSION['info_courses'])) { + echo '
    '; + $_SESSION['info_courses']=null; + } - $result = mysqli_query($con," SELECT `Lab_Report_ID`,Type,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, " - . "`Attachment_link_4` FROM `lab_reports_table` WHERE Course_ID=$id ORDER by Lab_Report_ID DESC"); + $result = mysqli_query($con," SELECT `Lab_Report_ID`,Type,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, " + . "`Attachment_link_4` FROM `lab_reports_table` WHERE Course_ID=$id ORDER by Lab_Report_ID DESC"); - if( $_SESSION['user_type']=="TA") + if( $_SESSION['user_type']=="TA") { - echo "* Only Lecturers can Post new Lab report Assignments
    "; + echo "*Only Lecturer can post a new lab report assignment
    "; } - if(mysqli_num_rows($result)==0) - { - echo "No assignments posted so far."; + if(mysqli_num_rows($result)==0) + { + echo "No assignments posted so far."; - } else { while($row = mysqli_fetch_assoc($result)) { - $marks=$row['Marks']; - $title=$row['Title']; - $ins=$row['Instructions']; - $posted=$row['Posted_Date']; - $deadline=$row['Deadline']; - $att1=$row['Attachment_link_1']; - $att2=$row['Attachment_link_2']; - $att3=$row['Attachment_link_3']; - $att4=$row['Attachment_link_4']; - $id=$row['Lab_Report_ID']; - $cours_id=$row['Course_ID']; - $as_type=$row['Type']; - $full_link="$att1"; + } else { while($row = mysqli_fetch_assoc($result)) { + $marks=$row['Marks']; + $title=$row['Title']; + $ins=$row['Instructions']; + $posted=$row['Posted_Date']; + $deadline=$row['Deadline']; + $att1=$row['Attachment_link_1']; + $att2=$row['Attachment_link_2']; + $att3=$row['Attachment_link_3']; + $att4=$row['Attachment_link_4']; + $id=$row['Lab_Report_ID']; + $cours_id=$row['Course_ID']; + $as_type=$row['Type']; + $full_link="$att1"; - if($att2!=""){ - $full_link= $full_link."  |  $att2"; - } - if($att3!=""){ - $full_link= $full_link."  |  $att3"; - } + if($att2!=""){ + $full_link= $full_link."  |  $att2"; + } + if($att3!=""){ + $full_link= $full_link."  |  $att3"; + } - if($att4!=""){ - $full_link= $full_link."   |   $att4"; - } + if($att4!=""){ + $full_link= $full_link."   |   $att4"; + } - $resultx1 = mysqli_query($con,"Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id"); - while($row = mysqli_fetch_assoc($resultx1)) {$count_subs=$row['cnt'];} + $resultx1 = mysqli_query($con,"Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id"); + while($row = mysqli_fetch_assoc($resultx1)) {$count_subs=$row['cnt'];} - $resultx2 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Marks is not null"); - if(mysqli_num_rows($resultx2)==0){$count_marked=0;} else { while($row = mysqli_fetch_assoc($resultx2)) {$count_marked =$row['cnt'];}} + $resultx2 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Marks is not null"); + if(mysqli_num_rows($resultx2)==0){$count_marked=0;} else { while($row = mysqli_fetch_assoc($resultx2)) {$count_marked =$row['cnt'];}} $header="Courses > ".$name."($code) > Assignments > ".$title; @@ -328,138 +324,98 @@ if (isset($_SESSION['info_courses'])) { $title ($as_type)
    $ins
    Posted : $posted Deadline : $deadline   ($marks Marks)           " - . "
    " + . "
    " - . "    $count_subs Submissions ( $count_marked Marked )       Edit   |   View    |   Extend Deadline
    Attachments : $full_link
    " - . "  
    + . "    $count_subs Submissions ( $count_marked Marked )       Edit   |   View    |   Extend Deadline
    Attachments : $full_link " + . "  
    "; - }} - echo "
    "; + }} + echo "
    "; - $resultx1 = mysqli_query($con,"SELECT course_students_table.Student_ID,users_table.Full_Name FROM + $resultx1 = mysqli_query($con,"SELECT course_students_table.Student_ID,users_table.Full_Name FROM `course_students_table` INNER JOIN users_table on users_table.Student_ID=course_students_table.Student_ID WHERE Course_ID=$course_id"); - echo ""; + echo "
    Reason " + . "" + . " "; - return; + return; - } + } - ?> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + ?> + +
    - + echo " "; - $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, " - . "`Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID where courses_table.Lecturer_User_ID=$user_d"); + $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, " + . "`Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID where courses_table.Lecturer_User_ID=$user_d"); - if($_SESSION['user_type']=="TA") - { - $result = mysqli_query($con,"SELECT course_ta.Course_ID, `Course_Name`, + if($_SESSION['user_type']=="TA") + { + $result = mysqli_query($con,"SELECT course_ta.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table` INNER JOIN course_ta ON course_ta.Course_ID=courses_table.Course_ID where course_ta.TA=$user_d"); - } - // $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID"); + } + // $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID"); - if(mysqli_num_rows($result)==0) + if(mysqli_num_rows($result)==0) {} else { while($row = mysqli_fetch_assoc($result)) { - $id=$row['Course_ID']; - $name=$row['Course_Name']; - $code=$row['Course_Code']; - $faculty=$row['Faculty']; - $lecturer=$row['Full_Name']; - $academic=$row['Academic_Year']; - $url=$row['URL']; + $id=$row['Course_ID']; + $name=$row['Course_Name']; + $code=$row['Course_Code']; + $faculty=$row['Faculty']; + $lecturer=$row['Full_Name']; + $academic=$row['Academic_Year']; + $url=$row['URL']; - $resultTA = mysqli_query($con,"SELECT `Course_ID`, `TA`,users_table.Full_Name as TA_NAME FROM `course_ta` + $resultTA = mysqli_query($con,"SELECT `Course_ID`, `TA`,users_table.Full_Name as TA_NAME FROM `course_ta` INNER JOIN users_table on users_table.User_ID=course_ta.TA where course_ta.Course_ID=$id"); - $ta=""; - while($rowTA = mysqli_fetch_assoc($resultTA)) { - $ta=$ta." - ".$rowTA['TA_NAME']; - } + $ta=""; + while($rowTA = mysqli_fetch_assoc($resultTA)) { + $ta=$ta." - ".$rowTA['TA_NAME']; + } - echo" + echo"
    ($code) - $name @@ -467,290 +423,191 @@ where course_ta.Course_ID=$id");
    "; - }}?> -
    -
    -
    - Course Joining Requests + }}?> +
    +
    +
    + Course Joining Requests No Course joining request so far for all your courses
    "; + echo "
    No Course joining request so far for all your courses
    "; } else { while($row = mysqli_fetch_assoc($result)) { - $id=$row['ID']; + $id=$row['ID']; - $name=$row['Course_Name']; - $code=$row['Course_Code']; - $faculty=$row['Faculty']; - $std_name=$row['Full_Name']; - $academic=$row['Academic_Year']; + $name=$row['Course_Name']; + $code=$row['Course_Code']; + $faculty=$row['Faculty']; + $std_name=$row['Full_Name']; + $academic=$row['Academic_Year']; - echo "
    + echo "
    $std_name is Requesting to join
    [($code) - $name ]     
    Accept    Decline
    "; - } - } - ?> - - - - - - - Only Lecturers can Post new Lab report Assignments"; } - if( $_SESSION['user_type']=="Lecturer"){ ?> + } + ?> + + + + + - Create new Course Portal +Only Lecturers can Post new Lab report Assignments"; + } + if( $_SESSION['user_type']=="Lecturer"){ ?> + + Create new Course Portal -
    - - - Course Name - + + + + Course Name + - Course Code - + Course Code + -URL (Leave blank to use Course Code & Year) - + URL (Leave blank to use Course Code & Year) + -Academic Year - + Academic Year + - Faculty
    - + Faculty
    + - + -Verify Joining Students - Yes - No + Verify Joining Students + Yes + No -
    -
    +
    +
    -
    + - + -
    +
    - + +if( $_SESSION['user_type']=="Student") +{ + ?> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    + +

    Course Portal > Students
    - ' . $_SESSION['info_Courses_student'] . ''; - $_SESSION['info_Courses_student'] = null; -} -?> + error_reporting(0); + if (isset($_SESSION['info_Courses_student'])) { + echo '
    ' . $_SESSION['info_Courses_student'] . ''; + $_SESSION['info_Courses_student'] = null; + } + ?>

    -
    -
    +
    +
    -
    +
    Search Results for Code : $search
    "; - $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`," - . " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` " - . " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table" - . " ON users_table.User_ID=courses_table.Lecturer_User_ID where Course_Code='$search' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)"); - } - else - { - echo "

    Find Courses under faculty $faculty

    "; - $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, + if($faculty=="") + { + echo "

    Search Results for Code : $search


    "; + $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`," + . " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` " + . " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table" + . " ON users_table.User_ID=courses_table.Lecturer_User_ID where Course_Code='$search' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)"); + } + else + { + echo "

    Find Courses under faculty $faculty

    "; + $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID where Faculty='$faculty' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)"); - } + } - if(mysqli_num_rows($result)==0) - { -echo "No results found for your Search
    "; + if(mysqli_num_rows($result)==0) + { + echo "No results found for your Search
    "; - } else { while($row = mysqli_fetch_assoc($result)) { - $name=$row['Course_Name']; - $code=$row['Course_Code']; - $faculty=$row['Faculty']; - $lecturer=$row['Full_Name']; - $academic=$row['Academic_Year']; - $url=$row['URL']; - $id=$row['Course_ID']; - $v=$row['Verify_New_Members']; - $msg2="Join this Course"; - if($v>0) - { - $msg=" Lecturer Verification required"; - $msg2="Send Joining Request"; - } + } else { + + while($row = mysqli_fetch_assoc($result)) { + $name=$row['Course_Name']; + $code=$row['Course_Code']; + $faculty=$row['Faculty']; + $lecturer=$row['Full_Name']; + $academic=$row['Academic_Year']; + $url=$row['URL']; + $id=$row['Course_ID']; + $v=$row['Verify_New_Members']; + $msg2="Join Course"; + if($v>0) + { + $msg=" Lecturer verification required"; + $msg2="Send Joining Request"; + } - echo "
    - ($code) - $name
    ($url)
    $msg2 -
    Faculty : $faculty Year : $academic Lecturer :$lecturer
    $msg
    + echo "
    + [$code] $name
    ($url)
    $msg2 +
    Faculty: $faculty | Year: $academic | Lecturer: $lecturer
    $msg
    "; - - + } + } } - } - - - - - } - - - - - - - - echo "

    My Courses

    "; - $result = mysqli_query($con,"SELECT users_table.Full_Name, course_students_table.Status, courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table` + echo "

    My Courses

    "; + $result = mysqli_query($con,"SELECT users_table.Full_Name, course_students_table.Status, courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID @@ -758,38 +615,35 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tabl where course_students_table.Student_ID=$student_id"); - if(mysqli_num_rows($result)==0) + if(mysqli_num_rows($result)==0) { - echo " You are not Enrolled in any Course"; - } else { while($row = mysqli_fetch_assoc($result)) { + echo " You are not Enrolled in any Course"; + } else { + while($row = mysqli_fetch_assoc($result)) { $name=$row['Course_Name']; - $code=$row['Course_Code']; - $faculty=$row['Faculty']; - $lecturer=$row['Full_Name']; - $academic=$row['Academic_Year']; - $url=$row['URL']; - $id=$row['Course_ID']; - $Status=$row['Status']; + $code=$row['Course_Code']; + $faculty=$row['Faculty']; + $lecturer=$row['Full_Name']; + $academic=$row['Academic_Year']; + $url=$row['URL']; + $id=$row['Course_ID']; + $Status=$row['Status']; - if($Status=="Joined") - { - echo "
    + if($Status=="Joined") + { + echo "
    ($code) - $name
    ($url)     $Status     
    Open
    Faculty : $faculty Year : $academic Lecturer :$lecturer
    "; - } - else - { - echo "
    + } + else + { + echo "
    ($code) - $name $Status
    Faculty : $faculty Year : $academic Lecturer :$lecturer
    "; - } - - - - - } + } + } } @@ -829,15 +683,15 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tabl List courses by faculty
    + echo "

    @@ -907,9 +761,9 @@ echo "
    - } +} - ?> +?> @@ -917,13 +771,13 @@ echo "
    - +.form-control{ + padding-top: 1px; + padding-bottom:1px; + } + diff --git a/Download.php b/Download.php new file mode 100644 index 0000000..71b49bd --- /dev/null +++ b/Download.php @@ -0,0 +1,37 @@ + diff --git a/Header.php b/Header.php index be557f8..e867e1e 100644 --- a/Header.php +++ b/Header.php @@ -1,55 +1,39 @@ +
    - - + + + - - -
    - - -
    @@ -130,7 +110,7 @@ if ($_SESSION['user_type'] == "Lecturer") { } h1,h2,h3,h4{color:#03407B;} a { - color: #03407B; + color: #03407B; } .break-word { @@ -156,33 +136,30 @@ if ($_SESSION['user_type'] == "Lecturer") { .ui-button{ background: #03488B; color:white } - - - - + window.location.href="\Script.php\?action=statuschange&uid="+id+"&status="+status; + } + diff --git a/NoDirectPhpAcess.php b/NoDirectPhpAcess.php new file mode 100644 index 0000000..d5e6143 --- /dev/null +++ b/NoDirectPhpAcess.php @@ -0,0 +1,7 @@ + diff --git a/Script.php b/Script.php index 84b568c..b0225ea 100644 --- a/Script.php +++ b/Script.php @@ -1,246 +1,225 @@ + + . Thanks."; header("Location: index.php"); return; } - - - $result98 = mysqli_query($con, - "SELECT * FROM `users_table` WHERE Student_ID='$student_id'"); - - - if(mysqli_num_rows($result98)==0) + $result98 = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'"); + if(mysqli_num_rows($result98) == 0) { - $_SESSION['user_passport']=$passport; - $_SESSION['user_student_id']=$student_id; - header("Location: signup.php"); - return; - + $_SESSION['user_student_id'] = $student_id; + $_SESSION['user_passport'] = $passport; + header("Location: signup.php"); + return; } else { - $_SESSION["info_signup1"]="Student ID already in use! Please contact Student Management Office (lanhui at zjnu.edu.cn)."; + $_SESSION["info_signup1"] = "This Student ID is already in use! Please contact Student Management Office for help."; header("Location: index.php"); return; } - - } +} - - - - - - - - - - - - - - // ############################### CREATE STUDENT USER ################################## - if (!empty($_POST["frm_signup_2"])) { - $email = mysqli_real_escape_string($con,$_POST["email"]); - $password = mysqli_real_escape_string($con,$_POST["password"]); - $confirmpassword = mysqli_real_escape_string($con,$_POST["confirmpassword"]); - $fullname = mysqli_real_escape_string($con,$_POST["fullname"]); - $student_id = $_SESSION['user_student_id']; - $passport = $_SESSION['user_passport']; - $_SESSION['user_fullname'] = $fullname; - $_SESSION['user_type'] = "Student"; - $_SESSION['user_email'] = $email; + + + + +// ############################### CREATE STUDENT USER ################################## +if (!empty($_POST["frm_signup_2"])) { + $fullname = mysqli_real_escape_string($con, $_POST["fullname"]); + $email = mysqli_real_escape_string($con, $_POST["email"]); + $password = mysqli_real_escape_string($con, $_POST["password"]); + $confirmpassword = mysqli_real_escape_string($con, $_POST["confirmpassword"]); + $student_id = $_SESSION['user_student_id']; + $passport = $_SESSION['user_passport']; + $_SESSION['user_fullname'] = $fullname; + $_SESSION['user_type'] = "Student"; + $_SESSION['user_email'] = $email; // check confirmed password if ( strcasecmp( $password, $confirmpassword ) != 0 ){ - $_SESSION['info_signup2']="Password confirmation failed."; - $_SESSION['user_fullname'] = null; - $_SESSION['user_type'] = null; + $_SESSION['info_signup2'] = "Password confirmation failed."; + $_SESSION['user_fullname'] = null; // such that Header.php do not show the header information. header("Location: signup.php"); return; } - // validate email - if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { - $_SESSION['info_signup2']="Invalid email address."; - header("Location: signup.php"); - return; - } - - $upperLetter = preg_match('@[A-Z]@', $password); - $smallLetter = preg_match('@[a-z]@', $password); - $containsDigit = preg_match('@[0-9]@', $password); - $containsSpecial = preg_match('@[^\w]@', $password); - $containsAll = $upperLetter && $smallLetter && $containsDigit && $containsSpecial; - - // check for strong password - if(! $containsAll) { - $_SESSION['info_signup2'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and sepcial characters (e.g., !?.,*^)."; - header("Location: signup.php"); - return; + // validate email + if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { + $_SESSION['info_signup2'] = "Invalid email address."; + header("Location: signup.php"); + return; } - // check if email is taked - $result = mysqli_query($con, - "SELECT * FROM Users_Table WHERE email='$email'"); - if(mysqli_num_rows($result)!=0) + + $upperLetter = preg_match('@[A-Z]@', $password); + $smallLetter = preg_match('@[a-z]@', $password); + $containsDigit = preg_match('@[0-9]@', $password); + $containsSpecial = preg_match('@[^\w]@', $password); + $containsAll = $upperLetter && $smallLetter && $containsDigit && $containsSpecial; + + // check for strong password + if(! $containsAll) { + $_SESSION['info_signup2'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and sepcial characters (e.g., !?.,*^)."; + header("Location: signup.php"); + return; + } + + // check if email is taken + $result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'"); + if(mysqli_num_rows($result) != 0) { - $_SESSION["info_signup2"]="Email adress ".$email." already in use."; - $_SESSION['user_fullname'] = null; - $_SESSION['user_type'] = null; + $_SESSION["info_signup2"]="Email adress ".$email." is already in use."; + $_SESSION['user_fullname'] = null; header("Location: signup.php"); return; } - //applying password_hash() + + // apply password_hash() $password_hash = password_hash($password, PASSWORD_DEFAULT); $sql= "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`, `Student_ID`, `Passport_Number`) VALUES " - . "('$email','$password_hash','$fullname','Student','$student_id','$passport')"; + . "('$email','$password_hash','$fullname','Student','$student_id','$passport')"; - if ($con->query($sql) === TRUE) { - header("Location: Courses.php"); - } else { - // echo "Error: " . $sql . "
    " . $con->error; - echo "Something really bad happend during sign up."; - } + if ($con->query($sql) === TRUE) { + header("Location: Courses.php"); + } else { + // echo "Error: " . $sql . "
    " . $con->error; + echo "Something really bad (SQL insertion error) happend during sign up."; + } } - + + // ################################ LOGIN ##################################### if (!empty($_POST["frm_login"])) { - $user=mysqli_real_escape_string($con,$_POST["user"]); - - $is_student_number = 0; - - // Validate student number - if (is_numeric($user) && strlen($user) != 12) { - $_SESSION["info_login"] = "Invalid student number:"."$user"; - header("Location: index.php"); - return; - } else { - $is_student_number = 1; - } - - if ($is_student_number == 0 && !filter_var($user, FILTER_VALIDATE_EMAIL)) { - $_SESSION["info_login"] = "Invalid email address: "."$user"; - header("Location: index.php"); - return; - } - - $password=mysqli_real_escape_string($con,$_POST["password"]); - // $hashed_password=hash('sha512', $password); Not necessary in the login - $result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')"); -if(mysqli_num_rows($result)==0) - { - $_SESSION["info_login"]="Inavlid login information."; - - echo $_SESSION["info_login"]; - - header("Location: index.php"); - } - else - { - while($row = mysqli_fetch_assoc($result)) { - // verify the hashed password and unhashed password - $sha512pass = hash('sha512', $password); // for backward compatibility. Old passwords were hashed using SHA512 algorithm. - if(password_verify($password, $row["Password"]) or $sha512pass == $row["HashPassword"]) { - $_SESSION['user_id']=$row['User_ID']; - $_SESSION['user_email']=$row['Email']; - $_SESSION['user_student_id']=$row['Student_ID']; - $_SESSION['user_type']=$row['UserType']; - $_SESSION['user_fullname']=$row['Full_Name']; - - if( $_SESSION['user_type']=="Student") - { - header("Location: Courses.php"); - } - - if( $_SESSION['user_type']=="Lecturer") - { - header("Location: Courses.php"); - } - - if( $_SESSION['user_type']=="TA") - { - header("Location: Courses.php"); - } - - if( $_SESSION['user_type']=="Admin") - { - header("Location: Admin.php"); - } - // report wrong pass if not correct - }else{ - $_SESSION["wrong_pass"]="Wrong Password."; - - echo $_SESSION["wrong_pass"]; - - header("Location: index.php"); - } - - } - } + $user = mysqli_real_escape_string($con, $_POST["user"]); // user could be a 12-digit student number or an email address + $is_student_number = 0; + + // Validate student number + if ( is_valid_student_number($user) ) { + $is_student_number = 1; + } + + // Validate email address if what provided is not a student number + if (! $is_student_number && !filter_var($user, FILTER_VALIDATE_EMAIL)) { + $_SESSION["info_login"] = "Invalid email address: " . "$user"; + header("Location: index.php"); + return; + } + + $password = mysqli_real_escape_string($con, $_POST["password"]); + $result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')"); + if(mysqli_num_rows($result) == 0) + { + $_SESSION["info_login"] = "Inavlid user name information."; + echo $_SESSION["info_login"]; + header("Location: index.php"); + } + else + { + while($row = mysqli_fetch_assoc($result)) { + // verify the hashed password and unhashed password + $sha512pass = hash('sha512', $password); // for backward compatibility. Old passwords were hashed using SHA512 algorithm. + if(password_verify($password, $row["Password"]) or $sha512pass == $row["HashPassword"]) { + + $_SESSION['user_id'] = $row['User_ID']; + $_SESSION['user_email'] = $row['Email']; + $_SESSION['user_student_id'] = $row['Student_ID']; + $_SESSION['user_type'] = $row['UserType']; + $_SESSION['user_fullname'] = $row['Full_Name']; + + if( $_SESSION['user_type'] == "Student") + { + header("Location: Courses.php"); + } + + if( $_SESSION['user_type'] == "Lecturer") + { + header("Location: Courses.php"); + } + + if( $_SESSION['user_type'] == "TA") + { + header("Location: Courses.php"); + } + + if( $_SESSION['user_type'] == "Admin") + { + header("Location: Admin.php"); + } + // report wrong pass if not correct + } else { + $_SESSION["wrong_pass"] = "Wrong Password."; + header("Location: index.php"); + } + } + } } - - - @@ -250,410 +229,309 @@ if(mysqli_num_rows($result)==0) if (!empty($_POST["frm_recover_password"])) { - $student_id = mysqli_real_escape_string($con,$_POST["sno"]); - $email = mysqli_real_escape_string($con,$_POST["email"]); + $student_id = mysqli_real_escape_string($con,$_POST["sno"]); + $email = mysqli_real_escape_string($con,$_POST["email"]); - // validate student number - if (strlen($student_id) != 12 || is_numeric($student_id) == FALSE) { - echo "Invalid student number."; - return; - } + // validate student number + if (strlen($student_id) != 12 || is_numeric($student_id) == FALSE) { + echo "Invalid student number."; + return; + } - // validate email - if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { - echo "Invalid email address."; - return; - } + // validate email + if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { + echo "Invalid email address."; + return; + } - $result = mysqli_query($con, "SELECT * FROM users_table WHERE Email='$email' and Student_ID='$student_id'"); - if(mysqli_num_rows($result)==0) - { - $_SESSION["info_recover_password"]="Email address is not recognised."; - $_SESSION["info_recover_password"] = "Identity not recognized. Try again or send an inquiry email message to lanhui at zjnu.edu.cn."; - header("Location: recover_password.php"); - } else - { - $result = mysqli_query($con, "DELETE FROM users_table WHERE Email='$email' and Student_ID='$student_id'"); - $_SESSION["info_recover_password"] = "Reset done. Please go to the sign up page and sign up again."; - header("Location: recover_password.php"); - } + $result = mysqli_query($con, "SELECT * FROM users_table WHERE Email='$email' and Student_ID='$student_id'"); + if(mysqli_num_rows($result)==0) + { + $_SESSION["info_recover_password"]="Email address is not recognised."; + $_SESSION["info_recover_password"] = "Identity not recognized. Try again or send an inquiry email message to lanhui at zjnu.edu.cn."; + header("Location: recover_password.php"); + } else + { + $result = mysqli_query($con, "DELETE FROM users_table WHERE Email='$email' and Student_ID='$student_id'"); + $_SESSION["info_recover_password"] = "Reset done. Please go to the sign up page and sign up again."; + header("Location: recover_password.php"); + } } + // ################################ RESET Password ##################################### if (!empty($_POST["frm_reset_password"])) { - $password=mysqli_real_escape_string($con,$_POST["password"]); - $token=mysqli_real_escape_string($con,$_POST["token"]); - $email=mysqli_real_escape_string($con,$_POST["email"]); - $result = mysqli_query($con, - "SELECT * FROM Users_Table WHERE email='$email'"); -if(mysqli_num_rows($result)==0) - { + $password=mysqli_real_escape_string($con,$_POST["password"]); + $token=mysqli_real_escape_string($con,$_POST["token"]); + $email=mysqli_real_escape_string($con,$_POST["email"]); + $result = mysqli_query($con, + "SELECT * FROM Users_Table WHERE email='$email'"); + if(mysqli_num_rows($result)==0) + { -echo "invalid email"; -return; + echo "invalid email"; + return; - } - else - { - while($row = mysqli_fetch_assoc($result)) { - - $userid=$row['User_ID']; - - $email=$row['Email']; - $id=$row['Student_ID']; - - $user_token=$userid*$userid*$userid+$userid*0.00343; -if($user_token==$token) -{ -// Password Update - - // Password Update - $hashed_password=hash('sha512', $password); - $sql= "UPDATE users_table set HashPassword='$hashed_password' where User_ID=$userid;"; - if ($con->query($sql) === TRUE) { - - error_reporting(0); - - $_SESSION["info_login"]=" Password changed successfully , you can login now with your new password "; - header("Location: index.php"); - - } - else { - echo "Error: " . $sql . "
    " . $con->error; -} - -} else -{ - echo "Invalid Token "; -} - - - - - } } - } + else + { + while($row = mysqli_fetch_assoc($result)) { + + $userid=$row['User_ID']; + + $email=$row['Email']; + $id=$row['Student_ID']; + + $user_token=$userid*$userid*$userid+$userid*0.00343; + if($user_token==$token) + { + // Password Update + + // Password Update + $hashed_password=hash('sha512', $password); + $sql= "UPDATE users_table set HashPassword='$hashed_password' where User_ID=$userid;"; + if ($con->query($sql) === TRUE) { + + error_reporting(0); + + $_SESSION["info_login"]=" Password changed successfully , you can login now with your new password "; + header("Location: index.php"); + + } + else { + echo "Error: " . $sql . "
    " . $con->error; + } + + } else + { + echo "Invalid Token "; + } + + + + + } + } +} - - - - - - - - - - - - - - - - - - - - - - - - - - // ############################### CREATE Lecturer/TA USER ################################## - if (!empty($_POST["frm_createlecturrer"])) { - $email=mysqli_real_escape_string($con,$_POST["email"]); - $passport=mysqli_real_escape_string($con,$_POST["passport"]); - $fullname=mysqli_real_escape_string($con,$_POST["fullname"]); - $type=mysqli_real_escape_string($con,$_POST["type"]); - $password=$passport; - // check if email is taken - $result = mysqli_query($con, - "SELECT * FROM Users_Table WHERE email='$email'"); - if(mysqli_num_rows($result)!=0) +// ############################### CREATE Lecturer/TA USER ################################## +if (!empty($_POST["frm_createlecturrer"])) { + $email=mysqli_real_escape_string($con,$_POST["email"]); + $passport=mysqli_real_escape_string($con,$_POST["passport"]); + $fullname=mysqli_real_escape_string($con,$_POST["fullname"]); + $type=mysqli_real_escape_string($con,$_POST["type"]); + $password=$passport; + // check if email is taken + $result = mysqli_query($con, + "SELECT * FROM Users_Table WHERE email='$email'"); + if(mysqli_num_rows($result)!=0) { $_SESSION["info_Admin_Users"]="Email adress : ".$email." is already in use."; header("Location: Admin.php"); } $sql= "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`, `Passport_Number`) VALUES " - . "('$email','$password','$fullname','$type','$passport')"; + . "('$email','$password','$fullname','$type','$passport')"; - if ($con->query($sql) === TRUE) { - $_SESSION["info_Admin_Users"]=$type." user Created successfully : email ".$email." and $password as Password."; - header("Location: Admin.php"); + if ($con->query($sql) === TRUE) { + $_SESSION["info_Admin_Users"]=$type." user Created successfully : email ".$email." and $password as Password."; + header("Location: Admin.php"); -} else { - echo "Error: " . $sql . "
    " . $con->error; + } else { + echo "Error: " . $sql . "
    " . $con->error; + } } - } - - - - - - - - - - - - - - - - - // #### FUNCTION CHECK FILE TYPES //// -function is_valid($file) { - - - $allowed = array('pdf', 'rtf', 'jpg','png', 'doc', 'docx', 'xls', 'xlsx','sql','txt','md','py','css','html', - 'cvc','c','class','cpp','h','java','sh','swift','zip','rar','ods','xlr','bak','ico','swf'); - - - -$filename = $_FILES[$file]['name']; -$ext = pathinfo($filename, PATHINFO_EXTENSION); - $result=in_array($ext,$allowed); - return $result; + + + +// #### FUNCTION CHECK FILE TYPES //// + +function is_valid_file_format($file) { + + + $allowed = array('pdf', 'rtf', 'jpg','png', 'doc', 'docx', 'xls', 'xlsx','sql','txt','md','py','css','html', + 'cvc','c','class','cpp','h','java','sh','swift','zip','rar','ods','xlr','bak','ico','swf'); + + $filename = $_FILES[$file]['name']; + $ext = pathinfo($filename, PATHINFO_EXTENSION); + $result = in_array($ext,$allowed); + return $result; } + + + + + +// #### FUNCTION CREATE DIRECTORIES //// - - - - // #### FUNCTION CREATE DIRECTORIES //// - - function Create_dir($upPath) +function Create_dir($upPath) { - try { - - // full path -$tags = explode('/' ,$upPath); // explode the full path -$mkDir = ""; + try { + // full path + $tags = explode('/', $upPath); // explode the full path + $mkDir = ""; - foreach($tags as $folder) { - $mkDir = $mkDir . $folder ."/"; // make one directory join one other for the nest directory to make - // echo '"'.$mkDir.'"
    '; // this will show the directory created each time - if(!is_dir($mkDir)) { // check if directory exist or not - mkdir($mkDir, 0777); // if not exist then make the directory - } - } - } - catch (Exception $e) { - - } - return $upPath; + foreach($tags as $folder) { + $mkDir = $mkDir . $folder ."/"; // make one directory join one other for the nest directory to make + echo '"'.$mkDir.'"
    '; // this will show the directory created each time + if(!is_dir($mkDir)) { // check if directory exist or not + mkdir($mkDir, 0777); // if not exist then make the directory + } + } + } + catch (Exception $e) { + return FALSE; + } + return $upPath; } - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +function mkdirs($path) +{ + if (file_exists($path)) + return $path; + $result = mkdir($path, 0777, true); + if ($result) { + return $path; + } + return $result; +} // ############################### #Post Assignment ################################## - if (!empty($_POST["frm_uploadlab"])) { +if (!empty($_POST["frm_uploadlab"])) { - $course_id=mysqli_real_escape_string($con,$_POST["course_id"]); - $deadlinedate=$_POST["deadlinedate"]; - $deadlinetime=$_POST["deadlinetime"]; - $instructions=mysqli_real_escape_string($con,$_POST["instructions"]); - $title=mysqli_real_escape_string($con,$_POST["title"]); - $marks=mysqli_real_escape_string($con,$_POST["marks"]); - // $url=mysqli_real_escape_string($con,$_POST["url"]); - $url=$_SESSION['url']; //using real_escape_string was failing to redirect to the main page - $type=mysqli_real_escape_string($con,$_POST["type"]); + $course_id=mysqli_real_escape_string($con,$_POST["course_id"]); + $deadlinedate=$_POST["deadlinedate"]; + $deadlinetime=$_POST["deadlinetime"]; + $instructions=mysqli_real_escape_string($con,$_POST["instructions"]); + $title=mysqli_real_escape_string($con,$_POST["title"]); + $marks=mysqli_real_escape_string($con,$_POST["marks"]); + // $url=mysqli_real_escape_string($con,$_POST["url"]); + $url = $_SESSION['url']; //using real_escape_string was failing to redirect to the main page + $type = mysqli_real_escape_string($con, $_POST["type"]); - $deadline=$deadlinedate." ".$deadlinetime; - $date= date("Y-m-d H:i"); + $deadline = $deadlinedate." ".$deadlinetime; + $date = date("Y-m-d H:i"); - // GET UPLOADED FILES + // GET UPLOADED FILES - $target_dir =Create_dir("Lab_Report_Assignments/".$title."/"); + $target_dir = Create_dir("Lab_Report_Assignments/".$title."/"); - $rnd=rand(10,1000); - $rnd=""; // no more required , creating folder for each lab - $targetfile = $target_dir.$rnd.$_FILES['attachment1']['name']; - $targetfile2 = $target_dir.$rnd.$_FILES['attachment2']['name']; - $targetfile3 = $target_dir.$rnd.$_FILES['attachment3']['name']; - $targetfile4 = $target_dir.$rnd.$_FILES['attachment4']['name']; + $rnd=rand(10,1000); + $rnd=""; // no more required , creating folder for each lab + $targetfile = $target_dir.$rnd.$_FILES['attachment1']['name']; + $targetfile2 = $target_dir.$rnd.$_FILES['attachment2']['name']; + $targetfile3 = $target_dir.$rnd.$_FILES['attachment3']['name']; + $targetfile4 = $target_dir.$rnd.$_FILES['attachment4']['name']; - $count=0; + $count=0; - if(!is_valid("attachment1") && $_FILES["attachment1"]["name"]!="") - { - echo "Invalid File Type for Attachment 1"; - return; - } - if(!is_valid("attachment2") && $_FILES["attachment2"]["name"]!="") - { - echo "Invalid File Type for Attachment 2"; - return; - } - if(!is_valid("attachment3") && $_FILES["attachment3"]["name"]!="") - { - echo "Invalid File Type for Attachment 3"; - return; - } + if(!is_valid_file_format("attachment1") && $_FILES["attachment1"]["name"]!="") + { + echo "Invalid File Type for Attachment 1"; + return; + } + if(!is_valid_file_format("attachment2") && $_FILES["attachment2"]["name"]!="") + { + echo "Invalid File Type for Attachment 2"; + return; + } + if(!is_valid_file_format("attachment3") && $_FILES["attachment3"]["name"]!="") + { + echo "Invalid File Type for Attachment 3"; + return; + } - //if($_FILES["attachment1"]["error"] != 0) { - // echo "Error uploading the file "; - //return; -//} - -// use 4 for missing file - - + // use 4 for missing file + if (move_uploaded_file($_FILES['attachment1']['tmp_name'], $targetfile)) { + $count++; + } else { + echo $_FILES['attachment1']['error']; + } + + if (move_uploaded_file($_FILES['attachment2']['tmp_name'], $targetfile2)) { + $count++; + } else { + echo $_FILES['attachment2']['error']; + } + + if (move_uploaded_file($_FILES['attachment3']['tmp_name'], $targetfile3)) { + $count++; + } else { + echo $_FILES['attachment3']['error']; + } + + if (move_uploaded_file($_FILES['attachment4']['tmp_name'], $targetfile4)) { + $count++; + } else { + echo $_FILES['attachment4']['error']; + } - if (move_uploaded_file($_FILES['attachment1']['tmp_name'], $targetfile)) { - $count++; - } else { - echo $_FILES['attachment1']['error']; - } + echo $count." File(s) uploaded"; - if (move_uploaded_file($_FILES['attachment2']['tmp_name'], $targetfile2)) { - $count++; - } else { - echo $_FILES['attachment2']['error']; - } - - if (move_uploaded_file($_FILES['attachment3']['tmp_name'], $targetfile3)) { - $count++; - } else { - echo $_FILES['attachment3']['error']; - } - - if (move_uploaded_file($_FILES['attachment4']['tmp_name'], $targetfile4)) { - $count++; - } else { - echo $_FILES['attachment4']['error']; - } -//} - - - - - echo $count." File(s) uploaded"; - - //CLEAN - $targetfile=""; -$targetfile2=""; - $targetfile3=""; - $targetfile4=""; + //CLEAN + $targetfile=""; + $targetfile2=""; + $targetfile3=""; + $targetfile4=""; - if($_FILES['attachment1']['name']!=""){ $targetfile="/".$title."/".$_FILES['attachment1']['name']; } - if($_FILES['attachment2']['name']!=""){ $targetfile2="/".$title."/".$_FILES['attachment2']['name']; } - if($_FILES['attachment3']['name']!=""){ $targetfile3= "/".$title."/".$_FILES['attachment3']['name']; } - if($_FILES['attachment4']['name']!=""){ $targetfile4= "/".$title."/".$_FILES['attachment4']['name']; } + if($_FILES['attachment1']['name']!=""){ $targetfile = "/".$title."/".$_FILES['attachment1']['name']; } + if($_FILES['attachment2']['name']!=""){ $targetfile2 = "/".$title."/".$_FILES['attachment2']['name']; } + if($_FILES['attachment3']['name']!=""){ $targetfile3 = "/".$title."/".$_FILES['attachment3']['name']; } + if($_FILES['attachment4']['name']!=""){ $targetfile4 = "/".$title."/".$_FILES['attachment4']['name']; } - - - - // return; - - - - $sql="INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, + $sql="INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`,Marks,Type) VALUES ('$course_id','$date','$deadline','$instructions','$title','$targetfile','$targetfile2','$targetfile3','$targetfile3',$marks,'$type')"; - if ($con->query($sql) === TRUE) { + if ($con->query($sql) === TRUE) { - $_SESSION["info_courses"]=$type." Lab Report Assignment posted successfully."; - header("Location: Courses.php?course=".$url); + $_SESSION["info_courses"] = $type." lab report assignment posted successfully."; + header("Location: Courses.php?course=".$url); -} else { - echo "Error: " . $sql . "
    " . $con->error; + } else { + echo "Error: " . $sql . "
    " . $con->error; + } } - } - - - - - - - - - - - - - - - - - + + + + + function checksize($file) { - $filename = $_FILES[$file]['name']; - - $result=$_FILES["$file"]['size']/1024/1024; + $result = $_FILES["$file"]['size']/(1024*1024); - - - //$max_upload = (int)(ini_get('upload_max_filesize')); -//$max_post = (int)(ini_get('post_max_size')); -//$memory_limit = (int)(ini_get('memory_limit')); -//$upload_mb = min($max_upload, $max_post, $memory_limit); -if($result>20) -{ - return FALSE; -} - return TRUE; + if($result > 1) + { + return FALSE; + } + return TRUE; } @@ -661,738 +539,579 @@ if($result>20) // ############################### Submit Assignment ################################## if (!empty($_POST["frm_submitlab"])) { - - - $lab_id=mysqli_real_escape_string($con,$_POST["lab_id"]); - $student_id=$_POST["student_id"]; - $group_id=$_POST["group_id"]; + $lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]); + $student_id = $_POST["student_id"]; + $group_id = $_POST["group_id"]; + $instructions = mysqli_real_escape_string($con, $_POST["instructions"]); + $title = mysqli_real_escape_string($con, $_POST["title"]); + + $url = mysqli_real_escape_string($con, $_POST["url"]); + + $deadline = $deadlinedate." ".$deadlinetime; + $date = date("Y-m-d H:i"); + + // GET UPLOADED FILES + $labName = mysqli_query($con,"SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID=$lab_id"); + while($row = mysqli_fetch_assoc($labName)) + { + $lab_name = $row['Title']; + $_SESSION['Sub_Type'] = $row['Type']; // submission type, either Individual or Group + } - $instructions=mysqli_real_escape_string($con,$_POST["instructions"]); - $title=mysqli_real_escape_string($con,$_POST["title"]); - - $url=mysqli_real_escape_string($con,$_POST["url"]); - - - $deadline=$deadlinedate." ".$deadlinetime; - $date= date("Y-m-d H:i"); - - - -// GET UPLOADED FILES - - - - $labName = mysqli_query($con,"SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID=$lab_id"); - while($row = mysqli_fetch_assoc($labName)) - {$lab_name=$row['Title']; - $_SESSION['Sub_Type']=$row['Type']; - } - - - $target_dir =Create_dir("Lab_Report_Submisions/".$student_id."/".$lab_name."/"); - - - - $targetfile = $target_dir.$_FILES['attachment1']['name']; - $targetfile2 = $target_dir.$_FILES['attachment2']['name']; - $targetfile3 = $target_dir.$_FILES['attachment3']['name']; - $targetfile4 = $target_dir.$_FILES['attachment4']['name']; + $upload_folder = "Lab_Report_Submisions"; // old place for storing students' submissions + $upload_folder = "./../../lrr_submission"; + $target_dir = mkdirs($upload_folder."/".$student_id."/".$url."/".$lab_name."/"); # url is actually course code plus academic year, e.g., CSC3122020 + $targetfile = $target_dir.$_FILES['attachment1']['name']; + $targetfile2 = $target_dir.$_FILES['attachment2']['name']; + $targetfile3 = $target_dir.$_FILES['attachment3']['name']; + $targetfile4 = $target_dir.$_FILES['attachment4']['name']; - - - - - -//$curDateTime = date("Y-m-d H:i"); -//$myDate = date("Y-m-d H:i", strtotime("2017-12-28 18:01")); -//if($curDateTime <= $myDate ){ -// echo "active ".+$curDateTime." mydate= ".$myDate; -// -//}else{ -// echo "inactive c=".$curDateTime; -//} -// - -$count=0; + $count = 0; + //check zise + if(!checksize("attachment1")) + { + echo "1 MB is the maximum file size allowed"; + return; + } + if(!checksize("attachment2") && $_FILES["attachment2"]["name"] != "") + { + echo "1 MB is the maximum file size allowed"; + return; + } + if(!checksize("attachment3") && $_FILES["attachment3"]["name"] != "") + { + echo "1 MB is the maximum file size allowed"; + return; + } - -//check zise - if(!checksize("attachment1")) -{ - echo "2 MB is the maximum file size allowed"; - return; -} - if(!checksize("attachment2") && $_FILES["attachment2"]["name"]!="") -{ - echo "2 MB is the maximum file size allowed"; - return; -} - if(!checksize("attachment3") && $_FILES["attachment3"]["name"]!="") -{ - echo "2 MB is the maximum file size allowed"; - return; -} - - - - - -if(!is_valid("attachment1")) -{ - echo "Invalid File Type for Attachment 1"; - return; -} - if(!is_valid("attachment2") && $_FILES["attachment2"]["name"]!="") -{ - echo "Invalid File Type for Attachment 2"; - return; -} - if(!is_valid("attachment3") && $_FILES["attachment3"]["name"]!="") -{ - echo "Invalid File Type for Attachment 3"; - return; -} - -if($_FILES["attachment1"]["error"] != 0) { - echo "Error uploading the file "; - return; -} - -// use 4 for missing file - - - - - -if (move_uploaded_file($_FILES['attachment1']['tmp_name'], $targetfile)) { -$count++; -} else { - echo $_FILES['attachment1']['error']; -} - -if (move_uploaded_file($_FILES['attachment2']['tmp_name'], $targetfile2)) { - $count++; -} else { - echo $_FILES['attachment2']['error']; -} - -if (move_uploaded_file($_FILES['attachment3']['tmp_name'], $targetfile3)) { - $count++; -} else { - echo $_FILES['attachment3']['error']; -} - - if (move_uploaded_file($_FILES['attachment4']['tmp_name'], $targetfile4)) { - $count++; -} else { - echo $_FILES['attachment4']['error']; -} -//} - + if(!is_valid_file_format("attachment1")) + { + echo "Invalid File Type for Attachment 1"; + return; + } + if(!is_valid_file_format("attachment2") && $_FILES["attachment2"]["name"] != "") + { + echo "Invalid File Type for Attachment 2"; + return; + } + if(!is_valid_file_format("attachment3") && $_FILES["attachment3"]["name"] != "") + { + echo "Invalid File Type for Attachment 3"; + return; + } + + if($_FILES["attachment1"]["error"] != 0) { + echo "Error when uploading the file."; + return; + } + + // use 4 for missing file + + if (move_uploaded_file($_FILES['attachment1']['tmp_name'], $targetfile)) { + $count++; + } else { + echo $_FILES['attachment1']['error']; + } + + if (move_uploaded_file($_FILES['attachment2']['tmp_name'], $targetfile2)) { + $count++; + } else { + echo $_FILES['attachment2']['error']; + } + + if (move_uploaded_file($_FILES['attachment3']['tmp_name'], $targetfile3)) { + $count++; + } else { + echo $_FILES['attachment3']['error']; + } + + if (move_uploaded_file($_FILES['attachment4']['tmp_name'], $targetfile4)) { + $count++; + } else { + echo $_FILES['attachment4']['error']; + } -echo $count." File(s) uploaded"; + echo $count." File(s) uploaded"; -//CLEAN -$targetfile1=""; - $targetfile2=""; - $targetfile3=""; - $targetfile4=""; + //CLEAN + $targetfile1 = ""; + $targetfile2 = ""; + $targetfile3 = ""; + $targetfile4 = ""; -if(strlen($_FILES['attachment1']['name']) > 2 ) { - $targetfile="/".$student_id."/".$lab_name."/".$_FILES['attachment1']['name']; -} + if(strlen($_FILES['attachment1']['name']) > 2 ) { // why greater than 2??? + $targetfile = "/".$student_id."/".$url."/".$lab_name."/".$_FILES['attachment1']['name']; + } - if(strlen($_FILES['attachment2']['name']) > 2 ) { - $targetfile2="/".$student_id."/".$lab_name."/".$_FILES['attachment2']['name']; } + if(strlen($_FILES['attachment2']['name']) > 2 ) { + $targetfile2 = "/".$student_id."/".$url."/".$lab_name."/".$_FILES['attachment2']['name']; } - if(strlen($_FILES['attachment3']['name']) > 2 ) { - $targetfile3= "/".$student_id."/".$lab_name."/".$_FILES['attachment3']['name'];} + if(strlen($_FILES['attachment3']['name']) > 2 ) { + $targetfile3 = "/".$student_id."/".$url."/".$lab_name."/".$_FILES['attachment3']['name'];} - if(strlen($_FILES['attachment4']['name']) > 2 ) { - $targetfile4= "/".$student_id."/".$lab_name."/".$_FILES['attachment4']['name']; - } - - - $sql1="Delete from lab_report_submissions where Lab_Report_ID=$lab_id and Student_id=$student_id and Course_Group_id=$group_id"; - if ($con->query($sql1) === TRUE) { - } - + if(strlen($_FILES['attachment4']['name']) > 2 ) { + $targetfile4 = "/".$student_id."/".$url."/".$lab_name."/".$_FILES['attachment4']['name']; + } // When $group_id is not properly initialized, use integer 0 as its value. // This temporarily fixed the "Students unable to submit assignment after a recent change" bug at http://118.25.96.118/bugzilla/show_bug.cgi?id=65 if (trim($group_id) === '') { // when $group_id is an empty string or contains only whitespace characters. - $group_id = 0; // FIXME + $group_id = 0; // FIXME + } + + $sql1 = "DELETE FROM lab_report_submissions where Lab_Report_ID=$lab_id and Student_id=$student_id and Course_Group_id=$group_id"; + if ($con->query($sql1) === TRUE) { } - $sql="INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`," - . " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)" - . " VALUES ('$date',$lab_id,$student_id,$group_id,'$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4'," - . "'Pending','$title','')"; -if ($con->query($sql) === TRUE) { - if($_SESSION['Sub_Type']=='Individual') - // { - // // $con->query($sql = "UPDATE `lab_report_submissions` SET `Student_id` = ('".$student_id."') WHERE `lab_report_submissions`.`Course_Group_id` = '$group_id'"); - // } - // else - { - $con->query($sql = "UPDATE `lab_report_submissions` SET `Course_Group_id` = '0' WHERE `lab_report_submissions`.`Lab_Report_ID` = '$lab_id'"); - } - $_SESSION["info_courses"]=$type." Lab Report Assignment Submitted successfully."; -header("Location: Course.php?url=".$url); + $sql="INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`," + . " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)" + . " VALUES ('$date',$lab_id,$student_id,$group_id,'$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4'," + . "'Pending','$title','')"; + + if ($con->query($sql) === TRUE) { + if($_SESSION['Sub_Type']=='Individual') + { + $con->query($sql = "UPDATE `lab_report_submissions` SET `Course_Group_id` = '0' WHERE `lab_report_submissions`.`Lab_Report_ID` = '$lab_id'"); + } + + $_SESSION["info_courses"] = "Thanks. Your lab report assignment is submitted successfully."; + header("Location: Course.php?url=".$url); } else { - echo "Error:
    " . $con->error; -} + echo "Error:
    " . $con->error; + } } - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - // JOIN COURSE - if (!empty($_GET["JoinCourse"])) { +// JOIN COURSE +if (!empty($_GET["JoinCourse"])) { - $id=$_GET["id"]; - $student_id=$_GET["std"]; - $joining=$_GET["joining"]; - - $status="Pending"; + $id = $_GET["id"]; + $student_id = $_GET["std"]; + $joining = $_GET["joining"]; + $status = "Pending"; - if($joining==0){ $status="Joined";} + if($joining == 0){ $status = "Joined";} - $sql="INSERT INTO `course_students_table`(`Course_ID`, `Student_ID`,`Status`) VALUES - ('$id','$student_id','$status')"; + $sql="INSERT INTO `course_students_table`(`Course_ID`, `Student_ID`,`Status`) VALUES ('$id','$student_id','$status')"; - if ($con->query($sql) === TRUE) { - + if ($con->query($sql) === TRUE) { - if($joining==0) - { - $_SESSION["info_Courses_student"]="You enroll in this Course successfully."; - } - else { - $_SESSION["info_Courses_student"]="Course enrollment request was sent to the lecturer."; - } + if($joining==0) + { + $_SESSION["info_Courses_student"] = "You enrolled in this course successfully."; + } + else { + $_SESSION["info_Courses_student"] = "Course enrollment request was sent to the lecturer."; + } - header("Location: Courses.php"); - - - -} else { - echo "Error: " . $sql . "
    " . $con->error; + header("Location: Courses.php"); + + } else { + echo "Error: " . $sql . "
    " . $con->error; + } + } - - } - - - - - - - - - - - - #MARK LAB REPORT + + + + + +#MARK LAB REPORT - if (!empty($_GET["savemarks"])) { +if (!empty($_GET["savemarks"])) { - $id=$_GET["id"]; - $marks=$_GET["marks"]; - $total=$_GET["total"]; - $feedback=$_GET["feedback"]; - $header=$_GET["header"]; - $labid=$_GET["labid"]; - $status="Marked"; + $id=$_GET["id"]; + $marks=$_GET["marks"]; + $total=$_GET["total"]; + $feedback=$_GET["feedback"]; + $header=$_GET["header"]; + $labid=$_GET["labid"]; + $status="Marked"; - if($marks>$total) - { - echo " Marks could not be greater than total"; - return; - } - $date= date("Y-m-d H:i"); - $feedback="
    @$date : ".$feedback; + if($marks>$total) + { + echo " Marks could not be greater than total"; + return; + } + $date= date("Y-m-d H:i"); + $feedback="
    @$date : ".$feedback; - $sql="UPDATE `lab_report_submissions` SET `Marks`='$marks',`Status`='$status'," - . "" - . "Notes=if(Notes is null, ' ', concat(Notes, '$feedback'))" - . "" - . " WHERE Submission_ID=$id + $sql="UPDATE `lab_report_submissions` SET `Marks`='$marks',`Status`='$status'," + . "" + . "Notes=if(Notes is null, ' ', concat(Notes, '$feedback'))" + . "" + . " WHERE Submission_ID=$id "; - if ($con->query($sql) === TRUE) { + if ($con->query($sql) === TRUE) { - $_SESSION["info_Marking"]="Lab Report Submission Marked"; - header("Location: Submissions.php?id=".$labid."&header=".$header."&total=".$total); + $_SESSION["info_Marking"]="Lab Report Submission Marked"; + header("Location: Submissions.php?id=".$labid."&header=".$header."&total=".$total); -} else { - echo "Error: " . $sql . "
    " . $con->error; + } else { + echo "Error: " . $sql . "
    " . $con->error; + } + } - - } - - - - - - #Update Report Visibility - if (!empty($_GET["updatevisibility"])) { + + + + + +#Update Report Visibility +if (!empty($_GET["updatevisibility"])) { - $id=$_GET["id"]; - $marks=$_GET["marks"]; - $total=$_GET["total"]; - $status=$_GET["status"]; - $header=$_GET["header"]; - $labid=$_GET["labid"]; + $id=$_GET["id"]; + $marks=$_GET["marks"]; + $total=$_GET["total"]; + $status=$_GET["status"]; + $header=$_GET["header"]; + $labid=$_GET["labid"]; - $sql="UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID=$id + $sql="UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID=$id "; - if ($con->query($sql) === TRUE) { + if ($con->query($sql) === TRUE) { - $_SESSION["info_Marking"]="Lab Report Visibility Updated"; - header("Location: Submissions.php?id=".$labid."&header=".$header."&total=".$total); + $_SESSION["info_Marking"]="Lab Report Visibility Updated"; + header("Location: Submissions.php?id=".$labid."&header=".$header."&total=".$total); -} else { - echo "Error: " . $sql . "
    " . $con->error; -} + } else { + echo "Error: " . $sql . "
    " . $con->error; + } - } - - - - #Remarking Request +} + + + + + +#Remarking Request - if (!empty($_GET["remarking"])) { +if (!empty($_GET["remarking"])) { - $id=$_GET["id"]; - $url=$_GET["url"]; + $id=$_GET["id"]; + $url=$_GET["url"]; - $status= $_GET["status"]; - $details=$_GET["details"]; + $status= $_GET["status"]; + $details=$_GET["details"]; - $sql="UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID=$id + $sql="UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID=$id "; - if ($con->query($sql) === TRUE) { + if ($con->query($sql) === TRUE) { - $_SESSION["info_ReMarking"]="Remarking Request Sent"; - header("Location: Course.php?url=".$url); + $_SESSION["info_ReMarking"]="Remarking Request Sent"; + header("Location: Course.php?url=".$url); -} else { - echo "Error: " . $sql . "
    " . $con->error; -} + } else { + echo "Error: " . $sql . "
    " . $con->error; + } - } - - - - #Create Group Request +} + + + + + +#Create Group Request - if (!empty($_GET["creategroup"])) { +if (!empty($_GET["creategroup"])) { - $student_id=$_GET["student_id"]; - $url=$_GET["url"]; - $id=$_GET["id"]; - $name= $_GET["name"]; + $student_id=$_GET["student_id"]; + $url=$_GET["url"]; + $id=$_GET["id"]; + $name= $_GET["name"]; - $sql="INSERT INTO `course_groups_table`(`Group_Name`, + $sql="INSERT INTO `course_groups_table`(`Group_Name`, `Group_Leader`, `Course_id`) VALUES ('$name',$student_id,$id)"; - if ($con->query($sql) === TRUE) { + if ($con->query($sql) === TRUE) { - $resultx1 = mysqli_query($con,"Select Max(Course_Group_id) as cnt from course_groups_table"); - while($row = mysqli_fetch_assoc($resultx1)) {$gid=$row['cnt'];} + $resultx1 = mysqli_query($con,"Select Max(Course_Group_id) as cnt from course_groups_table"); + while($row = mysqli_fetch_assoc($resultx1)) {$gid=$row['cnt'];} - $sql="INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`) + $sql="INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`) VALUES ($gid,$student_id,'Created')"; - if ($con->query($sql) === TRUE) { - $_SESSION["info_ReMarking"]="Course group Created"; - header("Location: Course.php?url=".$url); - } else { - echo "Error: " . $sql . "
    " . $con->error; -} + if ($con->query($sql) === TRUE) { + $_SESSION["info_ReMarking"]="Course group Created"; + header("Location: Course.php?url=".$url); + } else { + echo "Error: " . $sql . "
    " . $con->error; + } -} else { - echo "Error: " . $sql . "
    " . $con->error; -} - - } - - - - - - - //---------------------------------------Invite Group Request and add a new member into the database------------------------------------ - - if (!empty($_GET["groupinvite"])) { - - $student_id=$_GET["student_id"]; - $url=$_GET["url"]; - $courseid=$_GET["courseid"]; - $groupid=$_GET["groupid"]; - - // if(($_SESSION['Group_Member4']=='0') or ($_SESSION['Group_Member3']=='0') or ($_SESSION['Group_Member2']=='0') or ($_SESSION['Group_Member']=='0')){ - $sql="INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`) - VALUES ($groupid,$student_id,'Invited')"; - if ($con->query($sql) === TRUE) { - - $resultx1 = mysqli_query($con,"SELECT * FROM course_groups_table where Course_Group_id ='$groupid'"); - - while($row = mysqli_fetch_assoc($resultx1)) - { - $Group_Member=$row['Group_Member']; - $Group_Member4=$row['Group_Member4']; - $Group_Member2=$row['Group_Member2']; - $Group_Member3=$row['Group_Member3']; - $_SESSION['Group_Member4']=$Group_Member4; - $_SESSION['Group_Member3']=$Group_Member3; - $_SESSION['Group_Member2']=$Group_Member2; - $_SESSION['Group_Member']=$Group_Member; - - if($Group_Member=='0'){ - mysqli_query($con,"UPDATE `course_groups_table` SET `Group_Member` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'"); - $_SESSION["info_ReMarking"]=$student_id . " was invited to the group"; - header("Location: Course.php?url=".$url); - }elseif($Group_Member2=='0'){ - mysqli_query($con,"UPDATE `course_groups_table` SET `Group_Member2` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'"); - $_SESSION["info_ReMarking"]=$student_id . " was invited to the group"; - header("Location: Course.php?url=".$url); - }elseif($Group_Member3=='0'){ - mysqli_query($con,"UPDATE `course_groups_table` SET `Group_Member3` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'"); - $_SESSION["info_ReMarking"]=$student_id . " was invited to the group"; - header("Location: Course.php?url=".$url); - }elseif($Group_Member4=='0'){ - mysqli_query($con,"UPDATE `course_groups_table` SET `Group_Member4` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'"); - $_SESSION["info_ReMarking"]=$student_id . " was invited to the group"; - header("Location: Course.php?url=".$url); - } else { - $_SESSION["info_ReMarking"]= " You cant add any more members"; - header("Location: Course.php?url=".$url); - + } else { + echo "Error: " . $sql . "
    " . $con->error; } - } - // } - - } } - - - - - - - - - - - #Accept deny Group Invite - - if (!empty($_GET["acceptinvite"])) { - - $student_id=$_GET["student_id"]; - $url=$_GET["url"]; - $action=$_GET["action"]; - $groupid=$_GET["groupid"]; - if($action==1) - { - $sql="Update `course_group_members_table` set Status='Joined' where Course_Group_id =$groupid and student_id=$student_id +} + + + + + +//---------------------------------------Invite Group Request and add a new member into the database------------------------------------ + +if (!empty($_GET["groupinvite"])) { + + $student_id=$_GET["student_id"]; + $url=$_GET["url"]; + $courseid=$_GET["courseid"]; + $groupid=$_GET["groupid"]; + + // if(($_SESSION['Group_Member4']=='0') or ($_SESSION['Group_Member3']=='0') or ($_SESSION['Group_Member2']=='0') or ($_SESSION['Group_Member']=='0')){ + $sql="INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`) + VALUES ($groupid,$student_id,'Invited')"; + if ($con->query($sql) === TRUE) { + + $resultx1 = mysqli_query($con,"SELECT * FROM course_groups_table where Course_Group_id ='$groupid'"); + + while($row = mysqli_fetch_assoc($resultx1)) + { + $Group_Member=$row['Group_Member']; + $Group_Member4=$row['Group_Member4']; + $Group_Member2=$row['Group_Member2']; + $Group_Member3=$row['Group_Member3']; + $_SESSION['Group_Member4']=$Group_Member4; + $_SESSION['Group_Member3']=$Group_Member3; + $_SESSION['Group_Member2']=$Group_Member2; + $_SESSION['Group_Member']=$Group_Member; + + if($Group_Member=='0'){ + mysqli_query($con,"UPDATE `course_groups_table` SET `Group_Member` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'"); + $_SESSION["info_ReMarking"]=$student_id . " was invited to the group"; + header("Location: Course.php?url=".$url); + }elseif($Group_Member2=='0'){ + mysqli_query($con,"UPDATE `course_groups_table` SET `Group_Member2` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'"); + $_SESSION["info_ReMarking"]=$student_id . " was invited to the group"; + header("Location: Course.php?url=".$url); + }elseif($Group_Member3=='0'){ + mysqli_query($con,"UPDATE `course_groups_table` SET `Group_Member3` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'"); + $_SESSION["info_ReMarking"]=$student_id . " was invited to the group"; + header("Location: Course.php?url=".$url); + }elseif($Group_Member4=='0'){ + mysqli_query($con,"UPDATE `course_groups_table` SET `Group_Member4` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'"); + $_SESSION["info_ReMarking"]=$student_id . " was invited to the group"; + header("Location: Course.php?url=".$url); + } else { + $_SESSION["info_ReMarking"]= " You cant add any more members"; + header("Location: Course.php?url=".$url); + + } + } + } +} + + + + + +#Accept deny Group Invite + +if (!empty($_GET["acceptinvite"])) { + + $student_id=$_GET["student_id"]; + $url=$_GET["url"]; + $action=$_GET["action"]; + $groupid=$_GET["groupid"]; + + if($action==1) + { + $sql="Update `course_group_members_table` set Status='Joined' where Course_Group_id =$groupid and student_id=$student_id "; - } - else - { - $sql="Delete from `course_group_members_table` where Course_Group_id =$groupid and student_id=$student_id + } + else + { + $sql="Delete from `course_group_members_table` where Course_Group_id =$groupid and student_id=$student_id "; - } + } - if ($con->query($sql) === TRUE) { - $_SESSION["info_ReMarking"]=" Group Invite Updated"; - header("Location: Course.php?url=".$url); - } else { - echo "Error: " . $sql . "
    " . $con->error; -} + if ($con->query($sql) === TRUE) { + $_SESSION["info_ReMarking"]=" Group Invite Updated"; + header("Location: Course.php?url=".$url); + } else { + echo "Error: " . $sql . "
    " . $con->error; + } } - - - - - - - - #Extend Deadline +#Extend Deadline - if (!empty($_GET["extenddeadline"])) { +if (!empty($_GET["extenddeadline"])) { - $id=$_GET["id"]; - $date=$_GET["date"]; - $time=$_GET["time"]; - $type=$_GET["type"]; + $id=$_GET["id"]; + $date=$_GET["date"]; + $time=$_GET["time"]; + $type=$_GET["type"]; - $stdid=$_GET["stdid"]; - $reason =$_GET["reason"]; - $url =$_GET["url"]; - $deadline=$date." ".$time; + $stdid=$_GET["stdid"]; + $reason =$_GET["reason"]; + $url =$_GET["url"]; + $deadline=$date." ".$time; - if($type==1) - { - - } - - - - if($type==1) - { - $sql="UPDATE `lab_reports_table` SET `Deadline`='$deadline' WHERE Lab_Report_ID=$id"; + if($type==1) + { + $sql="UPDATE `lab_reports_table` SET `Deadline`='$deadline' WHERE Lab_Report_ID=$id"; - } - else - { - $sql="INSERT INTO `extended_deadlines_table`(`Student_ID`, " - . "`Lab_Report_ID`, `Extended_Deadline_Date`," - . " `ReasonsForExtension`) VALUES ($stdid,$id,'$deadline','$reason')"; - + } + else + { + $sql="INSERT INTO `extended_deadlines_table`(`Student_ID`, " + . "`Lab_Report_ID`, `Extended_Deadline_Date`," + . " `ReasonsForExtension`) VALUES ($stdid,$id,'$deadline','$reason')"; - } + } - - - if ($con->query($sql) === TRUE) { + if ($con->query($sql) === TRUE) { - $_SESSION["info_courses"]=" Lab Report Deadline extended successfully."; - header("Location: Courses.php?course=".$url); + $_SESSION["info_courses"]=" Lab Report Deadline extended successfully."; + header("Location: Courses.php?course=".$url); - } else { - echo "Error: " . $sql . "
    " . $con->error; -} + } else { + echo "Error: " . $sql . "
    " . $con->error; + } } - - - - - - - - - - +#IGNORE Remarking Request - - - #IGNORE Remarking Request - - if (!empty($_GET["ignoreremarking"])) { +if (!empty($_GET["ignoreremarking"])) { - $id=$_GET["id"]; - $total=$_GET["total"]; - $header=$_GET["header"]; + $id=$_GET["id"]; + $total=$_GET["total"]; + $header=$_GET["header"]; - $subid=$_GET["subid"]; + $subid=$_GET["subid"]; - $sql="UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID=$subid"; + $sql="UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID=$subid"; - if ($con->query($sql) === TRUE) { + if ($con->query($sql) === TRUE) { - $_SESSION["info_Marking"]="Remarking Request Ignored , Submission Updated to 'Marked' status"; - header("Location: Submissions.php?id=".$id."&header=".$header."&total=".$total); + $_SESSION["info_Marking"]="Remarking Request Ignored , Submission Updated to 'Marked' status"; + header("Location: Submissions.php?id=".$id."&header=".$header."&total=".$total); -} else { - echo "Error: " . $sql . "
    " . $con->error; -} + } else { + echo "Error: " . $sql . "
    " . $con->error; + } - } - - - +} + + + + + +#Assign TA - - - - - - - - - #Assign TA - - if (!empty($_GET["assignTA"])) { +if (!empty($_GET["assignTA"])) { - $id=$_GET["id"]; - $ta=$_GET["ta"]; + $id=$_GET["id"]; + $ta=$_GET["ta"]; - $sql="INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ($id,$ta)"; + $sql="INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ($id,$ta)"; - if ($con->query($sql) === TRUE) { + if ($con->query($sql) === TRUE) { - $_SESSION["info_Admin_Courses"]=$type." Course TA Assigned "; - header("Location: Admin.php"); + $_SESSION["info_Admin_Courses"]=$type." Course TA Assigned "; + header("Location: Admin.php"); -} else { - echo "Error: " . $sql . "
    " . $con->error; -} + } else { + echo "Error: " . $sql . "
    " . $con->error; + } - } - - - - - - - - - - - - - //ACCEPT STUDNTS JOINING COURSSS - - if (!empty($_GET["AcceptStudent"])) { - - $id=$_GET["id"]; - $rs=$_GET["rs"]; - - if($rs=="yes") - { - $sql="Update course_students_table set Status='Joined' Where ID=$id"; - - - } else { - $sql="Delete FROM course_students_table Where ID=$id"; - } - - if ($con->query($sql) === TRUE) { - - - if($rs=="yes") - { - $_SESSION["info_courses"]="Course Joining request Approved."; - } - else { - $_SESSION["info_courses"]="Course Joining request Declined & Removed."; - } - - - - - header("Location: Courses.php"); - - - } - else { - echo "Error: " . $sql . "
    " . $con->error; } - } + + + + +//ACCEPT STUDNTS JOINING COURSSS + +if (!empty($_GET["AcceptStudent"])) { + + $id=$_GET["id"]; + $rs=$_GET["rs"]; + + if($rs=="yes") + { + $sql="Update course_students_table set Status='Joined' Where ID=$id"; + + + } else { + $sql="Delete FROM course_students_table Where ID=$id"; + } + + if ($con->query($sql) === TRUE) { + + + if($rs=="yes") + { + $_SESSION["info_courses"]="Course Joining request Approved."; + } + else { + $_SESSION["info_courses"]="Course Joining request Declined & Removed."; + } + header("Location: Courses.php"); - - - - - - - - - - - - - - - - - - - - - - - - - - - - - //action=passchange&uid=1&pass=1929 + } + else { + echo "Error: " . $sql . "
    " . $con->error; + } + +} + + + + + +//action=passchange&uid=1&pass=1929 if (!empty($_GET["action"])) { @@ -1409,23 +1128,23 @@ if (!empty($_GET["action"])) { // validate uid if (intval($uid) < 0) { - header("Location: index.php"); - return; + header("Location: index.php"); + return; } if($action=="passchange") { - $sql= "UPDATE users_table set Password='$pass' where User_ID=$uid;"; - if ($con->query($sql) === TRUE) { + $sql= "UPDATE users_table set Password='$pass' where User_ID=$uid;"; + if ($con->query($sql) === TRUE) { error_reporting(0); echo "Password has been changed"; // return; - $_SESSION["infoChangePassword"]=$type." User password was changed successfully."; + $_SESSION["infoChangePassword"]=$type." User password was changed successfully."; header("Location: index.php"); - } else { + } else { // echo "Error: " . $sql . "
    " . $con->error; - echo "Something really bad happened while changing password. Contact lanhui at zjnu.edu.cn. Thanks!"; + echo "Something really bad happened while changing password. Contact lanhui at zjnu.edu.cn. Thanks!"; } } @@ -1433,117 +1152,89 @@ if (!empty($_GET["action"])) { if($action=="statuschange") { $sql= "UPDATE users_table set Status='$status' where User_ID=$uid;"; - if ($con->query($sql) === TRUE) { - $_SESSION["info_Admin_Users"]=$type." user Status updated successfully "; - header("Location: Admin.php"); - } else { - // echo "Error: " . $sql . "
    " . $con->error; - echo "Something really bad happened while changing status. Contact lanhui at zjnu.edu.cn. Thanks!"; - } - } - } - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - // ############################### CREATE STUDENT USER ################################## - if (!empty($_POST["frm_createCourse"])) { - $name=mysqli_real_escape_string($con,$_POST["name"]); - $academic=mysqli_real_escape_string($con,$_POST["academic"]); - $lecturer=mysqli_real_escape_string($con,$_POST["lecturer"]); - $ta=mysqli_real_escape_string($con,$_POST["ta"]); - $faculty=mysqli_real_escape_string($con,$_POST["faculty"]); - $code=mysqli_real_escape_string($con,$_POST["code"]); - $url=mysqli_real_escape_string($con,$_POST["url"]); - $verify=mysqli_real_escape_string($con,$_POST["verify"]); - $who=mysqli_real_escape_string($con,$_POST["l"]); + if ($con->query($sql) === TRUE) { + $_SESSION["info_Admin_Users"]=$type." user Status updated successfully "; + header("Location: Admin.php"); + } else { + // echo "Error: " . $sql . "
    " . $con->error; + echo "Something really bad happened while changing status. Contact lanhui at zjnu.edu.cn. Thanks!"; + } + } +} + + + + + +// ############################### CREATE STUDENT USER ################################## +if (!empty($_POST["frm_createCourse"])) { + $name=mysqli_real_escape_string($con,$_POST["name"]); + $academic=mysqli_real_escape_string($con,$_POST["academic"]); + $lecturer=mysqli_real_escape_string($con,$_POST["lecturer"]); + $ta=mysqli_real_escape_string($con,$_POST["ta"]); + $faculty=mysqli_real_escape_string($con,$_POST["faculty"]); + $code=mysqli_real_escape_string($con,$_POST["code"]); + $url=mysqli_real_escape_string($con,$_POST["url"]); + $verify=mysqli_real_escape_string($con,$_POST["verify"]); + $who=mysqli_real_escape_string($con,$_POST["l"]); - if($url=="") - { - $url= $code.$academic; - } + if($url=="") + { + $url= $code.$academic; + } - if($ta=="") - { - $ta=0; - } + if($ta=="") + { + $ta=0; + } - // check if email is taked -// $result = mysqli_query($con, -// "SELECT * FROM courses_table WHERE Course_Name='$name'"); -// if(mysqli_num_rows($result)!=0) -// { -// $_SESSION["info_Admin_Courses"]="Course Name : ".$name." already used."; -// header("Location: Admin.php"); -// } -// + // check if email is taked + // $result = mysqli_query($con, + // "SELECT * FROM courses_table WHERE Course_Name='$name'"); + // if(mysqli_num_rows($result)!=0) + // { + // $_SESSION["info_Admin_Courses"]="Course Name : ".$name." already used."; + // header("Location: Admin.php"); + // } + // - $sql="INSERT INTO `courses_table`(`Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`) + $sql="INSERT INTO `courses_table`(`Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`) VALUES ('$name','$academic','$faculty','$lecturer','$ta','$code','$url','$verify')"; - if ($con->query($sql) === TRUE) { - $_SESSION["info_Admin_Courses"]="Course portal was Created successfully."; - if($who=="l") - { - header("Location: Courses.php"); - } else - { - header("Location: Admin.php"); - } + if ($con->query($sql) === TRUE) { + $_SESSION["info_Admin_Courses"]="Course portal was Created successfully."; + if($who=="l") + { + header("Location: Courses.php"); + } else + { + header("Location: Admin.php"); + } -} else { - echo "Error: " . $sql . "
    " . $con->error; + } else { + echo "Error: " . $sql . "
    " . $con->error; + } } - } + + + + + +// Export grade - - - - - - - //exportgrade - - if (!empty($_GET["exportgrade"])) { +if (!empty($_GET["exportgrade"])) { - $lab=$_GET["lab"]; - $lab_name=$_GET["lab_name"]; + $lab=$_GET["lab"]; + $lab_name=$_GET["lab_name"]; - error_reporting(0); + error_reporting(0); - $select = "SELECT lab_reports_table.Title as 'LAB_Report', lab_reports_table.Marks as Lab_Marks, + $select = "SELECT lab_reports_table.Title as 'LAB_Report', lab_reports_table.Marks as Lab_Marks, `Submission_Date`, lab_report_submissions.Student_id, users_table.Full_Name as Student_Name, lab_report_submissions.Marks,`Notes` FROM `lab_report_submissions` @@ -1555,55 +1246,48 @@ INNER JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_ WHERE lab_report_submissions.Lab_Report_ID=$lab"; - $export = mysqli_query($con,$select); + $export = mysqli_query($con,$select); - $fields = mysqli_num_fields ( $export ); + $fields = mysqli_num_fields ( $export ); -for ( $i = 0; $i < $fields; $i++ ) -{ - $header .= mysqli_fetch_field_direct( $export , $i )->name. "\t"; -} - - -while( $row = mysqli_fetch_row( $export ) ) -{ - $line = ''; - foreach( $row as $value ) - { - if ( ( !isset( $value ) ) || ( $value == "" ) ) - { - $value = "\t"; - } - else - { - $value = str_replace( '"' , '""' , $value ); - $value = '"' . $value . '"' . "\t"; - } - $line .= $value; + for ( $i = 0; $i < $fields; $i++ ) + { + $header .= mysqli_fetch_field_direct( $export , $i )->name. "\t"; } - $data .= trim( $line ) . "\n"; + + + while( $row = mysqli_fetch_row( $export ) ) + { + $line = ''; + foreach( $row as $value ) + { + if ( ( !isset( $value ) ) || ( $value == "" ) ) + { + $value = "\t"; + } + else + { + $value = str_replace( '"' , '""' , $value ); + $value = '"' . $value . '"' . "\t"; + } + $line .= $value; + } + $data .= trim( $line ) . "\n"; + } + $data = str_replace( "\r" , "" , $data ); + + if ( $data == "" ) + { + $data = "\n(0) Records Found!\n"; + } + + header("Content-type: application/octet-stream"); + header("Content-Disposition: attachment; filename=$lab_name Garde Sheet.xls"); + header("Pragma: no-cache"); + header("Expires: 0"); + print "$header\n$data"; + } -$data = str_replace( "\r" , "" , $data ); - -if ( $data == "" ) -{ - $data = "\n(0) Records Found!\n"; -} - -header("Content-type: application/octet-stream"); -header("Content-Disposition: attachment; filename=$lab_name Garde Sheet.xls"); -header("Pragma: no-cache"); -header("Expires: 0"); -print "$header\n$data"; - - - - - - - } - - diff --git a/Submissions.php b/Submissions.php index 688fe89..411fe75 100644 --- a/Submissions.php +++ b/Submissions.php @@ -1,40 +1,40 @@ + + + ?> -
    +
    - '; - $_SESSION['info_Marking']=null; -} + if(isset($_SESSION['info_Marking'])) { + echo '
    '; + $_SESSION['info_Marking']=null; + } -$resultx1 = mysqli_query($con,"Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id"); - while($row = mysqli_fetch_assoc($resultx1)) {$count_subs=$row['cnt'];} + $resultx1 = mysqli_query($con,"Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id"); + while($row = mysqli_fetch_assoc($resultx1)) {$count_subs=$row['cnt'];} - $resultx2 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Marked'"); - if(mysqli_num_rows($resultx2)==0){$count_marked=0;} else { while($row = mysqli_fetch_assoc($resultx2)) {$count_marked =$row['cnt'];}} + $resultx2 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Marked'"); + if(mysqli_num_rows($resultx2)==0){$count_marked=0;} else { while($row = mysqli_fetch_assoc($resultx2)) {$count_marked =$row['cnt'];}} - $resultx3 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Pending'"); - if(mysqli_num_rows($resultx3)==0){$count_unmarked=0;} else { while($row = mysqli_fetch_assoc($resultx3)) {$count_unmarked =$row['cnt'];}} + $resultx3 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Pending'"); + if(mysqli_num_rows($resultx3)==0){$count_unmarked=0;} else { while($row = mysqli_fetch_assoc($resultx3)) {$count_unmarked =$row['cnt'];}} - $resultx4 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Remarking'"); - if(mysqli_num_rows($resultx4)==0){$count_remark=0;} else { while($row = mysqli_fetch_assoc($resultx4)) {$count_remark =$row['cnt'];}} + $resultx4 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Remarking'"); + if(mysqli_num_rows($resultx4)==0){$count_remark=0;} else { while($row = mysqli_fetch_assoc($resultx4)) {$count_remark =$row['cnt'];}} -?> + ?> - Lab Report Submissions () - - +
    + +
    - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    + + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + } +include 'Footer.php'; +?> - - - - - + - + + + - + diff --git a/SubmitLab.php b/SubmitLab.php index 97d186c..edb9f91 100644 --- a/SubmitLab.php +++ b/SubmitLab.php @@ -1,157 +1,135 @@ + +
    + + '$c_date' ORDER by Lab_Report_ID DESC"); -if(mysqli_num_rows($result1)==0) + $result1 = mysqli_query($con," SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and Deadline > '$c_date' ORDER by Lab_Report_ID DESC"); + if(mysqli_num_rows($result1) == 0) { - echo "No Active assignments for this course so far."; + echo "No active assignments for this course so far."; - } else { while($row = mysqli_fetch_assoc($result1)) { + } else { - $Course_ID=$row['Course_ID']; - $title=$row['Title']; - $ins=$row['Instructions']; - $posted=$row['Posted_Date']; - $deadline=$row['Deadline']; - $att1=$row['Attachment_link_1']; - $att2=$row['Attachment_link_2']; - $att3=$row['Attachment_link_3']; - $att4=$row['Attachment_link_4']; - $labid=$row['Lab_Report_ID']; - - $type=$row['Type']; + while($row = mysqli_fetch_assoc($result1)) { - //----------------------------------Giving both Group Admin and Group Members same priviledges to submit assignment-------------------------------------- - if($type=="Group"){ - $resultx1 = mysqli_query($con,"SELECT Course_Group_id FROM `course_groups_table` WHERE (Course_id=$Course_ID) and ((Group_Member=$student_id ) or (Group_Member2=$student_id ) or (Group_Member3=$student_id ) or (Group_Member4=$student_id ) or(Group_Leader=$student_id))"); + $Course_ID = $row['Course_ID']; + $title = $row['Title']; + $ins = $row['Instructions']; + $posted = $row['Posted_Date']; + $deadline = $row['Deadline']; + $att1 = $row['Attachment_link_1']; + $att2 = $row['Attachment_link_2']; + $att3 = $row['Attachment_link_3']; + $att4 = $row['Attachment_link_4']; + $labid = $row['Lab_Report_ID']; + $type = $row['Type']; + + //----------------------------------Giving both the Group Admin and Group Members same priviledges to submit assignment-------------------------------------- + if($type=="Group"){ + $resultx1 = mysqli_query($con,"SELECT Course_Group_id FROM `course_groups_table` WHERE (Course_id=$Course_ID) and ((Group_Member=$student_id ) or (Group_Member2=$student_id ) or (Group_Member3=$student_id ) or (Group_Member4=$student_id ) or (Group_Leader=$student_id))"); while($row = mysqli_fetch_assoc($resultx1)) { - $_SESSION["Group_ID"]=$row['Course_Group_id'];} + $_SESSION["Group_ID"] = $row['Course_Group_id']; + } - if($_SESSION["Group_ID"]<1) - { - echo"

    This Lab report can only be submitted by Group Admin

    "; - return; - } - } + if($_SESSION["Group_ID"] < 1) + { + echo"

    This Lab report can only be submitted by Group Admin

    "; + return; + } + } + $full_link="$att1"; - - $full_link="$att1"; + if($att2!=""){ + $full_link = $full_link."| $att2"; + } + if($att3!=""){ + $full_link = $full_link."| $att3"; + } - if($att2!=""){ - $full_link= $full_link."| $att2"; - } - if($att3!=""){ - $full_link= $full_link."| $att3"; - } - - if($att4!=""){ - $full_link= $full_link."| $att4"; - } + if($att4!=""){ + $full_link = $full_link."| $att4"; + } - - echo "
    + echo " "; - -// echo "
    -// $title
    $ins -//
    Posted : $posted Deadline : $deadline      
    Attachments : $full_link
    -//
    "; - - - - - - - echo ""; - - - - - - - - }} - - - } - $Group_ID=$_SESSION["Group_ID"]; + + echo ""; + } + } +} + +$Group_ID = $_SESSION["Group_ID"]; + ?> - - - - - -
    + + + +
    -

    Submit Lab Report Assignment

    -
    +

    Submit Lab Report Assignment

    +
    -
    +
    - -
    - - - - - - + + + + + + - - -Title - - Attachment 1 - + Title + - Attachment 2 - + Attachment 1 + -
    -
    + Attachment 2 + +
    - Attachment 3 - +
    + Attachment 3 + - Attachment 4 - -
    -
    - + Attachment 4 + +
    + +
    + +
    - - -
    -
    +
    -
    \ No newline at end of file + diff --git a/index.php b/index.php index 72594c3..1f3fb3e 100644 --- a/index.php +++ b/index.php @@ -1,137 +1,129 @@ - - - - - +


    -

    - -

    Lab Report Repository System

    -

    +

    + +

    Lab Report Repository

    +

    - -
    +

    -

    Sign in

    -
    +

    Sign in

    +
    -
    - -Student ID / Email - + + + + + Student ID / Email + - Password - -
    -
    Reset my password - -'; - $_SESSION['info_login']=null; -} + Password + +
    +
    Reset my password -// wrong pass -if(isset($_SESSION['wrong_pass'])) { - echo '
    '; - $_SESSION['wrong_pass']=null; -} - - -if(isset($_SESSION['infoChangePassword'])) { - echo '
    '; - $_SESSION['infoChangePassword']=null; -} - - -?> -
    - -
    - -
    -
    -
    - + '; + $_SESSION['info_login']=null; + } + + + // wrong pass + if(isset($_SESSION['wrong_pass'])) { + echo '
    '; + $_SESSION['wrong_pass']=null; + } + + + if(isset($_SESSION['infoChangePassword'])) { + echo '
    '; + $_SESSION['infoChangePassword']=null; + } -
    -

    Student sign up

    -
    + ?> -
    +
    + +
    +
    +
    + + +
    + +
    +

    Sign up

    +
    + +
    Student ID - + -Your Passport / National ID - -
    -
    Click Next to set up password - +
    +
    Click Next to set up password -error_reporting(E_ALL); -if(isset($_SESSION['info_signup1'])) { - echo ''; - $_SESSION['info_signup1']=null; -} -?> - -
    - + '.$_SESSION['info_signup1'].'
    '; + $_SESSION['info_signup1']=null; + } + + ?> + +
    + +
    - - - - - - - - - - - -
    + LRRS was originally developed as a software engineering course project by Mohamed Nor and Elmahdi Houzi. Please submit your suggestions or bug reports to lanhui _at_ zjnu.edu.cn. Last updated on 18/04/2020 by Ashly. More information ... + - + - diff --git a/recover_password.php b/recover_password.php index 2eb4709..387d6ae 100644 --- a/recover_password.php +++ b/recover_password.php @@ -1,3 +1,7 @@ + + -/* - * To change this license header, choose License Headers in Project Properties. - * To change this template file, choose Tools | Templates - * and open the template in the editor. - */ +
    -
    +

    -

    Sign Up

    -
    +

    Please fill in each field below

    +
    -
    - - Full Name - + + + Full Name + - Email - + Email + - Password - + Password (must include uppercase and lowercase letters, digits and special characters) + - Confirm Password - -
    - + Confirm Password + +
    + '; - $_SESSION['info_signup2'] = null; + echo '
    '; + $_SESSION['info_signup2'] = null; } - ?>
    -
    - -
    -
    +
    - -
    -
    \ No newline at end of file + + +