kasoka
/
LRR
forked from mrlan/LRR
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #48 from lanlab-org/Hui-Refactoring 

Hui refactoring
SIMPLICITY_Bug-189_Course_Delete_btn
Software Project Management 2020-10-02 17:05:20 +08:00 committed by GitHub
parent 3abda541dd 46171fe780
commit bea6d94db7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 2357 additions and 3003 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Admin.php
View File

@ -1,3 +1,8 @@
<?php
include 'NoDirectPhpAcess.php';
?>
<?php <?php
$page="admin"; $page="admin";
include 'Header.php'; include 'Header.php';
@ -32,7 +37,7 @@ if ($_SESSION['user_type'] != "Lecturer") {
<hr> <hr>
--> -->
<div class="col-md-6"> <div class="col-md-6">
<h4> User account Management </h4><hr> <h4> User Account Management </h4><hr>
<b>Lecturer / TA Accounts </b><br> <b>Lecturer / TA Accounts </b><br>

16
Connect.php
View File

@ -1,16 +0,0 @@
<?php
session_start();
$con=mysqli_connect("localhost","username","password","lrr");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
else
{
echo "Connected";
}

258
Course.php
View File

@ -1,3 +1,8 @@
<?php
include 'NoDirectPhpAcess.php';
?>
<?php <?php
$page='Courses+'; $page='Courses+';
include 'Header.php'; include 'Header.php';
@ -5,6 +10,7 @@ include 'Header.php';
$group_id = $_SESSION["user_group_id"]; $group_id = $_SESSION["user_group_id"];
$c_date = date("Y-m-d H:i"); $c_date = date("Y-m-d H:i");
if(!empty($_GET["url"])) if(!empty($_GET["url"]))
{ {
$course_url = $_GET["url"]; $course_url = $_GET["url"];
@ -13,9 +19,11 @@ include 'Header.php';
. " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table" . " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table"
. " ON users_table.User_ID=courses_table.Lecturer_User_ID where URL='$course_url' "); . " ON users_table.User_ID=courses_table.Lecturer_User_ID where URL='$course_url' ");
if(mysqli_num_rows($result)==0) if(mysqli_num_rows($result)==0) {
{echo "should not be here";} else {
echo "No course matching the given course URL: ".$course_url;
} else {
while($row = mysqli_fetch_assoc($result)) { while($row = mysqli_fetch_assoc($result)) {
$name = $row['Course_Name']; $name = $row['Course_Name'];
$code = $row['Course_Code']; $code = $row['Course_Code'];
@ -24,19 +32,27 @@ include 'Header.php';
$academic = $row['Academic_Year']; $academic = $row['Academic_Year'];
$url = $row['URL']; $url = $row['URL'];
$course_id = $row['Course_ID']; $course_id = $row['Course_ID'];
$id2=$row['Course_ID']; // also get teaching assistant names(if any)
$ta_result = mysqli_query($con, "SELECT Full_Name FROM users_table where User_ID in (select TA from course_ta where Course_ID='$course_id');");
if (mysqli_num_rows($ta_result) == 0) {
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'> echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
Courses > $name ($code) > Lab Reports Courses > $name ($code) > Lab Reports <br> <span style='font-size:8pt'>Faculty: $faculty | Year: $academic | Lecturer: $lecturer </span>
<br> <span style='font-size:8pt'>Faculty: $faculty | Year: $academic | Lecturer: $lecturer </span> </a></div> ";
} else {
$ta_name = "";
</a></div> while ($row = mysqli_fetch_assoc($ta_result)) {
"; $ta_name = $ta_name.$row['Full_Name']." ";
}
}} $ta_name = trim ($ta_name);
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
Courses > $name ($code) > Lab Reports <br> <span style='font-size:8pt'>Faculty: $faculty | Year: $academic | Lecturer: $lecturer | Teaching Assistant: $ta_name </span>
</a></div> ";
}
}
}
} }
?> ?>
<div class="row" style='margin-left:20px;float:left'> <div class="row" style='margin-left:20px;float:left'>
<?php <?php
@ -61,31 +77,27 @@ include 'Header.php';
if( $_SESSION['user_type'] == "Student") if( $_SESSION['user_type'] == "Student")
{ {
?> ?>
<hr> <hr>
<div class="row" style="width:95%;margin:auto; text-align:left;"> <div class="row" style="width:95%;margin:auto; text-align:left;">
<div class="col-md-9"> <div class="col-md-9">
<!-- Nav tabs --> <!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist"> <ul class="nav nav-tabs" role="tablist">
<li class="nav-item"> <li class="nav-item">
<a class="nav-link active" data-toggle="tab" href="#menu1">New Lab Reports</a> <a class="nav-link active" data-toggle="tab" href="#menu1">New</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu2">Missed Lab Reports </a> <a class="nav-link" data-toggle="tab" href="#menu2">Missed</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu3">Submitted Lab Reports</a> <a class="nav-link" data-toggle="tab" href="#menu3">Submitted</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu4">Marked Submissions</a> <a class="nav-link" data-toggle="tab" href="#menu4">Marked</a>
</li> </li>
</ul> </ul>
@ -95,40 +107,41 @@ if( $_SESSION['user_type']=="Student")
<?php <?php
// Get groups of this students // Get groups of this students
$sql="SELECT course_group_members_table.Course_Group_id $sql="SELECT course_group_members_table.Course_Group_id FROM course_group_members_table INNER JOIN course_groups_table ON course_group_members_table.Course_Group_id = course_groups_table.Course_Group_id WHERE course_group_members_table.Student_ID=$student_id and course_groups_table.Course_id=$course_id";
FROM course_group_members_table inner join
course_groups_table on course_group_members_table.Course_Group_id = course_groups_table.Course_Group_id
WHERE course_group_members_table.Student_ID=$student_id and course_groups_table.Course_id=$course_id";
$resultx1 = mysqli_query($con, $sql); $resultx1 = mysqli_query($con, $sql);
while($row = mysqli_fetch_assoc($resultx1))
while($row = mysqli_fetch_assoc($resultx1)) {$_SESSION['group_id']=$row['Course_Group_id'];} {
$_SESSION['group_id'] = $row['Course_Group_id'];
}
$group_id = $_SESSION['group_id']; $group_id = $_SESSION['group_id'];
if($group_id==""){$group_id=-1;} if($group_id == "")
{
$group_id = 0; // no group. If the student has a group, the group number should be greater than 0.
}
$var="SELECT Type,Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` // Show the assignment iff the following conditions are met: (1)
FROM `lab_reports_table` WHERE Course_ID=$course_id " // Before the deadline (2) Before the students' extended deadline (if any)
. "" // (3) none of the student's group members have already submitted
. "and (Deadline > '$c_date' or Lab_Report_ID in (SELECT `Lab_Report_ID` FROM `extended_deadlines_table`" // the assignment.
. " WHERE Lab_Report_ID in (select Lab_Report_ID from lab_reports_table where Course_ID=$course_id) and Student_ID=$student_id and Extended_Deadline_Date > '$c_date') ) "
. "" $var = "SELECT Type, Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`".
. "" " FROM `lab_reports_table`".
. "" " WHERE Course_ID=$course_id".
. "" " AND (Deadline > '$c_date' OR Lab_Report_ID IN (SELECT `Lab_Report_ID` FROM `extended_deadlines_table` WHERE Student_ID=$student_id AND Extended_Deadline_Date > '$c_date' AND Lab_Report_ID IN (SELECT Lab_Report_ID FROM lab_reports_table WHERE Course_ID=$course_id)))".
. "and Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions" " AND Lab_Report_ID NOT IN (SELECT Lab_Report_ID FROM lab_report_submissions WHERE Course_Group_id IN (SELECT Course_Group_id FROM course_group_members_table WHERE Student_ID=$student_id))".
. " where (Student_id=$student_id or Course_Group_id=$group_id) and Course_ID=$course_id)" " ORDER BY Lab_Report_ID DESC";
. ""
. " ORDER by Lab_Report_ID DESC";
$result1 = mysqli_query($con, $var); $result1 = mysqli_query($con, $var);
if(mysqli_num_rows($result1)==0) if(mysqli_num_rows($result1)==0)
{ {
echo "No Active assignments for this course so far."; echo "No active assignments for this course so far.";
} else { while($row = mysqli_fetch_assoc($result1)) { } else {
while($row = mysqli_fetch_assoc($result1)) {
$title=$row['Title']; $title=$row['Title'];
$type=$row['Type']; $type=$row['Type'];
$Marks=$row['Marks']; $Marks=$row['Marks'];
@ -164,6 +177,9 @@ if(mysqli_num_rows($result1)==0)
</div> </div>
<div id="menu2" class="container tab-pane"><br> <div id="menu2" class="container tab-pane"><br>
<?php <?php
$group_id=$_SESSION['group_id']; $group_id=$_SESSION['group_id'];
@ -190,9 +206,10 @@ Lab_Report_ID not in
if(mysqli_num_rows($result)==0) if(mysqli_num_rows($result)==0)
{ {
echo "You Missed no Lab reports in this course"; echo "You missed no lab reports in this course.";
} else { while($row = mysqli_fetch_assoc($result)) { } else {
while($row = mysqli_fetch_assoc($result)) {
$title=$row['Title']; $title=$row['Title'];
$marks=$row['Marks']; $marks=$row['Marks'];
$ins=$row['Instructions']; $ins=$row['Instructions'];
@ -240,16 +257,20 @@ $group_id = $_SESSION['group_id'];
if($group_id==""){$group_id=-1;} // This fixes "Submitted report not shown" http://118.25.96.118/bugzilla/show_bug.cgi?id=176 if($group_id==""){$group_id=-1;} // This fixes "Submitted report not shown" http://118.25.96.118/bugzilla/show_bug.cgi?id=176
$resultx = mysqli_query($con,"SELECT Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` $sql_stmt = "SELECT Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
FROM `lab_reports_table` FROM `lab_reports_table`
WHERE Lab_Report_ID in (select Lab_Report_ID from lab_report_submissions"
. " where Status='Pending' and (Student_id=$student_id or Course_Group_id=$group_id) and Course_ID=$course_id) ORDER by Lab_Report_ID DESC";
$resultx = mysqli_query($con, $sql_stmt);
where Lab_Report_ID in (select Lab_Report_ID from lab_report_submissions"
. " where Status='Pending' and (Student_id=$student_id or Course_Group_id=$group_id) and Course_ID=$course_id) ORDER by Lab_Report_ID DESC");
if(mysqli_num_rows($resultx)==0) if(mysqli_num_rows($resultx)==0)
{ {
echo "You have no lab report submissions in this course."; echo "You have no lab report submissions in this course.";
} else { while($row = mysqli_fetch_assoc($resultx)) { } else {
while($row = mysqli_fetch_assoc($resultx)) {
$lab_repo_id=$row['Lab_Report_ID']; $lab_repo_id=$row['Lab_Report_ID'];
$title=$row['Title']; $title=$row['Title'];
$marks=$row['Marks']; $marks=$row['Marks'];
@ -261,13 +282,9 @@ if(mysqli_num_rows($resultx)==0)
$att3=$row['Attachment_link_3']; $att3=$row['Attachment_link_3'];
$att4=$row['Attachment_link_4']; $att4=$row['Attachment_link_4'];
$id = $row['Lab_Report_ID']; $id = $row['Lab_Report_ID'];
if( $c_date < $deadline) if( $c_date < $deadline)
{ {
$submittedx="<a href='~\..\SubmitLab.php?id=$id' class='btn-sm btn-default'><i class='fa fa-check-circle'></i> Re-Submit </a>"; $submittedx="<a href='~\..\SubmitLab.php?id=$id&url=$url' class='btn-sm btn-default'><i class='fa fa-check-circle'></i> Re-Submit </a>";
}
else {
} }
$full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>"; $full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
@ -282,12 +299,11 @@ if(mysqli_num_rows($resultx)==0)
if($att4!=""){ if($att4!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>"; $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
} }
;
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'> echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> <span style='font-size:8pt'> $ins</span> $title <br> <span style='font-size:8pt'> $ins</span>
<br> <span style='font-size:8pt'>Posted : $posted Deadline : $deadline ($marks Marks) &nbsp; &nbsp; $submittedx&nbsp; <span class='btn-sm btn-success' style='margin-left:50px;'><i class='fa fa-Edit-circle'></i> Submitted </span><br> Assignment Attachments : $full_link <br> <span style='font-size:8pt'>Posted : $posted Deadline : $deadline ($marks Marks) &nbsp; &nbsp; $submittedx&nbsp; <span class='btn-sm btn-success' style='margin-left:50px;'><i class='fa fa-Edit-circle'></i> Submitted </span>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;<br> Submission Files :"; <br> Submitted files: ";
$Sub_result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID, $Sub_result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
@ -298,29 +314,34 @@ FROM `lab_report_submissions`
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$student_id')"); where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$student_id')");
// or lab_report_submissions.Course_Group_id='$group_id'
if(mysqli_num_rows($Sub_result) == 0) if(mysqli_num_rows($Sub_result) == 0)
{ {
echo "No Attachments found."; echo "No Attachments found.";
} else { while($row = mysqli_fetch_assoc($Sub_result)) { } else {
while($row = mysqli_fetch_assoc($Sub_result)) {
$at1=$row['Attachment1']; $at1=$row['Attachment1'];
$at2=$row['Attachment2']; $at2=$row['Attachment2'];
$at3=$row['Attachment3']; $at3=$row['Attachment3'];
$at4=$row['Attachment4']; $at4=$row['Attachment4'];
$full_link="<a href='~\..\Lab_Report_Submisions\\$at1'>$at1</a>"; $base_at1 = basename($at1);
$base_at2 = basename($at2);
$base_at3 = basename($at3);
$base_at4 = basename($at4);
$full_link = "<a href='~\..\Download.php?file=$at1&attachment=1'>$base_at1</a>"; // prevent students from directly accessing their classmates' submissions
if($at2!=""){ if($at2!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$at2'>$at2</a>"; $full_link= $full_link." | <a href='~\..\Download.php?file=$at2&attachment=2'>$base_at2</a>";
} }
if($at3!=""){ if($at3!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$at3'>$at3</a>"; $full_link= $full_link." | <a href='~\..\Download.php?file=$at3&attachment=3'>$base_at3</a>";
} }
if($at4!=""){ if($at4!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$at4'>$at4</a>"; $full_link= $full_link." | <a href='~\..\Download.php?file=$at4&attachment=4'>$base_at4</a>";
} }
echo $full_link; echo $full_link;
@ -384,7 +405,7 @@ $resultx = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_re
if(mysqli_num_rows($resultx)==0) if(mysqli_num_rows($resultx)==0)
{ {
echo "You have No Marked submissions in this course"; echo "You have no marked submissions in this course";
} else { while($row = mysqli_fetch_assoc($resultx)) { } else { while($row = mysqli_fetch_assoc($resultx)) {
$title=$row['Lab_Title']; $title=$row['Lab_Title'];
@ -469,58 +490,8 @@ if(mysqli_num_rows($resultx)==0)
</div> </div>
</div> </div>
</div> </div>
<div class="col-md-3"> <div class="col-md-3">
@ -596,58 +567,11 @@ where course_group_members_table.Course_Group_id=$id");
</div> </div>
</div> </div>
<?php <?php
} }
include 'Footer.php'; include 'Footer.php';
@ -659,6 +583,7 @@ where course_group_members_table.Course_Group_id=$id");
<link rel="stylesheet" href="./css/jquery-ui.css" /> <link rel="stylesheet" href="./css/jquery-ui.css" />
<script> <script>
function CreateGroup() { function CreateGroup() {
@ -729,7 +654,6 @@ where course_group_members_table.Course_Group_id=$id");
function accept(id,val) { function accept(id,val) {
try try
{ {
@ -763,7 +687,7 @@ where course_group_members_table.Course_Group_id=$id");
function remarking(data) function remarking(data)
{ {
var details=prompt("Please enter Remarking Reason",""); var details = prompt("Please enter your remarking reasons","");
window.location.href = data+"&details="+details; window.location.href = data+"&details="+details;
} }

176
Courses.php
View File

@ -1,3 +1,8 @@
<?php
include 'NoDirectPhpAcess.php';
?>
<?php <?php
@ -6,15 +11,6 @@ include 'Header.php';
$user_d = $_SESSION['user_id']; $user_d = $_SESSION['user_id'];
if( $_SESSION['user_type']=="Lecturer" || $_SESSION['user_type']=="TA") if( $_SESSION['user_type']=="Lecturer" || $_SESSION['user_type']=="TA")
{ {
?> ?>
@ -280,7 +276,7 @@ if (isset($_SESSION['info_courses'])) {
if( $_SESSION['user_type']=="TA") if( $_SESSION['user_type']=="TA")
{ {
echo "<b style='color:orange'>* Only Lecturers can Post new Lab report Assignments </b><br>"; echo "<b style='color:gray'>*Only Lecturer can post a new lab report assignment</b><br>";
} }
if(mysqli_num_rows($result)==0) if(mysqli_num_rows($result)==0)
{ {
@ -372,46 +368,6 @@ WHERE Course_ID=$course_id");
<div class="col-md-8"> <div class="col-md-8">
<?php <?php
@ -567,94 +523,6 @@ Verify Joining Students
{ {
?> ?>
<!--STUDENT CODE--> <!--STUDENT CODE-->
<div class="row" style="width:80%;margin:auto; text-align:left;"> <div class="row" style="width:80%;margin:auto; text-align:left;">
<div class="col-md-6"> <div class="col-md-6">
@ -712,7 +580,9 @@ if(!empty($_GET["search"]) || !empty($_GET["faculty"]))
{ {
echo "No results found for your Search <hr>"; echo "No results found for your Search <hr>";
} else { while($row = mysqli_fetch_assoc($result)) { } else {
while($row = mysqli_fetch_assoc($result)) {
$name=$row['Course_Name']; $name=$row['Course_Name'];
$code=$row['Course_Code']; $code=$row['Course_Code'];
$faculty=$row['Faculty']; $faculty=$row['Faculty'];
@ -721,34 +591,21 @@ echo "No results found for your Search <hr>";
$url=$row['URL']; $url=$row['URL'];
$id=$row['Course_ID']; $id=$row['Course_ID'];
$v=$row['Verify_New_Members']; $v=$row['Verify_New_Members'];
$msg2="Join this Course"; $msg2="Join Course";
if($v>0) if($v>0)
{ {
$msg="<i class='fa fa-exclamation-circle'></i> Lecturer Verification required"; $msg="<i class='fa fa-exclamation-circle'></i> Lecturer verification required";
$msg2="Send Joining Request"; $msg2="Send Joining Request";
} }
echo "<div class='btn btn-default' style='word-wrap:break-word'> echo "<div class='btn btn-default' style='word-wrap:break-word'>
($code) - $name <br>($url) <br> <a href='~\..\Script.php?JoinCourse=y&id=$id&std=$student_id&joining=$v' class='btn-sm btn-success' onclick=return confirm(\"are you sure to join this course?\")' > $msg2 </a> [$code] $name <br>($url) <br> <a href='~\..\Script.php?JoinCourse=y&id=$id&std=$student_id&joining=$v' class='btn-sm btn-success' onclick=return confirm(\"Are you sure to join this course?\")' > $msg2 </a>
<br> <span style='font-size:8pt'>Faculty : $faculty Year : $academic Lecturer :$lecturer </span><br>$msg</div> <br> <span style='font-size:10pt'>Faculty: $faculty | Year: $academic | Lecturer: $lecturer </span><br>$msg</div>
"; ";
} }
} }
} }
echo "<h4> My Courses </h4>"; echo "<h4> My Courses </h4>";
$result = mysqli_query($con,"SELECT users_table.Full_Name, course_students_table.Status, courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table` $result = mysqli_query($con,"SELECT users_table.Full_Name, course_students_table.Status, courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table`
INNER JOIN users_table INNER JOIN users_table
@ -761,7 +618,8 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tabl
if(mysqli_num_rows($result)==0) if(mysqli_num_rows($result)==0)
{ {
echo "<i class='fa fa-exclamation-circle'></i> You are not Enrolled in any Course"; echo "<i class='fa fa-exclamation-circle'></i> You are not Enrolled in any Course";
} else { while($row = mysqli_fetch_assoc($result)) { } else {
while($row = mysqli_fetch_assoc($result)) {
$name=$row['Course_Name']; $name=$row['Course_Name'];
$code=$row['Course_Code']; $code=$row['Course_Code'];
$faculty=$row['Faculty']; $faculty=$row['Faculty'];
@ -785,10 +643,6 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tabl
<br> <span style='font-size:8pt'>Faculty : $faculty Year : $academic Lecturer :$lecturer </span></div> <br> <span style='font-size:8pt'>Faculty : $faculty Year : $academic Lecturer :$lecturer </span></div>
"; ";
} }
} }
} }

37
Download.php Normal file
View File

@ -0,0 +1,37 @@
<?php
session_start();
// Allow legal person to download files instead of using direct URL access
// Adapted from https://www.runoob.com/w3cnote/php-download-file.html
// 修改这一行设置你的文件下载目录
$file = "./../../lrr_submission".$_GET['file'];
$filename = basename($file);
// 判断文件是否存在
if(!file_exists($file)) die("File does not exist.");
// 文件类型,作为头部发送给浏览器
$type = filetype($file);
// 获取时间和日期
$today = date("F j, Y, g:i a");
$time = time();
if ( (isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"])) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA") {
// 发送文件头部
header("Content-type: $type");
header("Content-Disposition: attachment;filename=$filename");
header("Content-Transfer-Encoding: binary");
header('Pragma: no-cache');
header('Expires: 0');
// 发送文件内容
set_time_limit(0);
readfile($file);
} else {
echo "Nothing to download. Contact lanhui _at_ zjnu.edu.cn if you think otherwise.";
}
?>

49
Header.php
View File

@ -1,22 +1,14 @@
<?php <?php
session_start(); session_start();
error_reporting(0); error_reporting(0);
date_default_timezone_set('Asia/Shanghai'); date_default_timezone_set('Asia/Shanghai');
$con = mysqli_connect("localhost","username","password","lrr"); $con = mysqli_connect("localhost","username","password","lrr");
// Check connection
if (mysqli_connect_errno()) // Check database connection
{ if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error(); echo "Failed to connect to MySQL: " . mysqli_connect_error();
} }
else
{
}
?> ?>
@ -24,30 +16,22 @@ else
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<header>
<header>
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css"/> <link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css"/>
<link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css"/> <link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css"/>
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css"/>
<script src="./css/jquery.min.js" type="text/javascript"></script> <script src="./css/jquery.min.js" type="text/javascript"></script>
<script src="./css/bootsrap.min.js" type="text/javascript"></script> <script src="./css/bootsrap.min.js" type="text/javascript"></script>
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css"/>
<script src="./css/jquery.datetimepicker.min.js" type="text/javascript"></script> <script src="./css/jquery.datetimepicker.min.js" type="text/javascript"></script>
</header> </header>
<body> <body>
<?php
$curDateTime = date("Y-m-d H:i");
include 'connect.php';
?>
<nav class="navbar navbar-expand-lg navbar-dark bg-dark" style="padding-left:150px;padding-right:150px;margin:auto;"> <nav class="navbar navbar-expand-lg navbar-dark bg-dark" style="padding-left:150px;padding-right:150px;margin:auto;">
<a class="navbar-brand" href="~\..\index.php"> <img src="logo.png" style="width:30px;heigh:30px;"> LRRS</a> <a class="navbar-brand" href="~\..\index.php"> <img src="logo.png" style="width:30px;heigh:30px;"> LRRS</a>
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarColor02" aria-controls="navbarColor02" aria-expanded="false" aria-label="Toggle navigation"> <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarColor02" aria-controls="navbarColor02" aria-expanded="false" aria-label="Toggle navigation">
@ -66,20 +50,18 @@ else
{ {
echo " <a class='nav-link' href='~\..\Courses.php'><i class='fa fa-book'></i> Courses <span class='sr-only'>(current)</span></a>"; echo " <a class='nav-link' href='~\..\Courses.php'><i class='fa fa-book'></i> Courses <span class='sr-only'>(current)</span></a>";
?> ?>
</li> </li>
</ul> </ul>
<form class="form-inline my-2 my-lg-0" style="color:#fff;"> <form class="form-inline my-2 my-lg-0" style="color:#fff;">
Welcome &nbsp; <b> <?php echo $_SESSION['user_fullname']; Welcome &nbsp; <b> <?php echo $_SESSION['user_fullname']; ?> </b> &nbsp;
?> </b> &nbsp;
<?php <?php
$c_date= date("Y-m-d H:i"); $c_date= date("Y-m-d H:i");
if (isset( $_SESSION['user_student_id']))
echo "(". $_SESSION['user_type'] . " - " . $_SESSION['user_student_id'] .") ";
else
echo "(". $_SESSION['user_type'] .") "; echo "(". $_SESSION['user_type'] .") ";
?> ?>
<?php <?php
@ -88,10 +70,8 @@ if ($_SESSION['user_type'] == "Lecturer") {
} }
?> ?>
&nbsp;&nbsp;&nbsp; <i class="fa fa-user" style="color:#fff;"> </i> &nbsp;&nbsp;&nbsp; <i class="fa fa-user" style="color:#fff;"> </i>
&nbsp;<a href="#" style='color:#fff !important' onclick="updatePass(<?php echo $_SESSION['user_id'];?>)">Update password</a> &nbsp;<a href="#" style='color:#fff !important' onclick="updatePass(<?php echo $_SESSION['user_id'];?>)">Update password</a>
&nbsp;&nbsp;&nbsp; <i class="fa fa-lock" style="color:#fff;"> </i> &nbsp;<a style='color:#fff !important' href="~\..\logout.php">Logout </a> &nbsp;&nbsp;&nbsp; <i class="fa fa-lock" style="color:#fff;"> </i> &nbsp;<a style='color:#fff !important' href="~\..\logout.php">Logout </a>
<?php <?php
@ -156,9 +136,6 @@ if ($_SESSION['user_type'] == "Lecturer") {
.ui-button{ background: #03488B; color:white } .ui-button{ background: #03488B; color:white }
</style> </style>
@ -167,9 +144,9 @@ if ($_SESSION['user_type'] == "Lecturer") {
function updatePass(id) function updatePass(id)
{ {
var pass= prompt("Enter your new password : ", "..."); var pass = prompt("Enter your new password : ", "Enter a strong password");
if(!confirm('Are you sure to reset your password?')) if(!confirm('Are you sure you want to reset your password?'))
{ {
return; return;
} }
@ -179,7 +156,7 @@ if ($_SESSION['user_type'] == "Lecturer") {
function blockUser(id,status) function blockUser(id,status)
{ {
if(!confirm('Are you to change User Status')) if(!confirm('Are you sure you want to change user status?'))
{ {
return; return;
} }

7
NoDirectPhpAcess.php Normal file
View File

@ -0,0 +1,7 @@
<?php
// https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file
if (!isset($_SERVER['HTTP_REFERER']) ) {
/* choose the appropriate page to redirect users */
die( header( 'location: index.php' ) );
}
?>

526
Script.php
View File

@ -1,105 +1,97 @@
<?php
include 'NoDirectPhpAcess.php';
?>
<?php <?php
/* /*
* This Contains the main Server-side scripts for the project * This file contains the main Server-side scripts for the project.
* session_destroy();
*
*
*/ */
session_start(); session_start();
date_default_timezone_set('Asia/Shanghai'); date_default_timezone_set('Asia/Shanghai');
// CONNeCTION
// Connect to MySQL database
$con = mysqli_connect("localhost","username","password","lrr"); $con = mysqli_connect("localhost","username","password","lrr");
// Check connection // Check connection
if (mysqli_connect_errno()) if (mysqli_connect_errno())
{ {
echo "Failed to connect to MySQL: " . mysqli_connect_error(); echo "Failed to connect to MySQL: " . mysqli_connect_error();
} }
// else
// {
// echo "Connected";
// }
error_reporting(0); error_reporting(0);
// #### FUNCTION CHECK FILE TYPES ////
function is_valid_student_number($student_id) {
// zjnu student number has 12 digits, and starts with 20
if (strlen($student_id) == 12 && is_numeric($student_id) == TRUE && substr($student_id, 0, 2) == "20")
return TRUE;
return FALSE;
}
// ############################### SIGN UP ##################################
if (!empty($_POST["frm_signup_1"])) { if (!empty($_POST["frm_signup_1"])) {
$student_id = mysqli_real_escape_string($con,$_POST["student_id"]);
$passport = mysqli_real_escape_string($con,$_POST["passport"]); $student_id = trim( mysqli_real_escape_string($con, $_POST["student_id"]) );
$passport = trim( mysqli_real_escape_string($con, $_POST["passport"]) );
// validate student number // validate student number
if (strlen($student_id) != 12 || is_numeric($student_id) == FALSE) { if (! is_valid_student_number($student_id)) {
$_SESSION["info_signup1"] = "Invalid student number."; $_SESSION["info_signup1"] = "Invalid student number.";
header("Location: index.php"); header("Location: index.php");
return; return;
} }
// passport should be empty (not used) // passport should be empty (not used)
if (strcmp(trim($passport), '') != 0) { if (strcmp($passport, '') != 0) {
$_SESSION["info_signup1"] = "Passport is disused. Please leave it empty."; $_SESSION["info_signup1"] = "Passport is disused. Please leave it empty.";
header("Location: index.php"); header("Location: index.php");
return; return;
} }
$result = mysqli_query($con, // Check if this student number is a legal one
"SELECT * FROM `students_data` WHERE Student_ID='$student_id'"); $result = mysqli_query($con, "SELECT * FROM `students_data` WHERE Student_ID='$student_id'");
// Just removed this condition from the above command and (Passport_Number='$passport' or Passport_Number = '')
if(mysqli_num_rows($result) == 0) if(mysqli_num_rows($result) == 0)
{ {
$_SESSION["info_signup1"]="Student number could not be verified! Please contact Student Management Office (lanhui at zjnu.edu.cn). Thanks."; $_SESSION["info_signup1"] = "Your entered student number could not be verified. Please contact Student Management Office <lanhui at zjnu.edu.cn>. Thanks.";
header("Location: index.php"); header("Location: index.php");
return; return;
} }
$result98 = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
$result98 = mysqli_query($con,
"SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
if(mysqli_num_rows($result98) == 0) if(mysqli_num_rows($result98) == 0)
{ {
$_SESSION['user_passport']=$passport;
$_SESSION['user_student_id'] = $student_id; $_SESSION['user_student_id'] = $student_id;
$_SESSION['user_passport'] = $passport;
header("Location: signup.php"); header("Location: signup.php");
return; return;
} }
else else
{ {
$_SESSION["info_signup1"]="Student ID already in use! Please contact Student Management Office (lanhui at zjnu.edu.cn)."; $_SESSION["info_signup1"] = "This Student ID is already in use! Please contact Student Management Office <lanhui at zjnu.edu.cn> for help.";
header("Location: index.php"); header("Location: index.php");
return; return;
} }
} }
// ############################### CREATE STUDENT USER ################################## // ############################### CREATE STUDENT USER ##################################
if (!empty($_POST["frm_signup_2"])) { if (!empty($_POST["frm_signup_2"])) {
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
$email = mysqli_real_escape_string($con, $_POST["email"]); $email = mysqli_real_escape_string($con, $_POST["email"]);
$password = mysqli_real_escape_string($con, $_POST["password"]); $password = mysqli_real_escape_string($con, $_POST["password"]);
$confirmpassword = mysqli_real_escape_string($con, $_POST["confirmpassword"]); $confirmpassword = mysqli_real_escape_string($con, $_POST["confirmpassword"]);
$fullname = mysqli_real_escape_string($con,$_POST["fullname"]);
$student_id = $_SESSION['user_student_id']; $student_id = $_SESSION['user_student_id'];
$passport = $_SESSION['user_passport']; $passport = $_SESSION['user_passport'];
$_SESSION['user_fullname'] = $fullname; $_SESSION['user_fullname'] = $fullname;
@ -109,8 +101,7 @@ if (!empty($_POST["frm_signup_1"])) {
// check confirmed password // check confirmed password
if ( strcasecmp( $password, $confirmpassword ) != 0 ){ if ( strcasecmp( $password, $confirmpassword ) != 0 ){
$_SESSION['info_signup2'] = "Password confirmation failed."; $_SESSION['info_signup2'] = "Password confirmation failed.";
$_SESSION['user_fullname'] = null; $_SESSION['user_fullname'] = null; // such that Header.php do not show the header information.
$_SESSION['user_type'] = null;
header("Location: signup.php"); header("Location: signup.php");
return; return;
} }
@ -134,18 +125,18 @@ if (!empty($_POST["frm_signup_1"])) {
header("Location: signup.php"); header("Location: signup.php");
return; return;
} }
// check if email is taked
$result = mysqli_query($con, // check if email is taken
"SELECT * FROM Users_Table WHERE email='$email'"); $result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
if(mysqli_num_rows($result) != 0) if(mysqli_num_rows($result) != 0)
{ {
$_SESSION["info_signup2"]="Email adress ".$email." already in use."; $_SESSION["info_signup2"]="Email adress ".$email." is already in use.";
$_SESSION['user_fullname'] = null; $_SESSION['user_fullname'] = null;
$_SESSION['user_type'] = null;
header("Location: signup.php"); header("Location: signup.php");
return; return;
} }
//applying password_hash()
// apply password_hash()
$password_hash = password_hash($password, PASSWORD_DEFAULT); $password_hash = password_hash($password, PASSWORD_DEFAULT);
$sql= "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`, `Student_ID`, `Passport_Number`) VALUES " $sql= "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`, `Student_ID`, `Passport_Number`) VALUES "
. "('$email','$password_hash','$fullname','Student','$student_id','$passport')"; . "('$email','$password_hash','$fullname','Student','$student_id','$passport')";
@ -154,44 +145,39 @@ if (!empty($_POST["frm_signup_1"])) {
header("Location: Courses.php"); header("Location: Courses.php");
} else { } else {
// echo "Error: " . $sql . "<br>" . $con->error; // echo "Error: " . $sql . "<br>" . $con->error;
echo "Something really bad happend during sign up."; echo "Something really bad (SQL insertion error) happend during sign up.";
} }
} }
// ################################ LOGIN ##################################### // ################################ LOGIN #####################################
if (!empty($_POST["frm_login"])) { if (!empty($_POST["frm_login"])) {
$user=mysqli_real_escape_string($con,$_POST["user"]);
$user = mysqli_real_escape_string($con, $_POST["user"]); // user could be a 12-digit student number or an email address
$is_student_number = 0; $is_student_number = 0;
// Validate student number // Validate student number
if (is_numeric($user) && strlen($user) != 12) { if ( is_valid_student_number($user) ) {
$_SESSION["info_login"] = "Invalid student number:"."$user";
header("Location: index.php");
return;
} else {
$is_student_number = 1; $is_student_number = 1;
} }
if ($is_student_number == 0 && !filter_var($user, FILTER_VALIDATE_EMAIL)) { // Validate email address if what provided is not a student number
if (! $is_student_number && !filter_var($user, FILTER_VALIDATE_EMAIL)) {
$_SESSION["info_login"] = "Invalid email address: " . "$user"; $_SESSION["info_login"] = "Invalid email address: " . "$user";
header("Location: index.php"); header("Location: index.php");
return; return;
} }
$password = mysqli_real_escape_string($con, $_POST["password"]); $password = mysqli_real_escape_string($con, $_POST["password"]);
// $hashed_password=hash('sha512', $password); Not necessary in the login
$result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')"); $result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')");
if(mysqli_num_rows($result) == 0) if(mysqli_num_rows($result) == 0)
{ {
$_SESSION["info_login"]="Inavlid login information."; $_SESSION["info_login"] = "Inavlid user name information.";
echo $_SESSION["info_login"]; echo $_SESSION["info_login"];
header("Location: index.php"); header("Location: index.php");
} }
else else
@ -200,6 +186,7 @@ if(mysqli_num_rows($result)==0)
// verify the hashed password and unhashed password // verify the hashed password and unhashed password
$sha512pass = hash('sha512', $password); // for backward compatibility. Old passwords were hashed using SHA512 algorithm. $sha512pass = hash('sha512', $password); // for backward compatibility. Old passwords were hashed using SHA512 algorithm.
if(password_verify($password, $row["Password"]) or $sha512pass == $row["HashPassword"]) { if(password_verify($password, $row["Password"]) or $sha512pass == $row["HashPassword"]) {
$_SESSION['user_id'] = $row['User_ID']; $_SESSION['user_id'] = $row['User_ID'];
$_SESSION['user_email'] = $row['Email']; $_SESSION['user_email'] = $row['Email'];
$_SESSION['user_student_id'] = $row['Student_ID']; $_SESSION['user_student_id'] = $row['Student_ID'];
@ -228,13 +215,8 @@ if(mysqli_num_rows($result)==0)
// report wrong pass if not correct // report wrong pass if not correct
} else { } else {
$_SESSION["wrong_pass"] = "Wrong Password."; $_SESSION["wrong_pass"] = "Wrong Password.";
echo $_SESSION["wrong_pass"];
header("Location: index.php"); header("Location: index.php");
} }
} }
} }
} }
@ -243,9 +225,6 @@ if(mysqli_num_rows($result)==0)
// ################################ Recover Password ##################################### // ################################ Recover Password #####################################
if (!empty($_POST["frm_recover_password"])) { if (!empty($_POST["frm_recover_password"])) {
@ -283,6 +262,7 @@ if (!empty($_POST["frm_recover_password"])) {
// ################################ RESET Password ##################################### // ################################ RESET Password #####################################
if (!empty($_POST["frm_reset_password"])) { if (!empty($_POST["frm_reset_password"])) {
@ -343,31 +323,6 @@ if($user_token==$token)
// ############################### CREATE Lecturer/TA USER ################################## // ############################### CREATE Lecturer/TA USER ##################################
if (!empty($_POST["frm_createlecturrer"])) { if (!empty($_POST["frm_createlecturrer"])) {
$email=mysqli_real_escape_string($con,$_POST["email"]); $email=mysqli_real_escape_string($con,$_POST["email"]);
@ -399,96 +354,58 @@ if($user_token==$token)
// #### FUNCTION CHECK FILE TYPES //// // #### FUNCTION CHECK FILE TYPES ////
function is_valid($file) { function is_valid_file_format($file) {
$allowed = array('pdf', 'rtf', 'jpg','png', 'doc', 'docx', 'xls', 'xlsx','sql','txt','md','py','css','html', $allowed = array('pdf', 'rtf', 'jpg','png', 'doc', 'docx', 'xls', 'xlsx','sql','txt','md','py','css','html',
'cvc','c','class','cpp','h','java','sh','swift','zip','rar','ods','xlr','bak','ico','swf'); 'cvc','c','class','cpp','h','java','sh','swift','zip','rar','ods','xlr','bak','ico','swf');
$filename = $_FILES[$file]['name']; $filename = $_FILES[$file]['name'];
$ext = pathinfo($filename, PATHINFO_EXTENSION); $ext = pathinfo($filename, PATHINFO_EXTENSION);
$result = in_array($ext,$allowed); $result = in_array($ext,$allowed);
return $result; return $result;
} }
// #### FUNCTION CREATE DIRECTORIES //// // #### FUNCTION CREATE DIRECTORIES ////
function Create_dir($upPath) function Create_dir($upPath)
{ {
try { try {
// full path // full path
$tags = explode('/', $upPath); // explode the full path $tags = explode('/', $upPath); // explode the full path
$mkDir = ""; $mkDir = "";
foreach($tags as $folder) { foreach($tags as $folder) {
$mkDir = $mkDir . $folder ."/"; // make one directory join one other for the nest directory to make $mkDir = $mkDir . $folder ."/"; // make one directory join one other for the nest directory to make
// echo '"'.$mkDir.'"<br/>'; // this will show the directory created each time echo '"'.$mkDir.'"<br/>'; // this will show the directory created each time
if(!is_dir($mkDir)) { // check if directory exist or not if(!is_dir($mkDir)) { // check if directory exist or not
mkdir($mkDir, 0777); // if not exist then make the directory mkdir($mkDir, 0777); // if not exist then make the directory
} }
} }
} }
catch (Exception $e) { catch (Exception $e) {
return FALSE;
} }
return $upPath; return $upPath;
} }
function mkdirs($path)
{
if (file_exists($path))
return $path;
$result = mkdir($path, 0777, true);
if ($result) {
return $path;
}
return $result;
}
@ -530,33 +447,24 @@ $mkDir = "";
$count=0; $count=0;
if(!is_valid("attachment1") && $_FILES["attachment1"]["name"]!="") if(!is_valid_file_format("attachment1") && $_FILES["attachment1"]["name"]!="")
{ {
echo "Invalid File Type for Attachment 1"; echo "Invalid File Type for Attachment 1";
return; return;
} }
if(!is_valid("attachment2") && $_FILES["attachment2"]["name"]!="") if(!is_valid_file_format("attachment2") && $_FILES["attachment2"]["name"]!="")
{ {
echo "Invalid File Type for Attachment 2"; echo "Invalid File Type for Attachment 2";
return; return;
} }
if(!is_valid("attachment3") && $_FILES["attachment3"]["name"]!="") if(!is_valid_file_format("attachment3") && $_FILES["attachment3"]["name"]!="")
{ {
echo "Invalid File Type for Attachment 3"; echo "Invalid File Type for Attachment 3";
return; return;
} }
//if($_FILES["attachment1"]["error"] != 0) {
// echo "Error uploading the file ";
//return;
//}
// use 4 for missing file // use 4 for missing file
if (move_uploaded_file($_FILES['attachment1']['tmp_name'], $targetfile)) { if (move_uploaded_file($_FILES['attachment1']['tmp_name'], $targetfile)) {
$count++; $count++;
} else { } else {
@ -580,9 +488,6 @@ $mkDir = "";
} else { } else {
echo $_FILES['attachment4']['error']; echo $_FILES['attachment4']['error'];
} }
//}
echo $count." File(s) uploaded"; echo $count." File(s) uploaded";
@ -598,13 +503,6 @@ $targetfile2="";
if($_FILES['attachment3']['name']!=""){ $targetfile3 = "/".$title."/".$_FILES['attachment3']['name']; } if($_FILES['attachment3']['name']!=""){ $targetfile3 = "/".$title."/".$_FILES['attachment3']['name']; }
if($_FILES['attachment4']['name']!=""){ $targetfile4 = "/".$title."/".$_FILES['attachment4']['name']; } if($_FILES['attachment4']['name']!=""){ $targetfile4 = "/".$title."/".$_FILES['attachment4']['name']; }
// return;
$sql="INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, $sql="INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`,
`Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`,Marks,Type) `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`,Marks,Type)
VALUES ('$course_id','$date','$deadline','$instructions','$title','$targetfile','$targetfile2','$targetfile3','$targetfile3',$marks,'$type')"; VALUES ('$course_id','$date','$deadline','$instructions','$title','$targetfile','$targetfile2','$targetfile3','$targetfile3',$marks,'$type')";
@ -613,7 +511,7 @@ $targetfile2="";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_courses"]=$type." Lab Report Assignment posted successfully."; $_SESSION["info_courses"] = $type." lab report assignment posted successfully.";
header("Location: Courses.php?course=".$url); header("Location: Courses.php?course=".$url);
} else { } else {
@ -625,31 +523,11 @@ $targetfile2="";
function checksize($file) function checksize($file)
{ {
$filename = $_FILES[$file]['name']; $result = $_FILES["$file"]['size']/(1024*1024);
$result=$_FILES["$file"]['size']/1024/1024; if($result > 1)
//$max_upload = (int)(ini_get('upload_max_filesize'));
//$max_post = (int)(ini_get('post_max_size'));
//$memory_limit = (int)(ini_get('memory_limit'));
//$upload_mb = min($max_upload, $max_post, $memory_limit);
if($result>20)
{ {
return FALSE; return FALSE;
} }
@ -661,112 +539,78 @@ if($result>20)
// ############################### Submit Assignment ################################## // ############################### Submit Assignment ##################################
if (!empty($_POST["frm_submitlab"])) { if (!empty($_POST["frm_submitlab"])) {
$lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]); $lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]);
$student_id = $_POST["student_id"]; $student_id = $_POST["student_id"];
$group_id = $_POST["group_id"]; $group_id = $_POST["group_id"];
$instructions = mysqli_real_escape_string($con, $_POST["instructions"]); $instructions = mysqli_real_escape_string($con, $_POST["instructions"]);
$title = mysqli_real_escape_string($con, $_POST["title"]); $title = mysqli_real_escape_string($con, $_POST["title"]);
$url = mysqli_real_escape_string($con, $_POST["url"]); $url = mysqli_real_escape_string($con, $_POST["url"]);
$deadline = $deadlinedate." ".$deadlinetime; $deadline = $deadlinedate." ".$deadlinetime;
$date = date("Y-m-d H:i"); $date = date("Y-m-d H:i");
// GET UPLOADED FILES // GET UPLOADED FILES
$labName = mysqli_query($con,"SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID=$lab_id"); $labName = mysqli_query($con,"SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID=$lab_id");
while($row = mysqli_fetch_assoc($labName)) while($row = mysqli_fetch_assoc($labName))
{$lab_name=$row['Title']; {
$_SESSION['Sub_Type']=$row['Type']; $lab_name = $row['Title'];
$_SESSION['Sub_Type'] = $row['Type']; // submission type, either Individual or Group
} }
$upload_folder = "Lab_Report_Submisions"; // old place for storing students' submissions
$target_dir =Create_dir("Lab_Report_Submisions/".$student_id."/".$lab_name."/"); $upload_folder = "./../../lrr_submission";
$target_dir = mkdirs($upload_folder."/".$student_id."/".$url."/".$lab_name."/"); # url is actually course code plus academic year, e.g., CSC3122020
$targetfile = $target_dir.$_FILES['attachment1']['name']; $targetfile = $target_dir.$_FILES['attachment1']['name'];
$targetfile2 = $target_dir.$_FILES['attachment2']['name']; $targetfile2 = $target_dir.$_FILES['attachment2']['name'];
$targetfile3 = $target_dir.$_FILES['attachment3']['name']; $targetfile3 = $target_dir.$_FILES['attachment3']['name'];
$targetfile4 = $target_dir.$_FILES['attachment4']['name']; $targetfile4 = $target_dir.$_FILES['attachment4']['name'];
//$curDateTime = date("Y-m-d H:i");
//$myDate = date("Y-m-d H:i", strtotime("2017-12-28 18:01"));
//if($curDateTime <= $myDate ){
// echo "active ".+$curDateTime." mydate= ".$myDate;
//
//}else{
// echo "inactive c=".$curDateTime;
//}
//
$count = 0; $count = 0;
//check zise //check zise
if(!checksize("attachment1")) if(!checksize("attachment1"))
{ {
echo "2 MB is the maximum file size allowed"; echo "1 MB is the maximum file size allowed";
return; return;
} }
if(!checksize("attachment2") && $_FILES["attachment2"]["name"] != "") if(!checksize("attachment2") && $_FILES["attachment2"]["name"] != "")
{ {
echo "2 MB is the maximum file size allowed"; echo "1 MB is the maximum file size allowed";
return; return;
} }
if(!checksize("attachment3") && $_FILES["attachment3"]["name"] != "") if(!checksize("attachment3") && $_FILES["attachment3"]["name"] != "")
{ {
echo "2 MB is the maximum file size allowed"; echo "1 MB is the maximum file size allowed";
return; return;
} }
if(!is_valid_file_format("attachment1"))
if(!is_valid("attachment1"))
{ {
echo "Invalid File Type for Attachment 1"; echo "Invalid File Type for Attachment 1";
return; return;
} }
if(!is_valid("attachment2") && $_FILES["attachment2"]["name"]!="") if(!is_valid_file_format("attachment2") && $_FILES["attachment2"]["name"] != "")
{ {
echo "Invalid File Type for Attachment 2"; echo "Invalid File Type for Attachment 2";
return; return;
} }
if(!is_valid("attachment3") && $_FILES["attachment3"]["name"]!="") if(!is_valid_file_format("attachment3") && $_FILES["attachment3"]["name"] != "")
{ {
echo "Invalid File Type for Attachment 3"; echo "Invalid File Type for Attachment 3";
return; return;
} }
if($_FILES["attachment1"]["error"] != 0) { if($_FILES["attachment1"]["error"] != 0) {
echo "Error uploading the file "; echo "Error when uploading the file.";
return; return;
} }
// use 4 for missing file // use 4 for missing file
if (move_uploaded_file($_FILES['attachment1']['tmp_name'], $targetfile)) { if (move_uploaded_file($_FILES['attachment1']['tmp_name'], $targetfile)) {
$count++; $count++;
} else { } else {
@ -790,9 +634,6 @@ if (move_uploaded_file($_FILES['attachment3']['tmp_name'], $targetfile3)) {
} else { } else {
echo $_FILES['attachment4']['error']; echo $_FILES['attachment4']['error'];
} }
//}
echo $count." File(s) uploaded"; echo $count." File(s) uploaded";
@ -803,31 +644,31 @@ $targetfile1="";
$targetfile3 = ""; $targetfile3 = "";
$targetfile4 = ""; $targetfile4 = "";
if(strlen($_FILES['attachment1']['name']) > 2 ) { if(strlen($_FILES['attachment1']['name']) > 2 ) { // why greater than 2???
$targetfile="/".$student_id."/".$lab_name."/".$_FILES['attachment1']['name']; $targetfile = "/".$student_id."/".$url."/".$lab_name."/".$_FILES['attachment1']['name'];
} }
if(strlen($_FILES['attachment2']['name']) > 2 ) { if(strlen($_FILES['attachment2']['name']) > 2 ) {
$targetfile2="/".$student_id."/".$lab_name."/".$_FILES['attachment2']['name']; } $targetfile2 = "/".$student_id."/".$url."/".$lab_name."/".$_FILES['attachment2']['name']; }
if(strlen($_FILES['attachment3']['name']) > 2 ) { if(strlen($_FILES['attachment3']['name']) > 2 ) {
$targetfile3= "/".$student_id."/".$lab_name."/".$_FILES['attachment3']['name'];} $targetfile3 = "/".$student_id."/".$url."/".$lab_name."/".$_FILES['attachment3']['name'];}
if(strlen($_FILES['attachment4']['name']) > 2 ) { if(strlen($_FILES['attachment4']['name']) > 2 ) {
$targetfile4= "/".$student_id."/".$lab_name."/".$_FILES['attachment4']['name']; $targetfile4 = "/".$student_id."/".$url."/".$lab_name."/".$_FILES['attachment4']['name'];
} }
$sql1="Delete from lab_report_submissions where Lab_Report_ID=$lab_id and Student_id=$student_id and Course_Group_id=$group_id";
if ($con->query($sql1) === TRUE) {
}
// When $group_id is not properly initialized, use integer 0 as its value. // When $group_id is not properly initialized, use integer 0 as its value.
// This temporarily fixed the "Students unable to submit assignment after a recent change" bug at http://118.25.96.118/bugzilla/show_bug.cgi?id=65 // This temporarily fixed the "Students unable to submit assignment after a recent change" bug at http://118.25.96.118/bugzilla/show_bug.cgi?id=65
if (trim($group_id) === '') { // when $group_id is an empty string or contains only whitespace characters. if (trim($group_id) === '') { // when $group_id is an empty string or contains only whitespace characters.
$group_id = 0; // FIXME $group_id = 0; // FIXME
} }
$sql1 = "DELETE FROM lab_report_submissions where Lab_Report_ID=$lab_id and Student_id=$student_id and Course_Group_id=$group_id";
if ($con->query($sql1) === TRUE) {
}
$sql="INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`," $sql="INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`,"
. " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)" . " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)"
. " VALUES ('$date',$lab_id,$student_id,$group_id,'$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4'," . " VALUES ('$date',$lab_id,$student_id,$group_id,'$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4',"
@ -835,15 +676,11 @@ if(strlen($_FILES['attachment1']['name']) > 2 ) {
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
if($_SESSION['Sub_Type']=='Individual') if($_SESSION['Sub_Type']=='Individual')
// {
// // $con->query($sql = "UPDATE `lab_report_submissions` SET `Student_id` = ('".$student_id."') WHERE `lab_report_submissions`.`Course_Group_id` = '$group_id'");
// }
// else
{ {
$con->query($sql = "UPDATE `lab_report_submissions` SET `Course_Group_id` = '0' WHERE `lab_report_submissions`.`Lab_Report_ID` = '$lab_id'"); $con->query($sql = "UPDATE `lab_report_submissions` SET `Course_Group_id` = '0' WHERE `lab_report_submissions`.`Lab_Report_ID` = '$lab_id'");
} }
$_SESSION["info_courses"]=$type." Lab Report Assignment Submitted successfully."; $_SESSION["info_courses"] = "Thanks. Your lab report assignment is submitted successfully.";
header("Location: Course.php?url=".$url); header("Location: Course.php?url=".$url);
} else { } else {
@ -852,57 +689,23 @@ header("Location: Course.php?url=".$url);
} }
// JOIN COURSE // JOIN COURSE
if (!empty($_GET["JoinCourse"])) { if (!empty($_GET["JoinCourse"])) {
$id = $_GET["id"]; $id = $_GET["id"];
$student_id = $_GET["std"]; $student_id = $_GET["std"];
$joining = $_GET["joining"]; $joining = $_GET["joining"];
$status = "Pending"; $status = "Pending";
if($joining == 0){ $status = "Joined";} if($joining == 0){ $status = "Joined";}
$sql="INSERT INTO `course_students_table`(`Course_ID`, `Student_ID`,`Status`) VALUES $sql="INSERT INTO `course_students_table`(`Course_ID`, `Student_ID`,`Status`) VALUES ('$id','$student_id','$status')";
('$id','$student_id','$status')";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
if($joining==0) if($joining==0)
{ {
$_SESSION["info_Courses_student"]="You enroll in this Course successfully."; $_SESSION["info_Courses_student"] = "You enrolled in this course successfully.";
} }
else { else {
$_SESSION["info_Courses_student"] = "Course enrollment request was sent to the lecturer."; $_SESSION["info_Courses_student"] = "Course enrollment request was sent to the lecturer.";
@ -911,8 +714,6 @@ header("Location: Course.php?url=".$url);
header("Location: Courses.php"); header("Location: Courses.php");
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
} }
@ -923,12 +724,6 @@ header("Location: Course.php?url=".$url);
#MARK LAB REPORT #MARK LAB REPORT
if (!empty($_GET["savemarks"])) { if (!empty($_GET["savemarks"])) {
@ -1002,6 +797,8 @@ header("Location: Course.php?url=".$url);
#Remarking Request #Remarking Request
if (!empty($_GET["remarking"])) { if (!empty($_GET["remarking"])) {
@ -1030,6 +827,8 @@ header("Location: Course.php?url=".$url);
#Create Group Request #Create Group Request
if (!empty($_GET["creategroup"])) { if (!empty($_GET["creategroup"])) {
@ -1072,7 +871,6 @@ header("Location: Course.php?url=".$url);
//---------------------------------------Invite Group Request and add a new member into the database------------------------------------ //---------------------------------------Invite Group Request and add a new member into the database------------------------------------
if (!empty($_GET["groupinvite"])) { if (!empty($_GET["groupinvite"])) {
@ -1122,14 +920,8 @@ header("Location: Course.php?url=".$url);
} }
} }
// } }
}
} }
@ -1168,13 +960,6 @@ header("Location: Course.php?url=".$url);
#Extend Deadline #Extend Deadline
if (!empty($_GET["extenddeadline"])) { if (!empty($_GET["extenddeadline"])) {
@ -1189,13 +974,6 @@ header("Location: Course.php?url=".$url);
$url =$_GET["url"]; $url =$_GET["url"];
$deadline=$date." ".$time; $deadline=$date." ".$time;
if($type==1)
{
}
if($type==1) if($type==1)
{ {
@ -1208,12 +986,9 @@ header("Location: Course.php?url=".$url);
. "`Lab_Report_ID`, `Extended_Deadline_Date`," . "`Lab_Report_ID`, `Extended_Deadline_Date`,"
. " `ReasonsForExtension`) VALUES ($stdid,$id,'$deadline','$reason')"; . " `ReasonsForExtension`) VALUES ($stdid,$id,'$deadline','$reason')";
} }
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
@ -1230,19 +1005,6 @@ header("Location: Course.php?url=".$url);
#IGNORE Remarking Request #IGNORE Remarking Request
if (!empty($_GET["ignoreremarking"])) { if (!empty($_GET["ignoreremarking"])) {
@ -1277,13 +1039,6 @@ header("Location: Course.php?url=".$url);
#Assign TA #Assign TA
if (!empty($_GET["assignTA"])) { if (!empty($_GET["assignTA"])) {
@ -1316,13 +1071,6 @@ header("Location: Course.php?url=".$url);
//ACCEPT STUDNTS JOINING COURSSS //ACCEPT STUDNTS JOINING COURSSS
if (!empty($_GET["AcceptStudent"])) { if (!empty($_GET["AcceptStudent"])) {
@ -1350,12 +1098,8 @@ header("Location: Course.php?url=".$url);
$_SESSION["info_courses"]="Course Joining request Declined & Removed."; $_SESSION["info_courses"]="Course Joining request Declined & Removed.";
} }
header("Location: Courses.php"); header("Location: Courses.php");
} }
else { else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -1367,31 +1111,6 @@ header("Location: Course.php?url=".$url);
//action=passchange&uid=1&pass=1929 //action=passchange&uid=1&pass=1929
if (!empty($_GET["action"])) { if (!empty($_GET["action"])) {
@ -1447,32 +1166,6 @@ if (!empty($_GET["action"])) {
// ############################### CREATE STUDENT USER ################################## // ############################### CREATE STUDENT USER ##################################
if (!empty($_POST["frm_createCourse"])) { if (!empty($_POST["frm_createCourse"])) {
$name=mysqli_real_escape_string($con,$_POST["name"]); $name=mysqli_real_escape_string($con,$_POST["name"]);
@ -1530,9 +1223,7 @@ if (!empty($_GET["action"])) {
// Export grade
//exportgrade
if (!empty($_GET["exportgrade"])) { if (!empty($_GET["exportgrade"])) {
@ -1599,11 +1290,4 @@ header("Pragma: no-cache");
header("Expires: 0"); header("Expires: 0");
print "$header\n$data"; print "$header\n$data";
} }

138
Submissions.php
View File

@ -1,3 +1,6 @@
<?php
include 'NoDirectPhpAcess.php';
?>
<?php <?php
$page='Courses+'; $page='Courses+';
@ -11,6 +14,7 @@ include 'Header.php';
$id = $_GET["id"]; $id = $_GET["id"];
$course_id = $id; $course_id = $id;
} }
if(!empty($_GET["header"])) if(!empty($_GET["header"]))
{ {
$header = $_GET["header"]; $header = $_GET["header"];
@ -27,13 +31,9 @@ include 'Header.php';
$resultx1 = mysqli_query($con,"SELECT `Lab_Report_ID`,Title, `Course_ID`, `Posted_Date`, `Deadline`, `Marks`, `Type` FROM `lab_reports_table` WHERE Lab_Report_ID=$id"); $resultx1 = mysqli_query($con,"SELECT `Lab_Report_ID`,Title, `Course_ID`, `Posted_Date`, `Deadline`, `Marks`, `Type` FROM `lab_reports_table` WHERE Lab_Report_ID=$id");
while($row = mysqli_fetch_assoc($resultx1)) { while($row = mysqli_fetch_assoc($resultx1)) {
$Report_Type = $row['Type']; $Report_Type = $row['Type'];
$c_id = $row['Course_ID']; $c_id = $row['Course_ID'];
$Report_Title = $row['Title']; $Report_Title = $row['Title'];
} }
@ -52,7 +52,7 @@ echo "<div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF
<!-- Lecture CODE--> <!-- Lecturer CODE-->
<?php <?php
if( $_SESSION['user_type']=="Lecturer" || $_SESSION['user_type']=="TA") if( $_SESSION['user_type']=="Lecturer" || $_SESSION['user_type']=="TA")
@ -147,10 +147,10 @@ if(mysqli_num_rows($result1)==0)
{ {
echo "No Un-Marked Submissions for this Lab Report."; echo "No Un-Marked Submissions for this Lab Report.";
} else { while($row = mysqli_fetch_assoc($result1)) { } else {
while($row = mysqli_fetch_assoc($result1)) {
$title=$row['Title']; $title=$row['Title'];
$Marks=$row['Marks']; $Marks=$row['Marks'];
//$ins=$row['Notes'];
$posted=$row['Submission_Date']; $posted=$row['Submission_Date'];
$deadline=$row['Deadline']; $deadline=$row['Deadline'];
$att1=$row['Attachment1']; $att1=$row['Attachment1'];
@ -173,24 +173,32 @@ if(mysqli_num_rows($result1)==0)
$submitted_by="<i>(GROUP)</i> $groupname" ; $submitted_by="<i>(GROUP)</i> $groupname" ;
} }
$full_link="<a href='~\..\Lab_Report_Submisions\\$att1'>$att1</a>"; $base_att1 = basename($att1);
$base_att2 = basename($att2);
$base_att3 = basename($att3);
$base_att4 = basename($att4);
$full_link = "<a href='~\..\Download.php?file=$att1&attachment=1'>$base_att1</a>"; // prevent students from directly accessing their classmates' submissions
if($att2!=""){ if($att2!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att2'>$att2</a>"; $full_link= $full_link." | <a href='~\..\Download.php?file=$att2&attachment=2'>$base_att2</a>";
} }
if($att3!=""){ if($att3!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att3'>$att3</a>"; $full_link= $full_link." | <a href='~\..\Download.php?file=$att3&attachment=3'>$base_att3</a>";
} }
if($att4!=""){ if($att4!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>"; $full_link= $full_link." | <a href='~\..\Download.php?file=$att4&attachment=4'>$base_att4</a>";
} }
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'> echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> by: <b> $submitted_by </b> $title <br> by: <b> $submitted_by </b>
<br> <span style='font-size:8pt'>Submitted : $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark Submission</button><br> Attachments : $full_link </span> <br> <span style='font-size:8pt'>Submitted at $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark Submission</button><br> Attachments : $full_link </span>
</div></k>"; </div></k>";
}} }
}
echo ""; echo "";
?> ?>
@ -452,98 +460,8 @@ where course_group_members_table.Course_Group_id=$id");
</div> </div>
</div> </div>
</div> </div>
<?php <?php
@ -552,16 +470,15 @@ where course_group_members_table.Course_Group_id=$id");
?> ?>
<script src="./css/jquery-1.11.1.min.js"></script>
<script src="./css/jquery-ui.min.js"></script>
<link rel="stylesheet" href="./css/jquery-ui.css" />
<script src="https://code.jquery.com/jquery-1.11.1.min.js"></script>
<script src="https://code.jquery.com/ui/1.11.1/jquery-ui.min.js"></script>
<link rel="stylesheet" href="https://code.jquery.com/ui/1.11.1/themes/smoothness/jquery-ui.css" />
<script> <script>
function mark(id,title,marks) { function mark(id,title,marks) {
@ -595,7 +512,8 @@ where course_group_members_table.Course_Group_id=$id");
function updatev(id) { function updatev(id)
{
try try

82
SubmitLab.php
View File

@ -1,15 +1,18 @@
<?php
include 'NoDirectPhpAcess.php';
?>
<?php <?php
$page='Submit LAB+'; $page='Submit LAB+';
include 'Header.php'; include 'Header.php';
?> ?>
<div class='row' style='width:80%;margin:auto;'> <div class='row' style='width:80%;margin:auto;'>
<?php <?php
$c_date = date("Y-m-d H:i"); $c_date = date("Y-m-d H:i");
$student_id=$_SESSION["user_student_id"];
$student_id = $_SESSION["user_student_id"]; $student_id = $_SESSION["user_student_id"];
if(!empty($_GET["id"])) if(!empty($_GET["id"]))
@ -17,13 +20,14 @@ include 'Header.php';
$id = $_GET["id"]; $id = $_GET["id"];
$url = $_GET["url"]; $url = $_GET["url"];
$result1 = mysqli_query($con," SELECT Type, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, " $result1 = mysqli_query($con," SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and Deadline > '$c_date' ORDER by Lab_Report_ID DESC");
. "`Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and deadline > '$c_date' ORDER by Lab_Report_ID DESC");
if(mysqli_num_rows($result1) == 0) if(mysqli_num_rows($result1) == 0)
{ {
echo "No Active assignments for this course so far."; echo "No active assignments for this course so far.";
} else { while($row = mysqli_fetch_assoc($result1)) { } else {
while($row = mysqli_fetch_assoc($result1)) {
$Course_ID = $row['Course_ID']; $Course_ID = $row['Course_ID'];
$title = $row['Title']; $title = $row['Title'];
@ -35,14 +39,14 @@ if(mysqli_num_rows($result1)==0)
$att3 = $row['Attachment_link_3']; $att3 = $row['Attachment_link_3'];
$att4 = $row['Attachment_link_4']; $att4 = $row['Attachment_link_4'];
$labid = $row['Lab_Report_ID']; $labid = $row['Lab_Report_ID'];
$type = $row['Type']; $type = $row['Type'];
//----------------------------------Giving both Group Admin and Group Members same priviledges to submit assignment-------------------------------------- //----------------------------------Giving both the Group Admin and Group Members same priviledges to submit assignment--------------------------------------
if($type=="Group"){ if($type=="Group"){
$resultx1 = mysqli_query($con,"SELECT Course_Group_id FROM `course_groups_table` WHERE (Course_id=$Course_ID) and ((Group_Member=$student_id ) or (Group_Member2=$student_id ) or (Group_Member3=$student_id ) or (Group_Member4=$student_id ) or (Group_Leader=$student_id))"); $resultx1 = mysqli_query($con,"SELECT Course_Group_id FROM `course_groups_table` WHERE (Course_id=$Course_ID) and ((Group_Member=$student_id ) or (Group_Member2=$student_id ) or (Group_Member3=$student_id ) or (Group_Member4=$student_id ) or (Group_Leader=$student_id))");
while($row = mysqli_fetch_assoc($resultx1)) { while($row = mysqli_fetch_assoc($resultx1)) {
$_SESSION["Group_ID"]=$row['Course_Group_id'];} $_SESSION["Group_ID"] = $row['Course_Group_id'];
}
if($_SESSION["Group_ID"] < 1) if($_SESSION["Group_ID"] < 1)
{ {
@ -52,8 +56,6 @@ if(mysqli_num_rows($result1)==0)
} }
$full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>"; $full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
if($att2!=""){ if($att2!=""){
@ -67,45 +69,26 @@ if(mysqli_num_rows($result1)==0)
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>"; $full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
} }
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'> echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
Courses > $url > Submlit Lab Report > $title Courses > $url > Submlit Lab Report > $title
<br> <br>
</a></div> </a></div>
"; ";
// echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;width:100%;'>
// $title <br> <span style='font-size:8pt'> $ins</span>
// <br> <span style='font-size:8pt'>Posted : $posted Deadline : $deadline &nbsp; &nbsp; &nbsp;<br> Attachments : $full_link </span>
//</div></k>";
echo ""; echo "";
}}
} }
}
}
$Group_ID = $_SESSION["Group_ID"]; $Group_ID = $_SESSION["Group_ID"];
?> ?>
</div> </div>
<div style="width:80%;margin:auto;"> <div style="width:80%;margin:auto;">
<h3> Submit Lab Report Assignment </h3> <h3> Submit Lab Report Assignment </h3>
@ -115,43 +98,38 @@ if(mysqli_num_rows($result1)==0)
<div class="col-md-6"> <div class="col-md-6">
<form method='post' enctype='multipart/form-data' action='Script.php'> <form method='post' enctype='multipart/form-data' action='Script.php'>
<input type='hidden' name='frm_submitlab' value='true' required=''/> <input type='hidden' name='frm_submitlab' value='true' required=''/>
<input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/> <input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/>
<input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/> <input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/>
<input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required=''/> <input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required=''/>
<input type='hidden' name='url' value='<?php echo $url; ?>' required=''/> <input type='hidden' name='url' value='<?php echo $url; ?>' required=''/>
Title Title
<input type='text' name='title' placeholder='Ttle' class='form-control' required=''> <input type='text' name='title' placeholder='Ttle' class='form-control' required=''>
Attachment 1 Attachment 1
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''> <input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
Attachment 2 Attachment 2
<input type='file' name='attachment2' placeholder='Attachment 1' class='form-control'> <input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
</div> </div>
<div class="col-md-6"> <div class="col-md-6">
Attachment 3 Attachment 3
<input type='file' name='attachment3' placeholder='Attachment 1' class='form-control' > <input type='file' name='attachment3' placeholder='Attachment 3' class='form-control' >
Attachment 4 Attachment 4
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' > <input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
<br> <br>
<input type='submit' class='btn btn-primary' value='Submit Lab Assignment'><br> <input type='submit' class='btn btn-primary' value='Submit Lab Assignment'><br>
</form> </form>
</div>
</div>
</div> </div>
</div> </div>

47
index.php
View File

@ -1,16 +1,15 @@
<?php <?php
$page='Home'; $page='Home';
include 'Header.php'; include 'Header.php';
session_start(); session_start();
?> ?>
<?php
// if the user has already logged in, then clicking the LRRS icon should not display the login page (i.e., index.php).
if (isset($_SESSION["user_fullname"])) {
header("Location: Courses.php");
}
?>
<br><br><br> <br><br><br>
<div class="row" style="width:80%;margin:auto;"> <div class="row" style="width:80%;margin:auto;">
@ -18,12 +17,11 @@ session_start();
<div class="col-md-4"> <div class="col-md-4">
<br><br> <br><br>
<img src="logo_text.png" style="width"> <img src="logo_text.png" style="width">
<h1> Lab Report Repository System </h1> <h1> Lab Report Repository </h1>
<br><br> <br><br>
</div> </div>
<div class="col-md-4 list-group"> <div class="col-md-4 list-group">
<br> <br>
@ -32,6 +30,8 @@ session_start();
<div class="list-group-item"> <div class="list-group-item">
<div class="panel-body"> <div class="panel-body">
<form method="post" action="Script.php" name="frm_login"> <form method="post" action="Script.php" name="frm_login">
<input type="hidden" name="frm_login" value="true"/> <input type="hidden" name="frm_login" value="true"/>
Student ID / Email Student ID / Email
@ -40,7 +40,8 @@ Student ID / Email
Password Password
<input type="password" class="form-control" name="password" placeholder="password" required="required" /> <input type="password" class="form-control" name="password" placeholder="password" required="required" />
<br> <br>
<input type="submit" class="btn btn-primary" value="Login"><br> <a href="recover_password.php" style="font-weight:normal;color:orange">Reset my password</a> <input type="submit" class="btn btn-primary" value="Login"><br> <a href="recover_password.php" style="font-weight:normal;color:gray">Reset my password</a>
<?php <?php
@ -66,18 +67,18 @@ if(isset($_SESSION['infoChangePassword'])) {
?> ?>
</form> </form>
</div> </div>
</div>
</div>
</div>
</div>
<div class="col-md-4 list-group"> <div class="col-md-4 list-group">
<br> <br>
<h4 class="list-group-item active"> Student sign up </h4> <h4 class="list-group-item active"> Sign up </h4>
<div class="list-group-item"> <div class="list-group-item">
<form method="post" action="Script.php" name="frm_signup_1"> <form method="post" action="Script.php" name="frm_signup_1">
@ -90,6 +91,8 @@ Your Passport / National ID
<input type="text" class="form-control" name="passport" placeholder="(Optional)"> <input type="text" class="form-control" name="passport" placeholder="(Optional)">
<br> <br>
<input type="submit" name="frm_signup_1" class="btn btn-primary" value="Next"> <br> Click Next to set up password <input type="submit" name="frm_signup_1" class="btn btn-primary" value="Next"> <br> Click Next to set up password
<?php <?php
error_reporting(E_ALL); error_reporting(E_ALL);
@ -102,23 +105,12 @@ if(isset($_SESSION['info_signup1'])) {
</div> </div>
</form> </form>
</div> </div>
</div> </div>
</div> </div>
<hr> <hr>
<div style="" id="footer"> <div style="" id="footer">
@ -139,4 +131,3 @@ width:100%;
} }
</style> </style>
</html> </html>

4
recover_password.php
View File

@ -1,3 +1,7 @@
<?php
include 'NoDirectPhpAcess.php';
?>
<?php <?php
/* /*

21
signup.php
View File

@ -1,13 +1,10 @@
<?php <?php
include 'NoDirectPhpAcess.php';
?>
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
<?php
include 'Header.php'; include 'Header.php';
?> ?>
<div class="row"> <div class="row">
@ -16,7 +13,7 @@ include 'Header.php';
<br> <br>
<h4 class="list-group-item active"> Sign Up </h4> <h4 class="list-group-item active"> Please fill in each field below </h4>
<div class="list-group-item"> <div class="list-group-item">
<div class="panel-body"> <div class="panel-body">
@ -30,7 +27,7 @@ include 'Header.php';
Email Email
<input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" /> <input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" />
Password Password (<i>must include uppercase and lowercase letters, digits and special characters</i>)
<input type="password" class="form-control" name="password" placeholder="password" required="required" /> <input type="password" class="form-control" name="password" placeholder="password" required="required" />
Confirm Password Confirm Password
@ -38,22 +35,16 @@ include 'Header.php';
<br> <br>
<input type="submit" class="btn btn-primary" value="Sign up"> <input type="submit" class="btn btn-primary" value="Sign up">
<?php <?php
error_reporting(E_ALL); error_reporting(E_ALL);
if(isset($_SESSION['info_signup2'])) { if(isset($_SESSION['info_signup2'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_signup2'].'</div>'; echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_signup2'].'</div>';
$_SESSION['info_signup2'] = null; $_SESSION['info_signup2'] = null;
} }
?> ?>
</form> </form>
</div>
</div> </div>
</div> </div>
</div>
</form>
</div> </div>
</div> </div>