From 29ad8f4499c8ed326c04254de27ef085df4a136b Mon Sep 17 00:00:00 2001
From: CloudStarTreck <37251906+Teecloudy@users.noreply.github.com>
Date: Thu, 16 Apr 2020 14:46:43 +0800
Subject: [PATCH] Regression Test Failure with 4441 Upload Error

Following the previous update, the system failed a regression test and reported a 4441 error while trying to submit a new Lab report.
This was due to the condition added on line 298 in Course.php and reversing this change solved the problem.

This condition was added to allow all Group members to be updated once the Tutor Marks the Lab Report but a better method to
archieve this has been implemented on line 367 in Course.php
---
 Course.php | 29 +++++++++++++++++++----------
 Script.php | 29 ++++++++++++++++++-----------
 index.php  |  2 +-
 3 files changed, 38 insertions(+), 22 deletions(-)

diff --git a/Course.php b/Course.php
index 5ba362d..a9d514b 100644
--- a/Course.php
+++ b/Course.php
@@ -295,7 +295,8 @@ lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_i
 FROM `lab_report_submissions`
 Left JOIN users_table  on users_table.Student_ID=lab_report_submissions.Student_id
 left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
-where Lab_Report_ID=$lab_repo_id and lab_report_submissions.Student_id='$student_id' or lab_report_submissions.Course_Group_id='$group_id'"); 
+where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$student_id')"); 
+//  or lab_report_submissions.Course_Group_id='$group_id'
 
 if(mysqli_num_rows($Sub_result)==0)
     {
@@ -343,25 +344,33 @@ if(mysqli_num_rows($Sub_result)==0)
           
           
           
-          
-          
-          
-          
-          
-          
-          
+          <?php
+$sqli=mysqli_query($con, "SELECT * from course_groups_table WHERE Course_Group_id=$group_id and Course_id=$course_id");
+while($row = mysqli_fetch_assoc($sqli)) 
+{ $Group_Leader=$row['Group_Leader'];
+  $Group_Member=$row['Group_Member'];
+  $Group_Member2=$row['Group_Member2'];
+  $Group_Member3=$row['Group_Member3'];
+  $Group_Member4=$row['Group_Member4'];
+}
+          ?>
           
           
           
           <div id="menu4" class="container tab-pane"><br>
          <?php
-      $group_id=$_SESSION['group_id'];
 $resultx  = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_reports_table.`Lab_Report_ID`, `Student_id`, "
         . "`Course_Group_id`, `Notes`, lab_report_submissions.`Marks`,
         lab_report_submissions.Remarking_Reason,
         `Status`, lab_reports_table.Title Lab_Title,lab_reports_table.Marks Original_marks FROM `lab_report_submissions` "
         . "INNER JOIN lab_reports_table on lab_reports_table.Lab_Report_ID=lab_report_submissions.Lab_Report_ID "
-        . "WHERE lab_report_submissions.Student_id='$student_id' or lab_report_submissions.Course_Group_id='$group_id'and" 
+        . "WHERE (lab_report_submissions.Student_id='$student_id' 
+        or (lab_report_submissions.Student_id='$Group_Leader' and lab_report_submissions.Course_Group_id='$group_id')
+        or (lab_report_submissions.Student_id='$Group_Member' and lab_report_submissions.Course_Group_id='$group_id')
+        or (lab_report_submissions.Student_id='$Group_Member2' and lab_report_submissions.Course_Group_id='$group_id')
+        or (lab_report_submissions.Student_id='$Group_Member3' and lab_report_submissions.Course_Group_id='$group_id')
+        or (lab_report_submissions.Student_id='$Group_Member4' and lab_report_submissions.Course_Group_id='$group_id')
+        )and" 
         . ""
         . ""
         . ""
diff --git a/Script.php b/Script.php
index 5a6491d..5adff14 100644
--- a/Script.php
+++ b/Script.php
@@ -396,7 +396,7 @@ if($user_token==$token)
    header("Location: Admin.php"); 
     
 } else {
-    echo "Error: " . $sql . "<br>" . $conn->error;
+    echo "Error: " . $sql . "<br>" . $con->error;
 }
  }
  
@@ -622,7 +622,7 @@ $targetfile2="";
    header("Location: Courses.php?course=".$url); 
    
 } else {
-    echo "Error: " . $sql . "<br>" . $conn->error;
+    echo "Error: " . $sql . "<br>" . $con->error;
 }
  }
  
@@ -688,8 +688,11 @@ if (!empty($_POST["frm_submitlab"])) {
     
   
 
-      $labName = mysqli_query($con,"SELECT Title FROM `lab_reports_table` WHERE Lab_Report_ID=$lab_id");
-  while($row = mysqli_fetch_assoc($labName)) {$lab_name=$row['Title'];} 
+      $labName = mysqli_query($con,"SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID=$lab_id");
+  while($row = mysqli_fetch_assoc($labName)) 
+  {$lab_name=$row['Title'];
+  $_SESSION['Sub_Type']=$row['Type'];
+  } 
 
 
     $target_dir =Create_dir("Lab_Report_Submisions/".$student_id."/".$lab_name."/");
@@ -824,10 +827,6 @@ if(strlen($_FILES['attachment1']['name']) > 2 ) {
      if ($con->query($sql1) === TRUE) {
      }
      
-     if($group_id>0)
-     {
-      $student_id=0;   
-     }
     
     $sql="INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`,"
             . " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)"
@@ -837,11 +836,19 @@ if(strlen($_FILES['attachment1']['name']) > 2 ) {
    
  
 if ($con->query($sql) === TRUE) {
+    if($_SESSION['Sub_Type']=='Individual')
+  // {
+  //   // $con->query($sql = "UPDATE `lab_report_submissions` SET `Student_id` = ('".$student_id."') WHERE `lab_report_submissions`.`Course_Group_id` = '$group_id'");
+  // }
+  // else
+  {
+    $con->query($sql = "UPDATE `lab_report_submissions` SET `Course_Group_id` = '0' WHERE `lab_report_submissions`.`Lab_Report_ID` = '$lab_id'");
+  }
     
     $_SESSION["info_courses"]=$type." Lab Report Assignment Submitted successfully.";
 header("Location: Course.php?url=".$url); 
 
-} else {
+    } else {
  echo "Error: <br>" . $con->error;
 }
 }
@@ -1077,7 +1084,7 @@ header("Location: Course.php?url=".$url);
                $courseid=$_GET["courseid"];
                 $groupid=$_GET["groupid"];
                
-  if(($_SESSION['Group_Member4']!='0') or ($_SESSION['Group_Member3']!='0') or ($_SESSION['Group_Member2']!='0') or ($_SESSION['Group_Member']!='0')){
+  // if(($_SESSION['Group_Member4']=='0') or ($_SESSION['Group_Member3']=='0') or ($_SESSION['Group_Member2']=='0') or ($_SESSION['Group_Member']=='0')){
              $sql="INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`) 
                           VALUES ($groupid,$student_id,'Invited')";
    if ($con->query($sql) === TRUE) {
@@ -1117,7 +1124,7 @@ header("Location: Course.php?url=".$url);
      
     }
   }
-  }
+  // }
     
    } }
 
diff --git a/index.php b/index.php
index b36474a..19db8b6 100644
--- a/index.php
+++ b/index.php
@@ -112,7 +112,7 @@ if(isset($_SESSION['info_signup1'])) {
 <hr>
 
 <div style="" id="footer">
-Developed by : Mohamed Nor (201825800050)-houzi you can submit your suggestions & bug reports to  mohamednor@qq.com  <small>Last Update : 24/05/2019 by <i>nor</i> </small>
+Developed by : Mohamed Nor (201825800050)-houzi you can submit your suggestions & bug reports to  mohamednor@qq.com  <small>Last Update : 16/04/2020 by <i>Ashly</i> </small>
 
 </div>