diff --git a/Admin.php b/Admin.php
index 4982a35..b8bb7ba 100644
--- a/Admin.php
+++ b/Admin.php
@@ -1,3 +1,8 @@
+<?php
+ include 'NoDirectPhpAcess.php';
+?>
+
+
<?php
$page="admin";
include 'Header.php';
@@ -32,7 +37,7 @@ if ($_SESSION['user_type'] != "Lecturer") {
<hr>
-->
<div class="col-md-6">
- <h4> User account Management </h4><hr>
+ <h4> User Account Management </h4><hr>
<b>Lecturer / TA Accounts </b><br>
@@ -359,4 +364,4 @@ echo "</select> <input type='hidden' name='assignTA' value='true'> <input type=
}
window.location.href="\Script.php\?action=statuschange&uid="+id+"&status="+status;
}
- </script>
\ No newline at end of file
+ </script>
diff --git a/Course.php b/Course.php
index 5485be5..b3f7990 100644
--- a/Course.php
+++ b/Course.php
@@ -1,56 +1,72 @@
+<?php
+include 'NoDirectPhpAcess.php';
+?>
+
+
<?php
$page='Courses+';
include 'Header.php';
- $student_id=$_SESSION["user_student_id"];
- $group_id=$_SESSION["user_group_id"];
- $c_date= date("Y-m-d H:i");
+$student_id = $_SESSION["user_student_id"];
+$group_id = $_SESSION["user_group_id"];
+$c_date = date("Y-m-d H:i");
- if(!empty($_GET["url"]))
- {
- $course_url=$_GET["url"];
- $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
- . " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` "
- . " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table"
- . " ON users_table.User_ID=courses_table.Lecturer_User_ID where URL='$course_url' ");
+
+if(!empty($_GET["url"]))
+{
+ $course_url = $_GET["url"];
+ $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
+ . " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` "
+ . " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table"
+ . " ON users_table.User_ID=courses_table.Lecturer_User_ID where URL='$course_url' ");
- if(mysqli_num_rows($result)==0)
- {echo "should not be here";} else {
+ if(mysqli_num_rows($result)==0) {
- while($row = mysqli_fetch_assoc($result)) {
- $name=$row['Course_Name'];
- $code=$row['Course_Code'];
- $faculty=$row['Faculty'];
- $lecturer=$row['Full_Name'];
- $academic=$row['Academic_Year'];
- $url=$row['URL'];
- $course_id=$row['Course_ID'];
- $id2=$row['Course_ID'];
-
+ echo "No course matching the given course URL: ".$course_url;
+
+ } else {
+ while($row = mysqli_fetch_assoc($result)) {
+ $name = $row['Course_Name'];
+ $code = $row['Course_Code'];
+ $faculty = $row['Faculty'];
+ $lecturer = $row['Full_Name'];
+ $academic = $row['Academic_Year'];
+ $url = $row['URL'];
+ $course_id = $row['Course_ID'];
+ // also get teaching assistant names(if any)
+ $ta_result = mysqli_query($con, "SELECT Full_Name FROM users_table where User_ID in (select TA from course_ta where Course_ID='$course_id');");
+ if (mysqli_num_rows($ta_result) == 0) {
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
- Courses > $name ($code) > Lab Reports
- <br> <span style='font-size:8pt'>Faculty: $faculty | Year: $academic | Lecturer: $lecturer </span>
-
-
-</a></div>
- ";
-
- }}
- }
+ Courses > $name ($code) > Lab Reports <br> <span style='font-size:8pt'>Faculty: $faculty | Year: $academic | Lecturer: $lecturer </span>
+ </a></div> ";
+ } else {
+ $ta_name = "";
+ while ($row = mysqli_fetch_assoc($ta_result)) {
+ $ta_name = $ta_name.$row['Full_Name']." ";
+ }
+ $ta_name = trim ($ta_name);
+ echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
+ Courses > $name ($code) > Lab Reports <br> <span style='font-size:8pt'>Faculty: $faculty | Year: $academic | Lecturer: $lecturer | Teaching Assistant: $ta_name </span>
+ </a></div> ";
+ }
+ }
+ }
+}
?>
+
<div class="row" style='margin-left:20px;float:left'>
- <?php
+<?php
- if (isset($_SESSION['info_ReMarking'])) {
+if (isset($_SESSION['info_ReMarking'])) {
echo '<hr><div class="alert alert-info" role="alert" style="float:left;">' . $_SESSION['info_ReMarking'] . '</div>';
- $_SESSION['info_ReMarking']=null;
+ $_SESSION['info_ReMarking']=null;
}
- if (isset($_SESSION['info_courses'])) {
+if (isset($_SESSION['info_courses'])) {
echo '<hr><div class="alert alert-info" role="alert" style="float:left;">' . $_SESSION['info_courses'] . '</div>';
- $_SESSION['info_courses']=null;
+ $_SESSION['info_courses']=null;
}
- ?>
+?>
</div>
@@ -58,116 +74,116 @@ include 'Header.php';
<?php
-if( $_SESSION['user_type']=="Student")
- {
-
+if( $_SESSION['user_type'] == "Student")
+{
+ ?>
+ <hr>
+ <div class="row" style="width:95%;margin:auto; text-align:left;">
-?>
- <hr>
-
-<div class="row" style="width:95%;margin:auto; text-align:left;">
-
-
-
-<div class="col-md-9">
+ <div class="col-md-9">
<!-- Nav tabs -->
- <ul class="nav nav-tabs" role="tablist">
+
+ <ul class="nav nav-tabs" role="tablist">
<li class="nav-item">
- <a class="nav-link active" data-toggle="tab" href="#menu1">New Lab Reports</a>
+ <a class="nav-link active" data-toggle="tab" href="#menu1">New</a>
</li>
<li class="nav-item">
- <a class="nav-link" data-toggle="tab" href="#menu2">Missed Lab Reports </a>
+ <a class="nav-link" data-toggle="tab" href="#menu2">Missed</a>
</li>
<li class="nav-item">
- <a class="nav-link" data-toggle="tab" href="#menu3">Submitted Lab Reports</a>
+ <a class="nav-link" data-toggle="tab" href="#menu3">Submitted</a>
</li>
<li class="nav-item">
- <a class="nav-link" data-toggle="tab" href="#menu4">Marked Submissions</a>
+ <a class="nav-link" data-toggle="tab" href="#menu4">Marked</a>
</li>
- </ul>
+ </ul>
- <div class="tab-content">
- <div id="menu1" class="container tab-pane active"><br>
+ <div class="tab-content">
+ <div id="menu1" class="container tab-pane active"><br>
- <?php
+<?php
- // Get groups of this students
- $sql="SELECT course_group_members_table.Course_Group_id
-FROM course_group_members_table inner join
-course_groups_table on course_group_members_table.Course_Group_id = course_groups_table.Course_Group_id
-WHERE course_group_members_table.Student_ID=$student_id and course_groups_table.Course_id=$course_id";
+ // Get groups of this students
+ $sql="SELECT course_group_members_table.Course_Group_id FROM course_group_members_table INNER JOIN course_groups_table ON course_group_members_table.Course_Group_id = course_groups_table.Course_Group_id WHERE course_group_members_table.Student_ID=$student_id and course_groups_table.Course_id=$course_id";
-
- $resultx1 = mysqli_query($con,$sql);
-
-while($row = mysqli_fetch_assoc($resultx1)) {$_SESSION['group_id']=$row['Course_Group_id'];}
-
-$group_id=$_SESSION['group_id'];
-
-if($group_id==""){$group_id=-1;}
-
-$var="SELECT Type,Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
- FROM `lab_reports_table` WHERE Course_ID=$course_id "
- . ""
- . "and (Deadline > '$c_date' or Lab_Report_ID in (SELECT `Lab_Report_ID` FROM `extended_deadlines_table`"
- . " WHERE Lab_Report_ID in (select Lab_Report_ID from lab_reports_table where Course_ID=$course_id) and Student_ID=$student_id and Extended_Deadline_Date > '$c_date') ) "
- . ""
- . ""
- . ""
- . ""
- . "and Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions"
- . " where (Student_id=$student_id or Course_Group_id=$group_id) and Course_ID=$course_id)"
- . ""
- . " ORDER by Lab_Report_ID DESC";
-
-$result1 = mysqli_query($con,$var);
-
-if(mysqli_num_rows($result1)==0)
+ $resultx1 = mysqli_query($con, $sql);
+ while($row = mysqli_fetch_assoc($resultx1))
{
- echo "No Active assignments for this course so far.";
- } else { while($row = mysqli_fetch_assoc($result1)) {
+ $_SESSION['group_id'] = $row['Course_Group_id'];
+ }
+
+ $group_id = $_SESSION['group_id'];
+
+ if($group_id == "")
+ {
+ $group_id = 0; // no group. If the student has a group, the group number should be greater than 0.
+ }
+
+ // Show the assignment iff the following conditions are met: (1)
+ // Before the deadline (2) Before the students' extended deadline (if any)
+ // (3) none of the student's group members have already submitted
+ // the assignment.
+
+ $var = "SELECT Type, Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`".
+ " FROM `lab_reports_table`".
+ " WHERE Course_ID=$course_id".
+ " AND (Deadline > '$c_date' OR Lab_Report_ID IN (SELECT `Lab_Report_ID` FROM `extended_deadlines_table` WHERE Student_ID=$student_id AND Extended_Deadline_Date > '$c_date' AND Lab_Report_ID IN (SELECT Lab_Report_ID FROM lab_reports_table WHERE Course_ID=$course_id)))".
+ " AND Lab_Report_ID NOT IN (SELECT Lab_Report_ID FROM lab_report_submissions WHERE Course_Group_id IN (SELECT Course_Group_id FROM course_group_members_table WHERE Student_ID=$student_id))".
+ " ORDER BY Lab_Report_ID DESC";
+
+ $result1 = mysqli_query($con, $var);
+
+ if(mysqli_num_rows($result1)==0)
+ {
+ echo "No active assignments for this course so far.";
+ } else {
+
+ while($row = mysqli_fetch_assoc($result1)) {
$title=$row['Title'];
- $type=$row['Type'];
- $Marks=$row['Marks'];
- $ins=$row['Instructions'];
- $posted=$row['Posted_Date'];
- $deadline=$row['Deadline'];
- $att1=$row['Attachment_link_1'];
- $att2=$row['Attachment_link_2'];
- $att3=$row['Attachment_link_3'];
- $att4=$row['Attachment_link_4'];
- $labid=$row['Lab_Report_ID'];
-
- $full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
+ $type=$row['Type'];
+ $Marks=$row['Marks'];
+ $ins=$row['Instructions'];
+ $posted=$row['Posted_Date'];
+ $deadline=$row['Deadline'];
+ $att1=$row['Attachment_link_1'];
+ $att2=$row['Attachment_link_2'];
+ $att3=$row['Attachment_link_3'];
+ $att4=$row['Attachment_link_4'];
+ $labid=$row['Lab_Report_ID'];
+
+ $full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
- if($att2!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
- }
- if($att3!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
- }
+ if($att2!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
+ }
+ if($att3!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
+ }
- if($att4!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
- }
- echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
+ if($att4!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
+ }
+ echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title ($type) <br> <span style='font-size:8pt'> $ins</span>
<br> <span style='font-size:8pt'>Posted : $posted Deadline : $deadline ($Marks Marks) <a href='~\..\SubmitLab.php?id=$labid&url=$url' class='btn-sm btn-info' style='margin-left:50px;'> Submit Lab Report</a><br> Attachments : $full_link </span>
</div></k>";
- }}
- echo "";
- ?>
+ }}
+ echo "";
+ ?>
</div>
+
+
+
- <div id="menu2" class="container tab-pane"><br>
- <?php
- $group_id=$_SESSION['group_id'];
- $result = mysqli_query($con,"SELECT Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
+ <div id="menu2" class="container tab-pane"><br>
+<?php
+ $group_id=$_SESSION['group_id'];
+ $result = mysqli_query($con,"SELECT Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
FROM `lab_reports_table`
where
@@ -178,119 +194,119 @@ if(mysqli_num_rows($result1)==0)
Lab_Report_ID not in
(select Lab_Report_ID from lab_report_submissions where (Student_id=$student_id or Course_Group_id=$group_id) and Course_ID=$course_id )
and Course_ID=$course_id and deadline < '$c_date' "
- . ""
- . ""
- . ""
- . ""
- . ""
- . ""
- . "ORDER by Lab_Report_ID DESC");
+ . ""
+ . ""
+ . ""
+ . ""
+ . ""
+ . ""
+ . "ORDER by Lab_Report_ID DESC");
-if(mysqli_num_rows($result)==0)
+ if(mysqli_num_rows($result)==0)
{
- echo "You Missed no Lab reports in this course";
+ echo "You missed no lab reports in this course.";
- } else { while($row = mysqli_fetch_assoc($result)) {
+ } else {
+ while($row = mysqli_fetch_assoc($result)) {
$title=$row['Title'];
- $marks=$row['Marks'];
- $ins=$row['Instructions'];
- $posted=$row['Posted_Date'];
- $deadline=$row['Deadline'];
- $att1=$row['Attachment_link_1'];
- $att2=$row['Attachment_link_2'];
- $att3=$row['Attachment_link_3'];
- $att4=$row['Attachment_link_4'];
- $id=$row['Lab_Report_ID'];
+ $marks=$row['Marks'];
+ $ins=$row['Instructions'];
+ $posted=$row['Posted_Date'];
+ $deadline=$row['Deadline'];
+ $att1=$row['Attachment_link_1'];
+ $att2=$row['Attachment_link_2'];
+ $att3=$row['Attachment_link_3'];
+ $att4=$row['Attachment_link_4'];
+ $id=$row['Lab_Report_ID'];
- $full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
+ $full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
- if($att2!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
- }
- if($att3!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
- }
+ if($att2!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
+ }
+ if($att3!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
+ }
- if($att4!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
- }
- ;
+ if($att4!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
+ }
+ ;
- echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
+ echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> <span style='font-size:8pt'> $ins</span>
<br> <span style='font-size:8pt'>Posted : $posted Deadline : $deadline ($marks Marks) <span class='btn-sm btn-warning' style='margin-left:50px;'><i class='fa fa-times-circle'></i> Missed !</span><br> Attachments : $full_link </span>
</div></k>";
- }}
- echo "";
- ?>
+ }}
+ echo "";
+ ?>
- </div>
- <div id="menu3" class="container tab-pane"><br>
- <?php
+ </div>
+ <div id="menu3" class="container tab-pane"><br>
+<?php
-$group_id = $_SESSION['group_id'];
-if($group_id==""){$group_id=-1;} // This fixes "Submitted report not shown" http://118.25.96.118/bugzilla/show_bug.cgi?id=176
+ $group_id = $_SESSION['group_id'];
+ if($group_id==""){$group_id=-1;} // This fixes "Submitted report not shown" http://118.25.96.118/bugzilla/show_bug.cgi?id=176
-$resultx = mysqli_query($con,"SELECT Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
+ $sql_stmt = "SELECT Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
FROM `lab_reports_table`
-
- where Lab_Report_ID in (select Lab_Report_ID from lab_report_submissions"
- . " where Status='Pending' and (Student_id=$student_id or Course_Group_id=$group_id) and Course_ID=$course_id) ORDER by Lab_Report_ID DESC");
-if(mysqli_num_rows($resultx)==0)
+ WHERE Lab_Report_ID in (select Lab_Report_ID from lab_report_submissions"
+ . " where Status='Pending' and (Student_id=$student_id or Course_Group_id=$group_id) and Course_ID=$course_id) ORDER by Lab_Report_ID DESC";
+
+ $resultx = mysqli_query($con, $sql_stmt);
+
+
+ if(mysqli_num_rows($resultx)==0)
{
- echo "You have no lab report submissions in this course.";
+ echo "You have no lab report submissions in this course.";
- } else { while($row = mysqli_fetch_assoc($resultx)) {
- $lab_repo_id=$row['Lab_Report_ID'];
+ } else {
+ while($row = mysqli_fetch_assoc($resultx)) {
+ $lab_repo_id=$row['Lab_Report_ID'];
$title=$row['Title'];
- $marks=$row['Marks'];
- $ins=$row['Instructions'];
- $posted=$row['Posted_Date'];
- $deadline=$row['Deadline'];
- $att1=$row['Attachment_link_1'];
- $att2=$row['Attachment_link_2'];
- $att3=$row['Attachment_link_3'];
- $att4=$row['Attachment_link_4'];
- $id=$row['Lab_Report_ID'];
-
- if( $c_date < $deadline)
- {
- $submittedx="<a href='~\..\SubmitLab.php?id=$id' class='btn-sm btn-default'><i class='fa fa-check-circle'></i> Re-Submit </a>";
- }
- else {
-
- }
+ $marks=$row['Marks'];
+ $ins=$row['Instructions'];
+ $posted=$row['Posted_Date'];
+ $deadline=$row['Deadline'];
+ $att1=$row['Attachment_link_1'];
+ $att2=$row['Attachment_link_2'];
+ $att3=$row['Attachment_link_3'];
+ $att4=$row['Attachment_link_4'];
+ $id = $row['Lab_Report_ID'];
+ if( $c_date < $deadline)
+ {
+ $submittedx="<a href='~\..\SubmitLab.php?id=$id&url=$url' class='btn-sm btn-default'><i class='fa fa-check-circle'></i> Re-Submit </a>";
+ }
+
+ $full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
+
+ if($att2!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
+ }
+ if($att3!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
+ }
- $full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
-
- if($att2!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
- }
- if($att3!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
- }
-
- if($att4!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
- }
- ;
+ if($att4!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
+ }
- echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
+ echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> <span style='font-size:8pt'> $ins</span>
- <br> <span style='font-size:8pt'>Posted : $posted Deadline : $deadline ($marks Marks) $submittedx <span class='btn-sm btn-success' style='margin-left:50px;'><i class='fa fa-Edit-circle'></i> Submitted </span><br> Assignment Attachments : $full_link
- <br> Submission Files :";
+ <br> <span style='font-size:8pt'>Posted : $posted Deadline : $deadline ($marks Marks) $submittedx <span class='btn-sm btn-success' style='margin-left:50px;'><i class='fa fa-Edit-circle'></i> Submitted </span>
+<br> Submitted files: ";
-$Sub_result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
+ $Sub_result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
`Title`,users_table.Full_Name,course_group_members_table.Student_ID
@@ -298,128 +314,133 @@ FROM `lab_report_submissions`
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$student_id')");
-// or lab_report_submissions.Course_Group_id='$group_id'
-if(mysqli_num_rows($Sub_result)==0)
- {
- echo "No Attachments found.";
+ if(mysqli_num_rows($Sub_result) == 0)
+ {
+ echo "No Attachments found.";
- } else { while($row = mysqli_fetch_assoc($Sub_result)) {
- $at1=$row['Attachment1'];
- $at2=$row['Attachment2'];
- $at3=$row['Attachment3'];
- $at4=$row['Attachment4'];
+ } else {
+ while($row = mysqli_fetch_assoc($Sub_result)) {
+ $at1=$row['Attachment1'];
+ $at2=$row['Attachment2'];
+ $at3=$row['Attachment3'];
+ $at4=$row['Attachment4'];
- $full_link="<a href='~\..\Lab_Report_Submisions\\$at1'>$at1</a>";
-
- if($at2!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$at2'>$at2</a>";
- }
- if($at3!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$at3'>$at3</a>";
- }
+ $base_at1 = basename($at1);
+ $base_at2 = basename($at2);
+ $base_at3 = basename($at3);
+ $base_at4 = basename($at4);
+
+ $full_link = "<a href='~\..\Download.php?file=$at1&attachment=1'>$base_at1</a>"; // prevent students from directly accessing their classmates' submissions
+
+ if($at2!=""){
+ $full_link= $full_link." | <a href='~\..\Download.php?file=$at2&attachment=2'>$base_at2</a>";
+ }
+ if($at3!=""){
+ $full_link= $full_link." | <a href='~\..\Download.php?file=$at3&attachment=3'>$base_at3</a>";
+ }
- if($at4!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$at4'>$at4</a>";
- }
+ if($at4!=""){
+ $full_link= $full_link." | <a href='~\..\Download.php?file=$at4&attachment=4'>$base_at4</a>";
+ }
- echo $full_link;
+ echo $full_link;
- }
- }
+ }
+ }
- echo "</span></div></k>";
+ echo "</span></div></k>";
- }}
- echo "";
- ?>
+ }}
+ echo "";
+ ?>
- </div>
+ </div>
- <?php
-$sqli=mysqli_query($con, "SELECT * from course_groups_table WHERE Course_Group_id=$group_id and Course_id=$course_id");
-while($row = mysqli_fetch_assoc($sqli))
-{ $Group_Leader=$row['Group_Leader'];
- $Group_Member=$row['Group_Member'];
- $Group_Member2=$row['Group_Member2'];
- $Group_Member3=$row['Group_Member3'];
- $Group_Member4=$row['Group_Member4'];
-}
- ?>
+<?php
+ $sqli=mysqli_query($con, "SELECT * from course_groups_table WHERE Course_Group_id=$group_id and Course_id=$course_id");
+ while($row = mysqli_fetch_assoc($sqli))
+ { $Group_Leader=$row['Group_Leader'];
+ $Group_Member=$row['Group_Member'];
+ $Group_Member2=$row['Group_Member2'];
+ $Group_Member3=$row['Group_Member3'];
+ $Group_Member4=$row['Group_Member4'];
+ }
+ ?>
- <div id="menu4" class="container tab-pane"><br>
- <?php
-$resultx = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_reports_table.`Lab_Report_ID`, `Student_id`, "
- . "`Course_Group_id`, `Notes`, lab_report_submissions.`Marks`,
+ <div id="menu4" class="container tab-pane"><br>
+<?php
+ $resultx = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_reports_table.`Lab_Report_ID`, `Student_id`, "
+ . "`Course_Group_id`, `Notes`, lab_report_submissions.`Marks`,
lab_report_submissions.Remarking_Reason,
`Status`, lab_reports_table.Title Lab_Title,lab_reports_table.Marks Original_marks FROM `lab_report_submissions` "
- . "INNER JOIN lab_reports_table on lab_reports_table.Lab_Report_ID=lab_report_submissions.Lab_Report_ID "
- . "WHERE (lab_report_submissions.Student_id='$student_id'
+ . "INNER JOIN lab_reports_table on lab_reports_table.Lab_Report_ID=lab_report_submissions.Lab_Report_ID "
+ . "WHERE (lab_report_submissions.Student_id='$student_id'
or (lab_report_submissions.Student_id='$Group_Leader' and lab_report_submissions.Course_Group_id='$group_id')
or (lab_report_submissions.Student_id='$Group_Member' and lab_report_submissions.Course_Group_id='$group_id')
or (lab_report_submissions.Student_id='$Group_Member2' and lab_report_submissions.Course_Group_id='$group_id')
or (lab_report_submissions.Student_id='$Group_Member3' and lab_report_submissions.Course_Group_id='$group_id')
or (lab_report_submissions.Student_id='$Group_Member4' and lab_report_submissions.Course_Group_id='$group_id')
)and"
- . ""
- . ""
- . ""
- . " lab_reports_table.Lab_Report_ID in (select Lab_Report_ID from lab_report_submissions"
- . " where (Status='Marked' or Status='Remarking') and (Student_id=$student_id or Course_Group_id=$group_id) and Course_ID=$course_id) ORDER by Submission_ID DESC");
+ . ""
+ . ""
+ . ""
+ . " lab_reports_table.Lab_Report_ID in (select Lab_Report_ID from lab_report_submissions"
+ . " where (Status='Marked' or Status='Remarking') and (Student_id=$student_id or Course_Group_id=$group_id) and Course_ID=$course_id) ORDER by Submission_ID DESC");
-if(mysqli_num_rows($resultx)==0)
+ if(mysqli_num_rows($resultx)==0)
{
- echo "You have No Marked submissions in this course";
+ echo "You have no marked submissions in this course";
} else { while($row = mysqli_fetch_assoc($resultx)) {
$title=$row['Lab_Title'];
- $marks=$row['Marks'];
- $Originalmarks=$row['Original_marks'];
- $ins=$row['Instructions'];
- $posted=$row['Posted_Date'];
- $deadline=$row['Deadline'];
- $att1=$row['Attachment_link_1'];
- $att2=$row['Attachment_link_2'];
- $att3=$row['Attachment_link_3'];
- $att4=$row['Attachment_link_4'];
- $id=$row['Lab_Report_ID'];
- $Submission_ID=$row['Submission_ID'];
- $notes=$row['Notes'];
- $status= $row['Status'];
- $remarking_reason=$row['Remarking_Reason'];
- if($status=='Marked')
- {
- $rm_data="\Script.php?remarking=yes&id=$Submission_ID&url=$url&status=Remarking";
- $remarking="<button onclick='remarking(\"$rm_data\")' class='btn-sm btn-success'> Request Remarking </button>";
- }
- if($status=='Remarking')
- {
- $remarking="<span style='color:orange'><i class='fa fa-info-circle'></i> Remarking Request sent </span> <br> Remarking Reason:<i>$remarking_reason </i> <br>";
+ $marks=$row['Marks'];
+ $Originalmarks=$row['Original_marks'];
+ $ins=$row['Instructions'];
+ $posted=$row['Posted_Date'];
+ $deadline=$row['Deadline'];
+ $att1=$row['Attachment_link_1'];
+ $att2=$row['Attachment_link_2'];
+ $att3=$row['Attachment_link_3'];
+ $att4=$row['Attachment_link_4'];
+ $id=$row['Lab_Report_ID'];
+ $Submission_ID=$row['Submission_ID'];
+ $notes=$row['Notes'];
+ $status= $row['Status'];
+ $remarking_reason=$row['Remarking_Reason'];
+ if($status=='Marked')
+ {
+ $rm_data="\Script.php?remarking=yes&id=$Submission_ID&url=$url&status=Remarking";
+ $remarking="<button onclick='remarking(\"$rm_data\")' class='btn-sm btn-success'> Request Remarking </button>";
+ }
+ if($status=='Remarking')
+ {
+ $remarking="<span style='color:orange'><i class='fa fa-info-circle'></i> Remarking Request sent </span> <br> Remarking Reason:<i>$remarking_reason </i> <br>";
- }
+ }
- echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
+ echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <b> ($marks Marks out of $Originalmarks)</b><br><small> Lecturer Feedback : $notes </small> $remarking <br> Submission files :";
- $Sub_result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
+ $Sub_result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
`Title`,users_table.Full_Name,course_group_members_table.Student_ID
@@ -428,33 +449,33 @@ if(mysqli_num_rows($resultx)==0)
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Student_id='$student_id'");
- if(mysqli_num_rows($Sub_result)==0)
- {
- echo "No Attachments found.";
+ if(mysqli_num_rows($Sub_result)==0)
+ {
+ echo "No Attachments found.";
- } else { while($row = mysqli_fetch_assoc($Sub_result)) {
- $at1=$row['Attachment1'];
- $at2=$row['Attachment2'];
- $at3=$row['Attachment3'];
- $at4=$row['Attachment4'];
+ } else { while($row = mysqli_fetch_assoc($Sub_result)) {
+ $at1=$row['Attachment1'];
+ $at2=$row['Attachment2'];
+ $at3=$row['Attachment3'];
+ $at4=$row['Attachment4'];
- $full_link="<a href='~\..\Lab_Report_Submisions\\$at1'>$at1</a>";
+ $full_link="<a href='~\..\Lab_Report_Submisions\\$at1'>$at1</a>";
- if($at2!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$at2'>$at2</a>";
- }
- if($at3!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$at3'>$at3</a>";
- }
+ if($at2!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$at2'>$at2</a>";
+ }
+ if($at3!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$at3'>$at3</a>";
+ }
- if($at4!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$at4'>$at4</a>";
- }
+ if($at4!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$at4'>$at4</a>";
+ }
- echo $full_link;
+ echo $full_link;
- }
- }
+ }
+ }
@@ -462,123 +483,73 @@ if(mysqli_num_rows($resultx)==0)
- }}
- echo "</div></k>";
- ?>
+ }}
+ echo "</div></k>";
+ ?>
- </div>
+ </div>
-
-
-
-
-
-
-
-
-
-
-
- </div>
+ </div>
+ </div>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-</div>
-
-<div class="col-md-3">
+ <div class="col-md-3">
<h3>Class Groups</h3>
- <?php
+<?php
$resultx1 = mysqli_query($con,"SELECT `Course_Group_id` FROM `course_groups_table` WHERE Course_id=$course_id");
- while($row = mysqli_fetch_assoc($resultx1)) {$count_groups=$row['Course_Group_id'];}
+ while($row = mysqli_fetch_assoc($resultx1)) {$count_groups=$row['Course_Group_id'];}
- echo " <button onclick='CreateGroup()' class='btn btn-primary'> Create Group</button>";
+ echo " <button onclick='CreateGroup()' class='btn btn-primary'> Create Group</button>";
?>
- <hr>
- <?php
+ <hr>
+<?php
- $result = mysqli_query($con," SELECT `ID`, course_group_members_table.Course_Group_id, `Student_ID`,
+ $result = mysqli_query($con," SELECT `ID`, course_group_members_table.Course_Group_id, `Student_ID`,
`Status`,course_groups_table.Group_Name,course_groups_table.Course_id
FROM `course_group_members_table` INNER JOIN course_groups_table on
course_groups_table.Course_Group_id=course_group_members_table.Course_Group_id WHERE Student_id=$student_id and course_groups_table.Course_id=$course_id");
-if(mysqli_num_rows($result)==0)
+ if(mysqli_num_rows($result)==0)
{
- echo "You have no Group in this Course";
+ echo "You have no Group in this Course";
} else { while($row = mysqli_fetch_assoc($result)) {
$name=$row['Group_Name'];
- $id=$row['Course_Group_id'];
- $status=$row['Status'];
+ $id=$row['Course_Group_id'];
+ $status=$row['Status'];
- $extra=" - <a href='#' class='' onclick='invite($id)'> Invite Others</a></small>";
+ $extra=" - <a href='#' class='' onclick='invite($id)'> Invite Others</a></small>";
- if($status=="Invited")
- {
- $extra2=" <a href='#' class='' onclick='accept($id,1)'>Accept</a></small>";
- $extra3=" <a href='#' class='' onclick='accept($id,0)'>Decline</a></small>";
+ if($status=="Invited")
+ {
+ $extra2=" <a href='#' class='' onclick='accept($id,1)'>Accept</a></small>";
+ $extra3=" <a href='#' class='' onclick='accept($id,0)'>Decline</a></small>";
- }
- echo "<div class='btn-default'><small> $name ($status) $extra $extra2 $extra3</small></div>";
+ }
+ echo "<div class='btn-default'><small> $name ($status) $extra $extra2 $extra3</small></div>";
- $rs2=mysqli_query($con,"SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID,
+ $rs2=mysqli_query($con,"SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID,
course_group_members_table.`Status`,users_table.Full_Name FROM `course_group_members_table`
INNER JOIN users_table on users_table.Student_ID=course_group_members_table.Student_ID
where course_group_members_table.Course_Group_id=$id");
- while($row = mysqli_fetch_assoc($rs2)) {
- $name=$row['Full_Name'];
- $id=$row['Course_Group_id'];
- $status=$row['Status'];
- $Student_ID=$row['Student_ID'];
+ while($row = mysqli_fetch_assoc($rs2)) {
+ $name=$row['Full_Name'];
+ $id=$row['Course_Group_id'];
+ $status=$row['Status'];
+ $Student_ID=$row['Student_ID'];
- echo "<li><small> $name-$Student_ID ($status)</small></li>";
+ echo "<li><small> $name-$Student_ID ($status)</small></li>";
- }
+ }
@@ -586,72 +557,25 @@ where course_group_members_table.Course_Group_id=$id");
- }
}
- ?>
+ }
+ ?>
-</div>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+ </div>
</div>
+
+
+
<?php
- }
- include 'Footer.php';
- ?>
+}
+include 'Footer.php';
+?>
<script src="./css/jquery-1.11.1.min.js"></script>
@@ -659,114 +583,114 @@ where course_group_members_table.Course_Group_id=$id");
<link rel="stylesheet" href="./css/jquery-ui.css" />
<script>
- function CreateGroup() {
+
+function CreateGroup() {
+
-
try
{
- $('<form id="frm" method="get" action="Script.php"><input type="hidden" name="creategroup" value="true">\n\
+ $('<form id="frm" method="get" action="Script.php"><input type="hidden" name="creategroup" value="true">\n\
<input type="hidden" name="student_id" value="<?php echo $student_id; ?>" > Group Name <input type="text" name="name">\n\
<input type="hidden" name="url" value="<?php echo $url; ?>"> <input type="hidden" name="id" value="<?php echo $course_id; ?>"> </form>').dialog({
- modal: true,
- title:'Create Group',
- buttons: {
- 'Create Group': function () {
- $('#frm').submit();
-
- $(this).dialog('close');
- },
- 'X': function () {
-
- $(this).dialog('close');
+ modal: true,
+ title:'Create Group',
+ buttons: {
+ 'Create Group': function () {
+ $('#frm').submit();
+
+ $(this).dialog('close');
+ },
+ 'X': function () {
+
+ $(this).dialog('close');
+ }
+
}
-
- }
});
- }catch(e){ alert(e); }
+ } catch(e){ alert(e); }
}
+
+
+
+
+function invite(id) {
-
-
- function invite(id) {
-
-
try
{
- $('<form id="frm" method="get" action="Script.php"><input type="hidden" name="groupinvite" value="true">\n\
+ $('<form id="frm" method="get" action="Script.php"><input type="hidden" name="groupinvite" value="true">\n\
<input type="hidden" name="groupid" value="'+id+'" > Enter Student_ID to Invite <input type="text" name="student_id">\n\
<input type="hidden" name="url" value="<?php echo $url; ?>"> <input type="hidden" name="courseid" value="<?php echo $course_id; ?>"> </form>').dialog({
- modal: true,
- title:'Invite Students to Group',
- buttons: {
- 'Invite': function () {
- $('#frm').submit();
-
- $(this).dialog('close');
- },
- 'X': function () {
-
- $(this).dialog('close');
+ modal: true,
+ title:'Invite Students to Group',
+ buttons: {
+ 'Invite': function () {
+ $('#frm').submit();
+
+ $(this).dialog('close');
+ },
+ 'X': function () {
+
+ $(this).dialog('close');
+ }
+
}
-
- }
});
- }catch(e){ alert(e); }
+ } catch(e){ alert(e); }
}
-
-
-
-
-
-
-
-
- function accept(id,val) {
+
+
+
+
+
+
+
+
+function accept(id,val) {
-
try
{
- $('<form id="frm" method="get" action="Script.php"><input type="hidden" name="acceptinvite" value="true">\n\
+ $('<form id="frm" method="get" action="Script.php"><input type="hidden" name="acceptinvite" value="true">\n\
<input type="hidden" name="groupid" value="'+id+'" > \n\ <input type="hidden" name="action" value="'+val+'" > \n\
\n\
<input type="hidden" name="student_id" value="<?php echo $student_id; ?>" > \n\
<input type="hidden" name="url" value="<?php echo $url; ?>"> <input type="hidden" name="courseid" value="<?php echo $course_id; ?>"> </form>').dialog({
- modal: true,
- title:'Respond to Group Invite',
- buttons: {
- 'Confirm': function () {
- $('#frm').submit();
-
- $(this).dialog('close');
- },
- 'X': function () {
-
- $(this).dialog('close');
+ modal: true,
+ title:'Respond to Group Invite',
+ buttons: {
+ 'Confirm': function () {
+ $('#frm').submit();
+
+ $(this).dialog('close');
+ },
+ 'X': function () {
+
+ $(this).dialog('close');
+ }
+
}
-
- }
});
- }catch(e){ alert(e); }
+ } catch(e){ alert(e); }
}
-
+
function remarking(data)
{
-
- var details=prompt("Please enter Remarking Reason","");
-
- window.location.href=data+"&details="+details;
+
+ var details = prompt("Please enter your remarking reasons","");
+
+ window.location.href = data+"&details="+details;
}
- </script>
+</script>
diff --git a/Courses.php b/Courses.php
index 446064b..5005494 100644
--- a/Courses.php
+++ b/Courses.php
@@ -1,49 +1,45 @@
+<?php
+include 'NoDirectPhpAcess.php';
+?>
+
+
<?php
$page='Courses';
include 'Header.php';
-$user_d=$_SESSION['user_id'];
+$user_d = $_SESSION['user_id'];
-
-
-
-
-
-
-
-
-
- if( $_SESSION['user_type']=="Lecturer" || $_SESSION['user_type']=="TA")
- {
+if( $_SESSION['user_type']=="Lecturer" || $_SESSION['user_type']=="TA")
+{
?>
-<!-- FOR LECTURER-->
+ <!-- FOR LECTURER-->
-<div class="row" style="width:80%;margin:auto; text-align:left;">
+ <div class="row" style="width:80%;margin:auto; text-align:left;">
-<script src="./css/jquery-1.11.1.min.js"></script>
-<script src="./css/jquery-ui.min.js"></script>
-<link rel="stylesheet" href="./css/jquery-ui.css" />
+ <script src="./css/jquery-1.11.1.min.js"></script>
+ <script src="./css/jquery-ui.min.js"></script>
+ <link rel="stylesheet" href="./css/jquery-ui.css" />
-<script>
+ <script>
function extend_deadline(id) {
- var dropstudents=$("#dropstudents").html();
+ var dropstudents=$("#dropstudents").html();
- try
- {
+ try
+ {
- $('<form id="frm" method="get" action="Script.php">\n\
+ $('<form id="frm" method="get" action="Script.php">\n\
<input type="hidden" name="extenddeadline" value="true" >\n\
<input type="hidden" name="id" value="'+id+'" > \n\
New Date/Time <br><input type="date" name="date" required=""> <input type="time" name="time" required=""> \n\
@@ -52,47 +48,47 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
<input type="radio" value="2" name="type" required=""> Extend for these Individual Students \n\
'+dropstudents+' \n\
</form>').dialog({
- modal: true,
- title:'Extend Deadline',
- buttons: {
- 'Submit': function () {
- $('#frm').submit();
+ modal: true,
+ title:'Extend Deadline',
+ buttons: {
+ 'Submit': function () {
+ $('#frm').submit();
- $(this).dialog('close');
- },
- 'X': function () {
+ $(this).dialog('close');
+ },
+ 'X': function () {
- $(this).dialog('close');
- }
+ $(this).dialog('close');
+ }
- }
-});
+ }
+ });
- }catch(e){ alert(e); }
-}
+ }catch(e){ alert(e); }
+ }
- </script>
+ </script>
- <?php
- if(!empty($_GET["course"]))
- {
- $course_url=$_GET["course"];
- $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
- . " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` "
- . " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table"
- . " ON users_table.User_ID=courses_table.Lecturer_User_ID where URL='$course_url' ");
+<?php
+ if(!empty($_GET["course"]))
+ {
+ $course_url=$_GET["course"];
+ $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
+ . " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` "
+ . " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table"
+ . " ON users_table.User_ID=courses_table.Lecturer_User_ID where URL='$course_url' ");
- if(mysqli_num_rows($result)==0)
- {} else { while($row = mysqli_fetch_assoc($result)) {
- $name=$row['Course_Name'];
- $code=$row['Course_Code'];
- $faculty=$row['Faculty'];
- $lecturer=$row['Full_Name'];
- $academic=$row['Academic_Year'];
- $url=$row['URL'];
- $id=$row['Course_ID'];
- $course_id=$row['Course_ID'];
+ if(mysqli_num_rows($result)==0)
+ {} else { while($row = mysqli_fetch_assoc($result)) {
+ $name=$row['Course_Name'];
+ $code=$row['Course_Code'];
+ $faculty=$row['Faculty'];
+ $lecturer=$row['Full_Name'];
+ $academic=$row['Academic_Year'];
+ $url=$row['URL'];
+ $id=$row['Course_ID'];
+ $course_id=$row['Course_ID'];
echo "
<div class='alert> <a href='~\..\Courses.php?course=$url'> <div class='panel'>
@@ -102,224 +98,224 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
<hr></div></div> <div class='row' style='width:80%;margin:auto; text-align:left;'>
";
- echo "<div class='col-md-5'>";
+ echo "<div class='col-md-5'>";
+ }
+
+ // ------------------------------Editing Lab Assignment by Lecturer ------------------------------------
+
+
+ if($_GET['act']=="edit"){
+ $getid = $_GET["cid"];
+ $result1 = mysqli_query($con, "SELECT * from lab_reports_table WHERE Lab_Report_ID = '$getid'");
+
+ while($row1 = mysqli_fetch_assoc($result1)) {
+ $Deadline = $row1['Deadline'];
+ $_SESSION['Date'] = trim( strstr($Deadline, ' ', true) );
+ $_SESSION['Time'] = trim( strstr($Deadline, ' ') );
+ $_SESSION['Instructions'] = $row1['Instructions'];
+ $_SESSION['Title'] = $row1['Title'];
+ $_SESSION['Marks'] = $row1['Marks'];
+ $_SESSION['Type'] = $row1['Type'];
}
-// ------------------------------Editing Lab Assignment by Lecturer ------------------------------------
-
-
- if($_GET['act']=="edit"){
- $getid = $_GET["cid"];
- $result1 = mysqli_query($con, "SELECT * from lab_reports_table WHERE Lab_Report_ID = '$getid'");
-
- while($row1 = mysqli_fetch_assoc($result1)) {
- $Deadline = $row1['Deadline'];
- $_SESSION['Date'] = trim( strstr($Deadline, ' ', true) );
- $_SESSION['Time'] = trim( strstr($Deadline, ' ') );
- $_SESSION['Instructions'] = $row1['Instructions'];
- $_SESSION['Title'] = $row1['Title'];
- $_SESSION['Marks'] = $row1['Marks'];
- $_SESSION['Type'] = $row1['Type'];
- }
+ if(isset($_POST['frm_uploadlab'])){
+ $deadlinedate = trim( $_POST["deadlinedate"] ); // remove spaces
+ $deadlinetime = trim( $_POST["deadlinetime"] ); // remove spaces
+ $instructions = $_POST["instructions"];
+ $title = $_POST["title"];
+ $marks = $_POST["marks"];
+ $type = $_POST["type"];
+ $Deadline = $deadlinedate." ".$deadlinetime;
+ $date = date("Y-m-d H:i");
- if(isset($_POST['frm_uploadlab'])){
- $deadlinedate = trim( $_POST["deadlinedate"] ); // remove spaces
- $deadlinetime = trim( $_POST["deadlinetime"] ); // remove spaces
- $instructions = $_POST["instructions"];
- $title = $_POST["title"];
- $marks = $_POST["marks"];
- $type = $_POST["type"];
- $Deadline = $deadlinedate." ".$deadlinetime;
- $date = date("Y-m-d H:i");
-
- $sql = "UPDATE `lab_reports_table` SET `Deadline` = ('" . $Deadline . "'), `Instructions` = ('" . $instructions . "'), `Title` = ('" . $title . "'), `Marks` = ('" . $marks . "'), `Type` = ('" . $type . "') WHERE `lab_reports_table`.`Lab_Report_ID` = '$getid'";
- if ($con->query($sql) === TRUE) {
- $_SESSION["info_Updated"]="Assignment information updated successfully.";
+ $sql = "UPDATE `lab_reports_table` SET `Deadline` = ('" . $Deadline . "'), `Instructions` = ('" . $instructions . "'), `Title` = ('" . $title . "'), `Marks` = ('" . $marks . "'), `Type` = ('" . $type . "') WHERE `lab_reports_table`.`Lab_Report_ID` = '$getid'";
+ if ($con->query($sql) === TRUE) {
+ $_SESSION["info_Updated"]="Assignment information updated successfully.";
- } else {
- // echo "Error: " . $sql . "<br>" . $con->error;
- echo "Serious error happened whiling updating assignment information.";
- }
- }
+ } else {
+ // echo "Error: " . $sql . "<br>" . $con->error;
+ echo "Serious error happened whiling updating assignment information.";
+ }
+ }
- if( $_SESSION['user_type']=="Lecturer"){
- $Date = $_SESSION['Date'];
- $Time = $_SESSION['Time'];
- $Instructions = $_SESSION['Instructions'];
- $Title = $_SESSION['Title'];
- $Marks = $_SESSION['Marks'];
- $Type = $_SESSION['Type'];
+ if( $_SESSION['user_type']=="Lecturer"){
+ $Date = $_SESSION['Date'];
+ $Time = $_SESSION['Time'];
+ $Instructions = $_SESSION['Instructions'];
+ $Title = $_SESSION['Title'];
+ $Marks = $_SESSION['Marks'];
+ $Type = $_SESSION['Type'];
- echo " <h3><a href='Courses.php?course=".$url."'> Editing Lab Assignment </a></h3>";
- ?>
- <form method='post' enctype='multipart/form-data' action=''>
- <input type='hidden' name='frm_uploadlab' value='true' required=''/>
- <input type='hidden' name='course_id' value='<?php echo "$id" ?>' required=''/>
- <input type='hidden' name='url' value='<?php echo ".$course_url." ?>' required=''/>
+ echo " <h3><a href='Courses.php?course=".$url."'> Editing Lab Assignment </a></h3>";
+ ?>
+ <form method='post' enctype='multipart/form-data' action=''>
+ <input type='hidden' name='frm_uploadlab' value='true' required=''/>
+ <input type='hidden' name='course_id' value='<?php echo "$id" ?>' required=''/>
+ <input type='hidden' name='url' value='<?php echo ".$course_url." ?>' required=''/>
-Dealine Date/Time
-<div class='row'>
-<div class='col-md-7'><input type='date' id='date' name='deadlinedate' placeholder='' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Date : ""; ?>"> </div>
-<div class='col-md-5'> <input type='text' id='time' class='form-control' name='deadlinetime' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Time : ""; ?>"> </div>
-</div>
+ Dealine Date/Time
+ <div class='row'>
+ <div class='col-md-7'><input type='date' id='date' name='deadlinedate' placeholder='' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Date : ""; ?>"> </div>
+ <div class='col-md-5'> <input type='text' id='time' class='form-control' name='deadlinetime' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Time : ""; ?>"> </div>
+ </div>
-Title
-<input type='text' name='title' placeholder='Ttle' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Title : ""; ?>">
-Instructions
-<textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required='' ><?php echo isset($_GET['act']) && $_GET['act']=='edit' ? $Instructions : ''; ?></textarea>
-Marks
-<input type='text' name='marks' placeholder='Marks' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Marks : ""; ?>">
-Attachment 1
-<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control'>
+ Title
+ <input type='text' name='title' placeholder='Ttle' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Title : ""; ?>">
+ Instructions
+ <textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required='' ><?php echo isset($_GET['act']) && $_GET['act']=='edit' ? $Instructions : ''; ?></textarea>
+ Marks
+ <input type='text' name='marks' placeholder='Marks' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Marks : ""; ?>">
+ Attachment 1
+ <input type='file' name='attachment1' placeholder='Attachment 1' class='form-control'>
-Attachment 2
-<input type='file' name='attachment2' placeholder='Attachment 1' class='form-control'>
+ Attachment 2
+ <input type='file' name='attachment2' placeholder='Attachment 1' class='form-control'>
-Attachment 3
-<input type='file' name='attachment3' placeholder='Attachment 1' class='form-control' >
+ Attachment 3
+ <input type='file' name='attachment3' placeholder='Attachment 1' class='form-control' >
-Attachment 4
-<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
-<br>
+ Attachment 4
+ <input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
+ <br>
<?php
-if ($Type == "Individual") {
- echo "Submission Type <input type='radio' name='type' value='Individual' checked /> Invidual <input type='radio' name='type' value='Group' /> Group";
-} else {
- echo "Submission Type <input type='radio' name='type' value='Individual' /> Invidual <input type='radio' name='type' value='Group' checked> Group";
-}
-?>
+ if ($Type == "Individual") {
+ echo "Submission Type <input type='radio' name='type' value='Individual' checked /> Invidual <input type='radio' name='type' value='Group' /> Group";
+ } else {
+ echo "Submission Type <input type='radio' name='type' value='Individual' /> Invidual <input type='radio' name='type' value='Group' checked> Group";
+ }
+ ?>
-<hr>
-<input type='submit' class='btn btn-primary' value='Post Lab Assignment'><br>
-</form><br><br><br><br>
+ <hr>
+ <input type='submit' class='btn btn-primary' value='Post Lab Assignment'><br>
+ </form><br><br><br><br>
<?php
- }}else{
+ }}else{
-// ------------------------------Posting New Lab Assignment------------------------------------
+ // ------------------------------Posting New Lab Assignment------------------------------------
-// Mysql to split 1 string into 2 similar to the tsrstr in php
-// SELECT SUBSTRING_INDEX(Deadline, ' ', 1) as Date, SUBSTRING_INDEX(Deadline, ' ', -1) as Time from lab_reports_table
+ // Mysql to split 1 string into 2 similar to the tsrstr in php
+ // SELECT SUBSTRING_INDEX(Deadline, ' ', 1) as Date, SUBSTRING_INDEX(Deadline, ' ', -1) as Time from lab_reports_table
- if( $_SESSION['user_type']=="Lecturer"){
+ if( $_SESSION['user_type']=="Lecturer"){
- ?>
+ ?>
- <h3> Post new Lab Assignment </a></h3>
+ <h3> Post new Lab Assignment </a></h3>
- <form method='post' enctype='multipart/form-data' action='Script.php'>
- <?php
- $_SESSION['url']=$url;
- ?>
- <input type='hidden' name='frm_uploadlab' value='true' required=''/>
- <input type='hidden' name='course_id' value='<?php echo "$id" ?>' required=''/>
- <input type='hidden' name='url' value='<?php echo ".$course_url." ?>' required=''/>
+ <form method='post' enctype='multipart/form-data' action='Script.php'>
+<?php
+ $_SESSION['url']=$url;
+ ?>
+ <input type='hidden' name='frm_uploadlab' value='true' required=''/>
+ <input type='hidden' name='course_id' value='<?php echo "$id" ?>' required=''/>
+ <input type='hidden' name='url' value='<?php echo ".$course_url." ?>' required=''/>
- Dealine Date/Time
- <div class='row'>
- <div class='col-md-7'><input type='date' id='date' name='deadlinedate' placeholder='' class='form-control' required='' value=""> </div>
-<div class='col-md-5'> <input type='time' class='form-control' name='deadlinetime' value=""> </div>
-</div>
+ Dealine Date/Time
+ <div class='row'>
+ <div class='col-md-7'><input type='date' id='date' name='deadlinedate' placeholder='' class='form-control' required='' value=""> </div>
+ <div class='col-md-5'> <input type='time' class='form-control' name='deadlinetime' value=""> </div>
+ </div>
-Title
-<input type='text' name='title' placeholder='Ttle' class='form-control' required='' value="">
- Instructions
-<textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required='' value=""></textarea>
-Marks
-<input type='text' name='marks' placeholder='Marks' class='form-control' required='' value="">
- Attachment 1
-<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control'>
+ Title
+ <input type='text' name='title' placeholder='Ttle' class='form-control' required='' value="">
+ Instructions
+ <textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required='' value=""></textarea>
+ Marks
+ <input type='text' name='marks' placeholder='Marks' class='form-control' required='' value="">
+ Attachment 1
+ <input type='file' name='attachment1' placeholder='Attachment 1' class='form-control'>
- Attachment 2
-<input type='file' name='attachment2' placeholder='Attachment 1' class='form-control'>
+ Attachment 2
+ <input type='file' name='attachment2' placeholder='Attachment 1' class='form-control'>
- Attachment 3
-<input type='file' name='attachment3' placeholder='Attachment 1' class='form-control' >
+ Attachment 3
+ <input type='file' name='attachment3' placeholder='Attachment 1' class='form-control' >
- Attachment 4
-<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
-<br>
-Submission Type <input type='radio' name='type' value='Individual' required=''> Invidual
+ Attachment 4
+ <input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
+ <br>
+ Submission Type <input type='radio' name='type' value='Individual' required=''> Invidual
-<input type='radio' name='type' value='Group' required=''> Group
-<hr>
- <input type='submit' class='btn btn-primary' value='Post Lab Assignment'><br>
-</form><br><br><br><br>
- <?php
- }
-}
+ <input type='radio' name='type' value='Group' required=''> Group
+ <hr>
+ <input type='submit' class='btn btn-primary' value='Post Lab Assignment'><br>
+ </form><br><br><br><br>
+<?php
+ }
+ }
- }
- echo "</div>";
+ }
+ echo "</div>";
- echo "<div class='col-md-7'> <h3> Lab Report Assignment list </h3>";
+ echo "<div class='col-md-7'> <h3> Lab Report Assignment list </h3>";
- error_reporting(0);
- if(isset($_SESSION["info_Updated"])){
- echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Updated'] . '</div>';
- $_SESSION['info_Updated'] = null;
- }
-if (isset($_SESSION['info_courses'])) {
- echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_courses'] . '</div>';
- $_SESSION['info_courses'] = null;
-}
-if (isset($_SESSION['info_courses'])) {
- echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_courses'] . '</div>';
- $_SESSION['info_courses']=null;
-}
+ error_reporting(0);
+ if(isset($_SESSION["info_Updated"])){
+ echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Updated'] . '</div>';
+ $_SESSION['info_Updated'] = null;
+ }
+ if (isset($_SESSION['info_courses'])) {
+ echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_courses'] . '</div>';
+ $_SESSION['info_courses'] = null;
+ }
+ if (isset($_SESSION['info_courses'])) {
+ echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_courses'] . '</div>';
+ $_SESSION['info_courses']=null;
+ }
- $result = mysqli_query($con," SELECT `Lab_Report_ID`,Type,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, "
- . "`Attachment_link_4` FROM `lab_reports_table` WHERE Course_ID=$id ORDER by Lab_Report_ID DESC");
+ $result = mysqli_query($con," SELECT `Lab_Report_ID`,Type,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, "
+ . "`Attachment_link_4` FROM `lab_reports_table` WHERE Course_ID=$id ORDER by Lab_Report_ID DESC");
- if( $_SESSION['user_type']=="TA")
+ if( $_SESSION['user_type']=="TA")
{
- echo "<b style='color:orange'>* Only Lecturers can Post new Lab report Assignments </b><br>";
+ echo "<b style='color:gray'>*Only Lecturer can post a new lab report assignment</b><br>";
}
- if(mysqli_num_rows($result)==0)
- {
- echo "No assignments posted so far.";
+ if(mysqli_num_rows($result)==0)
+ {
+ echo "No assignments posted so far.";
- } else { while($row = mysqli_fetch_assoc($result)) {
- $marks=$row['Marks'];
- $title=$row['Title'];
- $ins=$row['Instructions'];
- $posted=$row['Posted_Date'];
- $deadline=$row['Deadline'];
- $att1=$row['Attachment_link_1'];
- $att2=$row['Attachment_link_2'];
- $att3=$row['Attachment_link_3'];
- $att4=$row['Attachment_link_4'];
- $id=$row['Lab_Report_ID'];
- $cours_id=$row['Course_ID'];
- $as_type=$row['Type'];
- $full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
+ } else { while($row = mysqli_fetch_assoc($result)) {
+ $marks=$row['Marks'];
+ $title=$row['Title'];
+ $ins=$row['Instructions'];
+ $posted=$row['Posted_Date'];
+ $deadline=$row['Deadline'];
+ $att1=$row['Attachment_link_1'];
+ $att2=$row['Attachment_link_2'];
+ $att3=$row['Attachment_link_3'];
+ $att4=$row['Attachment_link_4'];
+ $id=$row['Lab_Report_ID'];
+ $cours_id=$row['Course_ID'];
+ $as_type=$row['Type'];
+ $full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
- if($att2!=""){
- $full_link= $full_link."  |  <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
- }
- if($att3!=""){
- $full_link= $full_link."  |  <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
- }
+ if($att2!=""){
+ $full_link= $full_link."  |  <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
+ }
+ if($att3!=""){
+ $full_link= $full_link."  |  <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
+ }
- if($att4!=""){
- $full_link= $full_link." |   <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
- }
+ if($att4!=""){
+ $full_link= $full_link." |   <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
+ }
- $resultx1 = mysqli_query($con,"Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id");
- while($row = mysqli_fetch_assoc($resultx1)) {$count_subs=$row['cnt'];}
+ $resultx1 = mysqli_query($con,"Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id");
+ while($row = mysqli_fetch_assoc($resultx1)) {$count_subs=$row['cnt'];}
- $resultx2 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Marks is not null");
- if(mysqli_num_rows($resultx2)==0){$count_marked=0;} else { while($row = mysqli_fetch_assoc($resultx2)) {$count_marked =$row['cnt'];}}
+ $resultx2 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Marks is not null");
+ if(mysqli_num_rows($resultx2)==0){$count_marked=0;} else { while($row = mysqli_fetch_assoc($resultx2)) {$count_marked =$row['cnt'];}}
$header="Courses > ".$name."($code) > Assignments > ".$title;
@@ -328,138 +324,98 @@ if (isset($_SESSION['info_courses'])) {
$title ($as_type) <br> $ins
<br> <span style='font-size:8pt'>Posted : $posted Deadline : <b> $deadline </b> ($marks Marks) "
- . "<br>"
+ . "<br>"
- . "<span class='btn-default'> $count_subs Submissions ( $count_marked Marked ) <a href='Courses.php?course=".$url."&act=edit&cid=".$id."'>Edit</a> | <a href='~\..\Submissions.php?id=$id&header=$header&total=$marks' onclick=''> View </a> | <a href='#' onclick='extend_deadline($id)'> Extend Deadline </a> </span> <hr> Attachments : $full_link </span>"
- . " </div>
+ . "<span class='btn-default'> $count_subs Submissions ( $count_marked Marked ) <a href='Courses.php?course=".$url."&act=edit&cid=".$id."'>Edit</a> | <a href='~\..\Submissions.php?id=$id&header=$header&total=$marks' onclick=''> View </a> | <a href='#' onclick='extend_deadline($id)'> Extend Deadline </a> </span> <hr> Attachments : $full_link </span>"
+ . " </div>
";
- }}
- echo "</div>";
+ }}
+ echo "</div>";
- $resultx1 = mysqli_query($con,"SELECT course_students_table.Student_ID,users_table.Full_Name FROM
+ $resultx1 = mysqli_query($con,"SELECT course_students_table.Student_ID,users_table.Full_Name FROM
`course_students_table`
INNER JOIN users_table on users_table.Student_ID=course_students_table.Student_ID
WHERE Course_ID=$course_id");
- echo "<span id='dropstudents' style='display:none;'> <select name='stdid'>";
- while($row = mysqli_fetch_assoc($resultx1))
+ echo "<span id='dropstudents' style='display:none;'> <select name='stdid'>";
+ while($row = mysqli_fetch_assoc($resultx1))
{
- $stdid=$row['Student_ID'];
- $stdname=$row['Full_Name'];
+ $stdid=$row['Student_ID'];
+ $stdname=$row['Full_Name'];
- echo "<option value='$stdid'> $stdname($stdid) </option> ";
+ echo "<option value='$stdid'> $stdname($stdid) </option> ";
}
- echo "</select><br>Reason <input type='text' name='reason'>"
- . "<input type='hidden' name='url' value='$course_url'>"
- . " </span>";
+ echo "</select><br>Reason <input type='text' name='reason'>"
+ . "<input type='hidden' name='url' value='$course_url'>"
+ . " </span>";
- return;
+ return;
- }
+ }
- ?>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+ ?>
+
+
<div class="col-md-8">
- <?php
- $user_name=$_SESSION['user_fullname'];
+<?php
+ $user_name=$_SESSION['user_fullname'];
- echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
+ echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
Course Portal > $user_name (Lecturer) > Course Listing
<br> <span style='font-size:8pt'> </span>
</a></div>
";
- $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, "
- . "`Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID where courses_table.Lecturer_User_ID=$user_d");
+ $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, "
+ . "`Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID where courses_table.Lecturer_User_ID=$user_d");
- if($_SESSION['user_type']=="TA")
- {
- $result = mysqli_query($con,"SELECT course_ta.Course_ID, `Course_Name`,
+ if($_SESSION['user_type']=="TA")
+ {
+ $result = mysqli_query($con,"SELECT course_ta.Course_ID, `Course_Name`,
`Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table`
INNER JOIN
course_ta ON course_ta.Course_ID=courses_table.Course_ID where course_ta.TA=$user_d");
- }
- // $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID");
+ }
+ // $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID");
- if(mysqli_num_rows($result)==0)
+ if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) {
- $id=$row['Course_ID'];
- $name=$row['Course_Name'];
- $code=$row['Course_Code'];
- $faculty=$row['Faculty'];
- $lecturer=$row['Full_Name'];
- $academic=$row['Academic_Year'];
- $url=$row['URL'];
+ $id=$row['Course_ID'];
+ $name=$row['Course_Name'];
+ $code=$row['Course_Code'];
+ $faculty=$row['Faculty'];
+ $lecturer=$row['Full_Name'];
+ $academic=$row['Academic_Year'];
+ $url=$row['URL'];
- $resultTA = mysqli_query($con,"SELECT `Course_ID`, `TA`,users_table.Full_Name as TA_NAME FROM `course_ta`
+ $resultTA = mysqli_query($con,"SELECT `Course_ID`, `TA`,users_table.Full_Name as TA_NAME FROM `course_ta`
INNER JOIN users_table on users_table.User_ID=course_ta.TA
where course_ta.Course_ID=$id");
- $ta="";
- while($rowTA = mysqli_fetch_assoc($resultTA)) {
- $ta=$ta." - ".$rowTA['TA_NAME'];
- }
+ $ta="";
+ while($rowTA = mysqli_fetch_assoc($resultTA)) {
+ $ta=$ta." - ".$rowTA['TA_NAME'];
+ }
- echo"
+ echo"
<a href='~\..\Courses.php?course=$url'> <div class='btn btn-default'>
($code) - $name
@@ -467,290 +423,191 @@ where course_ta.Course_ID=$id");
</div></a>
";
- }}?>
- </div>
- <div class="col-md-4">
- <br>
- <b> Course Joining Requests </b>
+ }}?>
+ </div>
+ <div class="col-md-4">
+ <br>
+ <b> Course Joining Requests </b>
<?php
-$lecturer_id= $_SESSION['user_id'];
- $result = mysqli_query($con,"SELECT course_students_table.ID,users_table.Full_Name, courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table`
+ $lecturer_id= $_SESSION['user_id'];
+ $result = mysqli_query($con,"SELECT course_students_table.ID,users_table.Full_Name, courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table`
INNER JOIN course_students_table on course_students_table.Course_ID=courses_table.Course_ID
INNER JOIN users_table on users_table.Student_ID=course_students_table.Student_ID
WHERE Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'");
- if(mysqli_num_rows($result)==0)
+ if(mysqli_num_rows($result)==0)
{
- echo "<br> <i class='fa fa-info-circle'></i> No Course joining request so far for all your courses <hr>";
+ echo "<br> <i class='fa fa-info-circle'></i> No Course joining request so far for all your courses <hr>";
} else { while($row = mysqli_fetch_assoc($result)) {
- $id=$row['ID'];
+ $id=$row['ID'];
- $name=$row['Course_Name'];
- $code=$row['Course_Code'];
- $faculty=$row['Faculty'];
- $std_name=$row['Full_Name'];
- $academic=$row['Academic_Year'];
+ $name=$row['Course_Name'];
+ $code=$row['Course_Code'];
+ $faculty=$row['Faculty'];
+ $std_name=$row['Full_Name'];
+ $academic=$row['Academic_Year'];
- echo "<div class='btn btn-default'>
+ echo "<div class='btn btn-default'>
$std_name is Requesting to join <br> [($code) - $name ] <br><a href='~\..\Script.php?AcceptStudent=y&id=$id&rs=yes' class='btn-sm btn-success' onclick=return confirm(\"are you sure to join this course?\")' > Accept </a>
<a href='~\..\Script.php?AcceptStudent=y&id=$id&rs=no' class='btn-sm btn-danger' onclick=return confirm(\"are you sure to join this course?\")' > Decline </a>
</div>";
- }
- }
- ?>
-
-
-
-
-
-
- <?php
- if( $_SESSION['user_type']=="TA")
- {
- echo "<center>Only Lecturers can Post new Lab report Assignments</center>";
}
- if( $_SESSION['user_type']=="Lecturer"){ ?>
+ }
+ ?>
+
+
+
+
+
- <b>Create new Course Portal </b>
+<?php
+ if( $_SESSION['user_type']=="TA")
+ {
+ echo "<center>Only Lecturers can Post new Lab report Assignments</center>";
+ }
+ if( $_SESSION['user_type']=="Lecturer"){ ?>
+
+ <b>Create new Course Portal </b>
-<form method="post" action="Script.php">
- <input type="hidden" name="frm_createCourse" value="true" required=""/>
- <input type="hidden" name="l" value="l" required=""/>
- Course Name
-<input type="text" name="name" placeholder="Course Name" class="form-control" required="">
+ <form method="post" action="Script.php">
+ <input type="hidden" name="frm_createCourse" value="true" required=""/>
+ <input type="hidden" name="l" value="l" required=""/>
+ Course Name
+ <input type="text" name="name" placeholder="Course Name" class="form-control" required="">
- Course Code
-<input type="text" name="code" placeholder="Course Code" class="form-control" required="">
+ Course Code
+ <input type="text" name="code" placeholder="Course Code" class="form-control" required="">
-URL (Leave blank to use Course Code & Year)
-<input type="text" name="url" placeholder="Choose Custom URL " class="form-control">
+ URL (Leave blank to use Course Code & Year)
+ <input type="text" name="url" placeholder="Choose Custom URL " class="form-control">
-Academic Year
-<input type="text" name="academic" placeholder="Academic Year" class="form-control" required="">
+ Academic Year
+ <input type="text" name="academic" placeholder="Academic Year" class="form-control" required="">
- Faculty <br>
-<input type="text" name="faculty" placeholder="Faculty" class="form-control" required="">
+ Faculty <br>
+ <input type="text" name="faculty" placeholder="Faculty" class="form-control" required="">
-<input type="hidden" name="lecturer" value="<?php echo $_SESSION['user_id']; ?>">
+ <input type="hidden" name="lecturer" value="<?php echo $_SESSION['user_id']; ?>">
-Verify Joining Students
-<input type="radio" name="verify" value="1"> Yes
-<input type="radio" name="verify" value="0" checked=""> No
+ Verify Joining Students
+ <input type="radio" name="verify" value="1"> Yes
+ <input type="radio" name="verify" value="0" checked=""> No
- <br>
- <input type="submit" class="btn btn-primary" value="Create Portal"><br>
+ <br>
+ <input type="submit" class="btn btn-primary" value="Create Portal"><br>
- </form>
+ </form>
- <?php } ?>
+<?php } ?>
-</div>
+ </div>
-<!-- END LECTURER -->
+ <!-- END LECTURER -->
<?php
- }
+ }
- if( $_SESSION['user_type']=="Student")
- {
- ?>
+if( $_SESSION['user_type']=="Student")
+{
+ ?>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-<!--STUDENT CODE-->
-<div class="row" style="width:80%;margin:auto; text-align:left;">
+ <!--STUDENT CODE-->
+ <div class="row" style="width:80%;margin:auto; text-align:left;">
<div class="col-md-6">
<br> Course Portal > Students <br>
- <?php
+<?php
- error_reporting(0);
-if (isset($_SESSION['info_Courses_student'])) {
- echo '<hr><span class="alert alert-success" role="alert">' . $_SESSION['info_Courses_student'] . '</span>';
- $_SESSION['info_Courses_student'] = null;
-}
-?>
+ error_reporting(0);
+ if (isset($_SESSION['info_Courses_student'])) {
+ echo '<hr><span class="alert alert-success" role="alert">' . $_SESSION['info_Courses_student'] . '</span>';
+ $_SESSION['info_Courses_student'] = null;
+ }
+ ?>
<br><br>
</div>
- <div class="col-md-6"></div>
-</div>
+ <div class="col-md-6"></div>
+ </div>
-<div class="row" style="width:80%;margin:auto; text-align:left;">
+ <div class="row" style="width:80%;margin:auto; text-align:left;">
<div class="col-md-6">
<?php
-error_reporting(0);
-$student_id= $_SESSION['user_student_id'];
-if(!empty($_GET["search"]) || !empty($_GET["faculty"]))
- {
- $search=$_GET["search"];
- $faculty=$_GET["faculty"];
+ error_reporting(0);
+ $student_id= $_SESSION['user_student_id'];
+ if(!empty($_GET["search"]) || !empty($_GET["faculty"]))
+ {
+ $search=$_GET["search"];
+ $faculty=$_GET["faculty"];
- if($faculty=="")
- {
- echo "<h4> Search Results for Code : $search</h4><hr>";
- $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
- . " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` "
- . " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table"
- . " ON users_table.User_ID=courses_table.Lecturer_User_ID where Course_Code='$search' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)");
- }
- else
- {
- echo "<h3> Find Courses under faculty $faculty</h3>";
- $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,
+ if($faculty=="")
+ {
+ echo "<h4> Search Results for Code : $search</h4><hr>";
+ $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
+ . " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` "
+ . " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table"
+ . " ON users_table.User_ID=courses_table.Lecturer_User_ID where Course_Code='$search' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)");
+ }
+ else
+ {
+ echo "<h3> Find Courses under faculty $faculty</h3>";
+ $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,
`Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`
, users_table.Full_Name FROM `courses_table` INNER JOIN users_table
ON users_table.User_ID=courses_table.Lecturer_User_ID where Faculty='$faculty' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)");
- }
+ }
- if(mysqli_num_rows($result)==0)
- {
-echo "No results found for your Search <hr>";
+ if(mysqli_num_rows($result)==0)
+ {
+ echo "No results found for your Search <hr>";
- } else { while($row = mysqli_fetch_assoc($result)) {
- $name=$row['Course_Name'];
- $code=$row['Course_Code'];
- $faculty=$row['Faculty'];
- $lecturer=$row['Full_Name'];
- $academic=$row['Academic_Year'];
- $url=$row['URL'];
- $id=$row['Course_ID'];
- $v=$row['Verify_New_Members'];
- $msg2="Join this Course";
- if($v>0)
- {
- $msg="<i class='fa fa-exclamation-circle'></i> Lecturer Verification required";
- $msg2="Send Joining Request";
- }
+ } else {
+
+ while($row = mysqli_fetch_assoc($result)) {
+ $name=$row['Course_Name'];
+ $code=$row['Course_Code'];
+ $faculty=$row['Faculty'];
+ $lecturer=$row['Full_Name'];
+ $academic=$row['Academic_Year'];
+ $url=$row['URL'];
+ $id=$row['Course_ID'];
+ $v=$row['Verify_New_Members'];
+ $msg2="Join Course";
+ if($v>0)
+ {
+ $msg="<i class='fa fa-exclamation-circle'></i> Lecturer verification required";
+ $msg2="Send Joining Request";
+ }
- echo "<div class='btn btn-default' style='word-wrap:break-word'>
- ($code) - $name <br>($url) <br> <a href='~\..\Script.php?JoinCourse=y&id=$id&std=$student_id&joining=$v' class='btn-sm btn-success' onclick=return confirm(\"are you sure to join this course?\")' > $msg2 </a>
- <br> <span style='font-size:8pt'>Faculty : $faculty Year : $academic Lecturer :$lecturer </span><br>$msg</div>
+ echo "<div class='btn btn-default' style='word-wrap:break-word'>
+ [$code] $name <br>($url) <br> <a href='~\..\Script.php?JoinCourse=y&id=$id&std=$student_id&joining=$v' class='btn-sm btn-success' onclick=return confirm(\"Are you sure to join this course?\")' > $msg2 </a>
+ <br> <span style='font-size:10pt'>Faculty: $faculty | Year: $academic | Lecturer: $lecturer </span><br>$msg</div>
";
-
-
+ }
+ }
}
- }
-
-
-
-
- }
-
-
-
-
-
-
-
- echo "<h4> My Courses </h4>";
- $result = mysqli_query($con,"SELECT users_table.Full_Name, course_students_table.Status, courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table`
+ echo "<h4> My Courses </h4>";
+ $result = mysqli_query($con,"SELECT users_table.Full_Name, course_students_table.Status, courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table`
INNER JOIN users_table
ON users_table.User_ID=courses_table.Lecturer_User_ID
@@ -758,38 +615,35 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tabl
where course_students_table.Student_ID=$student_id");
- if(mysqli_num_rows($result)==0)
+ if(mysqli_num_rows($result)==0)
{
- echo "<i class='fa fa-exclamation-circle'></i> You are not Enrolled in any Course";
- } else { while($row = mysqli_fetch_assoc($result)) {
+ echo "<i class='fa fa-exclamation-circle'></i> You are not Enrolled in any Course";
+ } else {
+ while($row = mysqli_fetch_assoc($result)) {
$name=$row['Course_Name'];
- $code=$row['Course_Code'];
- $faculty=$row['Faculty'];
- $lecturer=$row['Full_Name'];
- $academic=$row['Academic_Year'];
- $url=$row['URL'];
- $id=$row['Course_ID'];
- $Status=$row['Status'];
+ $code=$row['Course_Code'];
+ $faculty=$row['Faculty'];
+ $lecturer=$row['Full_Name'];
+ $academic=$row['Academic_Year'];
+ $url=$row['URL'];
+ $id=$row['Course_ID'];
+ $Status=$row['Status'];
- if($Status=="Joined")
- {
- echo "<a href='~\..\Course.php?url=$url'> <div class='btn btn-default' style='word-wrap:break-word'>
+ if($Status=="Joined")
+ {
+ echo "<a href='~\..\Course.php?url=$url'> <div class='btn btn-default' style='word-wrap:break-word'>
($code) - $name <br>($url) <i class='fa fa-check-circle'></i> $Status <a href='~\..\Course.php?url=$url' class='btn-sm btn-primary'> Open</a>
<br> <span style='font-size:8pt'>Faculty : $faculty Year : $academic Lecturer :$lecturer </span></div></a>
";
- }
- else
- {
- echo "<div class='btn btn-default'>
+ }
+ else
+ {
+ echo "<div class='btn btn-default'>
($code) - $name <i class='btn-sm btn-danger'> $Status</i>
<br> <span style='font-size:8pt'>Faculty : $faculty Year : $academic Lecturer :$lecturer </span></div>
";
- }
-
-
-
-
- }
+ }
+ }
}
@@ -829,15 +683,15 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tabl
List courses by faculty
<select name='faculty' class='form-control'>";
- $result = mysqli_query($con,"SELECT DISTINCT(Faculty) as Faculty FROM `courses_table`");
- if(mysqli_num_rows($result)==0)
- {} else { while($row = mysqli_fetch_assoc($result)) {
- $fname=$row['Faculty'];
+ $result = mysqli_query($con,"SELECT DISTINCT(Faculty) as Faculty FROM `courses_table`");
+ if(mysqli_num_rows($result)==0)
+ {} else { while($row = mysqli_fetch_assoc($result)) {
+ $fname=$row['Faculty'];
- echo "<option value=''> Search by faculty </option> <option value='$fname'> $fname </option>";
- }}
+ echo "<option value=''> Search by faculty </option> <option value='$fname'> $fname </option>";
+ }}
-echo "</select></div></div>
+ echo "</select></div></div>
</div>
<div class='col-md-1'> <br>
@@ -907,9 +761,9 @@ echo "</select></div></div>
- }
+}
- ?>
+?>
@@ -917,13 +771,13 @@ echo "</select></div></div>
- <style>
+<style>
- .form-control{
- padding-top: 1px;
- padding-bottom:1px;
- }
- </style>
+.form-control{
+ padding-top: 1px;
+ padding-bottom:1px;
+ }
+</style>
diff --git a/Download.php b/Download.php
new file mode 100644
index 0000000..71b49bd
--- /dev/null
+++ b/Download.php
@@ -0,0 +1,37 @@
+<?php
+
+session_start();
+
+// Allow legal person to download files instead of using direct URL access
+// Adapted from https://www.runoob.com/w3cnote/php-download-file.html
+
+
+// 修改这一行设置你的文件下载目录
+$file = "./../../lrr_submission".$_GET['file'];
+$filename = basename($file);
+
+// 判断文件是否存在
+if(!file_exists($file)) die("File does not exist.");
+
+// 文件类型,作为头部发送给浏览器
+$type = filetype($file);
+
+// 获取时间和日期
+$today = date("F j, Y, g:i a");
+$time = time();
+
+if ( (isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"])) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA") {
+ // 发送文件头部
+ header("Content-type: $type");
+ header("Content-Disposition: attachment;filename=$filename");
+ header("Content-Transfer-Encoding: binary");
+ header('Pragma: no-cache');
+ header('Expires: 0');
+ // 发送文件内容
+ set_time_limit(0);
+ readfile($file);
+} else {
+ echo "Nothing to download. Contact lanhui _at_ zjnu.edu.cn if you think otherwise.";
+}
+
+?>
diff --git a/Header.php b/Header.php
index be557f8..e867e1e 100644
--- a/Header.php
+++ b/Header.php
@@ -1,55 +1,39 @@
<?php
session_start();
-
error_reporting(0);
- date_default_timezone_set('Asia/Shanghai');
+date_default_timezone_set('Asia/Shanghai');
+$con = mysqli_connect("localhost","username","password","lrr");
-$con=mysqli_connect("localhost","username","password","lrr");
-// Check connection
-if (mysqli_connect_errno())
- {
+// Check database connection
+if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
- }
-else
-{
-
}
-
-
?>
<!DOCTYPE html>
<html>
+
<header>
-
-
+
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css"/>
<link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css"/>
+<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css"/>
+
<script src="./css/jquery.min.js" type="text/javascript"></script>
<script src="./css/bootsrap.min.js" type="text/javascript"></script>
-<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css"/>
<script src="./css/jquery.datetimepicker.min.js" type="text/javascript"></script>
-
-
</header>
<body>
-
- <?php
- $curDateTime = date("Y-m-d H:i");
- include 'connect.php';
-
- ?>
-
<nav class="navbar navbar-expand-lg navbar-dark bg-dark" style="padding-left:150px;padding-right:150px;margin:auto;">
- <a class="navbar-brand" href="~\..\index.php"> <img src="logo.png" style="width:30px;heigh:30px;"> LRRS</a>
+ <a class="navbar-brand" href="~\..\index.php"> <img src="logo.png" style="width:30px;heigh:30px;"> LRRS</a>
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarColor02" aria-controls="navbarColor02" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
@@ -60,26 +44,24 @@ else
<li class="nav-item active">
<!-- <a class='nav-link' href='~\..\Visitors.php'> <i class='fa fa-globe'></i> Visitor Portal <span class='sr-only'>(current)</span></a> -->
- </li>
+ </li>
<?php
if(isset($_SESSION["user_fullname"]))
{
- echo " <a class='nav-link' href='~\..\Courses.php'><i class='fa fa-book'></i> Courses <span class='sr-only'>(current)</span></a>";
-
-
+ echo " <a class='nav-link' href='~\..\Courses.php'><i class='fa fa-book'></i> Courses <span class='sr-only'>(current)</span></a>";
?>
</li>
-
- </ul>
+ </ul>
<form class="form-inline my-2 my-lg-0" style="color:#fff;">
- Welcome <b> <?php echo $_SESSION['user_fullname'];
- ?> </b>
+ Welcome <b> <?php echo $_SESSION['user_fullname']; ?> </b>
<?php
- $c_date= date("Y-m-d H:i");
- echo "(". $_SESSION['user_type'] .") ";
-
+ $c_date= date("Y-m-d H:i");
+ if (isset( $_SESSION['user_student_id']))
+ echo "(". $_SESSION['user_type'] . " - " . $_SESSION['user_student_id'] .") ";
+ else
+ echo "(". $_SESSION['user_type'] .") ";
?>
<?php
@@ -87,16 +69,14 @@ if ($_SESSION['user_type'] == "Lecturer") {
echo " <i class=\"fa fa-cog\" style=\"color:#fff;\"> </i> <a style='color:#fff !important' href=\"~\..\Admin.php\">Admin </a>";
}
?>
-
<i class="fa fa-user" style="color:#fff;"> </i>
<a href="#" style='color:#fff !important' onclick="updatePass(<?php echo $_SESSION['user_id'];?>)">Update password</a>
-
<i class="fa fa-lock" style="color:#fff;"> </i> <a style='color:#fff !important' href="~\..\logout.php">Logout </a>
- <?php
- }
- ?>
+ <?php
+ }
+ ?>
</form>
</div>
</nav>
@@ -130,7 +110,7 @@ if ($_SESSION['user_type'] == "Lecturer") {
}
h1,h2,h3,h4{color:#03407B;}
a {
- color: #03407B;
+ color: #03407B;
}
.break-word {
@@ -156,33 +136,30 @@ if ($_SESSION['user_type'] == "Lecturer") {
.ui-button{ background: #03488B; color:white }
-
-
-
</style>
- <script>
+<script>
function updatePass(id)
{
- var pass= prompt("Enter your new password : ", "...");
+ var pass = prompt("Enter your new password : ", "Enter a strong password");
- if(!confirm('Are you sure to reset your password?'))
+ if(!confirm('Are you sure you want to reset your password?'))
{
return;
}
- window.location.href="\Script.php\?action=passchange&uid="+id+"&pass="+pass;
+ window.location.href="\Script.php\?action=passchange&uid="+id+"&pass="+pass;
}
- function blockUser(id,status)
+ function blockUser(id,status)
{
- if(!confirm('Are you to change User Status'))
+ if(!confirm('Are you sure you want to change user status?'))
{
return;
}
- window.location.href="\Script.php\?action=statuschange&uid="+id+"&status="+status;
- }
- </script>
+ window.location.href="\Script.php\?action=statuschange&uid="+id+"&status="+status;
+ }
+</script>
diff --git a/NoDirectPhpAcess.php b/NoDirectPhpAcess.php
new file mode 100644
index 0000000..d5e6143
--- /dev/null
+++ b/NoDirectPhpAcess.php
@@ -0,0 +1,7 @@
+<?php
+ // https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file
+ if (!isset($_SERVER['HTTP_REFERER']) ) {
+ /* choose the appropriate page to redirect users */
+ die( header( 'location: index.php' ) );
+ }
+?>
diff --git a/Script.php b/Script.php
index 84b568c..b0225ea 100644
--- a/Script.php
+++ b/Script.php
@@ -1,246 +1,225 @@
+<?php
+ include 'NoDirectPhpAcess.php';
+?>
+
<?php
/*
- * This Contains the main Server-side scripts for the project
- * session_destroy();
- *
- *
+ * This file contains the main Server-side scripts for the project.
*/
session_start();
- date_default_timezone_set('Asia/Shanghai');
-// CONNeCTION
-$con=mysqli_connect("localhost","username","password","lrr");
+date_default_timezone_set('Asia/Shanghai');
+
+// Connect to MySQL database
+$con = mysqli_connect("localhost","username","password","lrr");
+
// Check connection
if (mysqli_connect_errno())
- {
- echo "Failed to connect to MySQL: " . mysqli_connect_error();
- }
-// else
-// {
-// echo "Connected";
-// }
-
-
-
-
-
-
+{
+ echo "Failed to connect to MySQL: " . mysqli_connect_error();
+}
error_reporting(0);
+
+
+
+
+
+// #### FUNCTION CHECK FILE TYPES ////
+
+function is_valid_student_number($student_id) {
+ // zjnu student number has 12 digits, and starts with 20
+ if (strlen($student_id) == 12 && is_numeric($student_id) == TRUE && substr($student_id, 0, 2) == "20")
+ return TRUE;
+ return FALSE;
+}
+
+// ############################### SIGN UP ##################################
if (!empty($_POST["frm_signup_1"])) {
- $student_id = mysqli_real_escape_string($con,$_POST["student_id"]);
- $passport = mysqli_real_escape_string($con,$_POST["passport"]);
+
+ $student_id = trim( mysqli_real_escape_string($con, $_POST["student_id"]) );
+ $passport = trim( mysqli_real_escape_string($con, $_POST["passport"]) );
// validate student number
- if (strlen($student_id) != 12 || is_numeric($student_id) == FALSE) {
- $_SESSION["info_signup1"] = "Invalid student number.";
- header("Location: index.php");
- return;
+ if (! is_valid_student_number($student_id)) {
+ $_SESSION["info_signup1"] = "Invalid student number.";
+ header("Location: index.php");
+ return;
}
- // passport should be empty (not used)
- if (strcmp(trim($passport), '') != 0) {
- $_SESSION["info_signup1"] = "Passport is disused. Please leave it empty.";
- header("Location: index.php");
- return;
- }
+ // passport should be empty (not used)
+ if (strcmp($passport, '') != 0) {
+ $_SESSION["info_signup1"] = "Passport is disused. Please leave it empty.";
+ header("Location: index.php");
+ return;
+ }
- $result = mysqli_query($con,
- "SELECT * FROM `students_data` WHERE Student_ID='$student_id'");
- // Just removed this condition from the above command and (Passport_Number='$passport' or Passport_Number = '')
- if(mysqli_num_rows($result)==0)
+ // Check if this student number is a legal one
+ $result = mysqli_query($con, "SELECT * FROM `students_data` WHERE Student_ID='$student_id'");
+ if(mysqli_num_rows($result) == 0)
{
- $_SESSION["info_signup1"]="Student number could not be verified! Please contact Student Management Office (lanhui at zjnu.edu.cn). Thanks.";
+ $_SESSION["info_signup1"] = "Your entered student number could not be verified. Please contact Student Management Office <lanhui at zjnu.edu.cn>. Thanks.";
header("Location: index.php");
return;
}
-
-
- $result98 = mysqli_query($con,
- "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
-
-
- if(mysqli_num_rows($result98)==0)
+ $result98 = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
+ if(mysqli_num_rows($result98) == 0)
{
- $_SESSION['user_passport']=$passport;
- $_SESSION['user_student_id']=$student_id;
- header("Location: signup.php");
- return;
-
+ $_SESSION['user_student_id'] = $student_id;
+ $_SESSION['user_passport'] = $passport;
+ header("Location: signup.php");
+ return;
}
else
{
- $_SESSION["info_signup1"]="Student ID already in use! Please contact Student Management Office (lanhui at zjnu.edu.cn).";
+ $_SESSION["info_signup1"] = "This Student ID is already in use! Please contact Student Management Office <lanhui at zjnu.edu.cn> for help.";
header("Location: index.php");
return;
}
-
- }
+}
-
-
-
-
-
-
-
-
-
-
-
-
-
- // ############################### CREATE STUDENT USER ##################################
- if (!empty($_POST["frm_signup_2"])) {
- $email = mysqli_real_escape_string($con,$_POST["email"]);
- $password = mysqli_real_escape_string($con,$_POST["password"]);
- $confirmpassword = mysqli_real_escape_string($con,$_POST["confirmpassword"]);
- $fullname = mysqli_real_escape_string($con,$_POST["fullname"]);
- $student_id = $_SESSION['user_student_id'];
- $passport = $_SESSION['user_passport'];
- $_SESSION['user_fullname'] = $fullname;
- $_SESSION['user_type'] = "Student";
- $_SESSION['user_email'] = $email;
+
+
+
+
+// ############################### CREATE STUDENT USER ##################################
+if (!empty($_POST["frm_signup_2"])) {
+ $fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
+ $email = mysqli_real_escape_string($con, $_POST["email"]);
+ $password = mysqli_real_escape_string($con, $_POST["password"]);
+ $confirmpassword = mysqli_real_escape_string($con, $_POST["confirmpassword"]);
+ $student_id = $_SESSION['user_student_id'];
+ $passport = $_SESSION['user_passport'];
+ $_SESSION['user_fullname'] = $fullname;
+ $_SESSION['user_type'] = "Student";
+ $_SESSION['user_email'] = $email;
// check confirmed password
if ( strcasecmp( $password, $confirmpassword ) != 0 ){
- $_SESSION['info_signup2']="Password confirmation failed.";
- $_SESSION['user_fullname'] = null;
- $_SESSION['user_type'] = null;
+ $_SESSION['info_signup2'] = "Password confirmation failed.";
+ $_SESSION['user_fullname'] = null; // such that Header.php do not show the header information.
header("Location: signup.php");
return;
}
- // validate email
- if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
- $_SESSION['info_signup2']="Invalid email address.";
- header("Location: signup.php");
- return;
- }
-
- $upperLetter = preg_match('@[A-Z]@', $password);
- $smallLetter = preg_match('@[a-z]@', $password);
- $containsDigit = preg_match('@[0-9]@', $password);
- $containsSpecial = preg_match('@[^\w]@', $password);
- $containsAll = $upperLetter && $smallLetter && $containsDigit && $containsSpecial;
-
- // check for strong password
- if(! $containsAll) {
- $_SESSION['info_signup2'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and sepcial characters (e.g., !?.,*^).";
- header("Location: signup.php");
- return;
+ // validate email
+ if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
+ $_SESSION['info_signup2'] = "Invalid email address.";
+ header("Location: signup.php");
+ return;
}
- // check if email is taked
- $result = mysqli_query($con,
- "SELECT * FROM Users_Table WHERE email='$email'");
- if(mysqli_num_rows($result)!=0)
+
+ $upperLetter = preg_match('@[A-Z]@', $password);
+ $smallLetter = preg_match('@[a-z]@', $password);
+ $containsDigit = preg_match('@[0-9]@', $password);
+ $containsSpecial = preg_match('@[^\w]@', $password);
+ $containsAll = $upperLetter && $smallLetter && $containsDigit && $containsSpecial;
+
+ // check for strong password
+ if(! $containsAll) {
+ $_SESSION['info_signup2'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and sepcial characters (e.g., !?.,*^).";
+ header("Location: signup.php");
+ return;
+ }
+
+ // check if email is taken
+ $result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
+ if(mysqli_num_rows($result) != 0)
{
- $_SESSION["info_signup2"]="Email adress ".$email." already in use.";
- $_SESSION['user_fullname'] = null;
- $_SESSION['user_type'] = null;
+ $_SESSION["info_signup2"]="Email adress ".$email." is already in use.";
+ $_SESSION['user_fullname'] = null;
header("Location: signup.php");
return;
}
- //applying password_hash()
+
+ // apply password_hash()
$password_hash = password_hash($password, PASSWORD_DEFAULT);
$sql= "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`, `Student_ID`, `Passport_Number`) VALUES "
- . "('$email','$password_hash','$fullname','Student','$student_id','$passport')";
+ . "('$email','$password_hash','$fullname','Student','$student_id','$passport')";
- if ($con->query($sql) === TRUE) {
- header("Location: Courses.php");
- } else {
- // echo "Error: " . $sql . "<br>" . $con->error;
- echo "Something really bad happend during sign up.";
- }
+ if ($con->query($sql) === TRUE) {
+ header("Location: Courses.php");
+ } else {
+ // echo "Error: " . $sql . "<br>" . $con->error;
+ echo "Something really bad (SQL insertion error) happend during sign up.";
+ }
}
-
+
+
// ################################ LOGIN #####################################
if (!empty($_POST["frm_login"])) {
- $user=mysqli_real_escape_string($con,$_POST["user"]);
-
- $is_student_number = 0;
-
- // Validate student number
- if (is_numeric($user) && strlen($user) != 12) {
- $_SESSION["info_login"] = "Invalid student number:"."$user";
- header("Location: index.php");
- return;
- } else {
- $is_student_number = 1;
- }
-
- if ($is_student_number == 0 && !filter_var($user, FILTER_VALIDATE_EMAIL)) {
- $_SESSION["info_login"] = "Invalid email address: "."$user";
- header("Location: index.php");
- return;
- }
-
- $password=mysqli_real_escape_string($con,$_POST["password"]);
- // $hashed_password=hash('sha512', $password); Not necessary in the login
- $result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')");
-if(mysqli_num_rows($result)==0)
- {
- $_SESSION["info_login"]="Inavlid login information.";
-
- echo $_SESSION["info_login"];
-
- header("Location: index.php");
- }
- else
- {
- while($row = mysqli_fetch_assoc($result)) {
- // verify the hashed password and unhashed password
- $sha512pass = hash('sha512', $password); // for backward compatibility. Old passwords were hashed using SHA512 algorithm.
- if(password_verify($password, $row["Password"]) or $sha512pass == $row["HashPassword"]) {
- $_SESSION['user_id']=$row['User_ID'];
- $_SESSION['user_email']=$row['Email'];
- $_SESSION['user_student_id']=$row['Student_ID'];
- $_SESSION['user_type']=$row['UserType'];
- $_SESSION['user_fullname']=$row['Full_Name'];
-
- if( $_SESSION['user_type']=="Student")
- {
- header("Location: Courses.php");
- }
-
- if( $_SESSION['user_type']=="Lecturer")
- {
- header("Location: Courses.php");
- }
-
- if( $_SESSION['user_type']=="TA")
- {
- header("Location: Courses.php");
- }
-
- if( $_SESSION['user_type']=="Admin")
- {
- header("Location: Admin.php");
- }
- // report wrong pass if not correct
- }else{
- $_SESSION["wrong_pass"]="Wrong Password.";
-
- echo $_SESSION["wrong_pass"];
-
- header("Location: index.php");
- }
-
- }
- }
+ $user = mysqli_real_escape_string($con, $_POST["user"]); // user could be a 12-digit student number or an email address
+ $is_student_number = 0;
+
+ // Validate student number
+ if ( is_valid_student_number($user) ) {
+ $is_student_number = 1;
+ }
+
+ // Validate email address if what provided is not a student number
+ if (! $is_student_number && !filter_var($user, FILTER_VALIDATE_EMAIL)) {
+ $_SESSION["info_login"] = "Invalid email address: " . "$user";
+ header("Location: index.php");
+ return;
+ }
+
+ $password = mysqli_real_escape_string($con, $_POST["password"]);
+ $result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')");
+ if(mysqli_num_rows($result) == 0)
+ {
+ $_SESSION["info_login"] = "Inavlid user name information.";
+ echo $_SESSION["info_login"];
+ header("Location: index.php");
+ }
+ else
+ {
+ while($row = mysqli_fetch_assoc($result)) {
+ // verify the hashed password and unhashed password
+ $sha512pass = hash('sha512', $password); // for backward compatibility. Old passwords were hashed using SHA512 algorithm.
+ if(password_verify($password, $row["Password"]) or $sha512pass == $row["HashPassword"]) {
+
+ $_SESSION['user_id'] = $row['User_ID'];
+ $_SESSION['user_email'] = $row['Email'];
+ $_SESSION['user_student_id'] = $row['Student_ID'];
+ $_SESSION['user_type'] = $row['UserType'];
+ $_SESSION['user_fullname'] = $row['Full_Name'];
+
+ if( $_SESSION['user_type'] == "Student")
+ {
+ header("Location: Courses.php");
+ }
+
+ if( $_SESSION['user_type'] == "Lecturer")
+ {
+ header("Location: Courses.php");
+ }
+
+ if( $_SESSION['user_type'] == "TA")
+ {
+ header("Location: Courses.php");
+ }
+
+ if( $_SESSION['user_type'] == "Admin")
+ {
+ header("Location: Admin.php");
+ }
+ // report wrong pass if not correct
+ } else {
+ $_SESSION["wrong_pass"] = "Wrong Password.";
+ header("Location: index.php");
+ }
+ }
+ }
}
-
-
-
@@ -250,410 +229,309 @@ if(mysqli_num_rows($result)==0)
if (!empty($_POST["frm_recover_password"])) {
- $student_id = mysqli_real_escape_string($con,$_POST["sno"]);
- $email = mysqli_real_escape_string($con,$_POST["email"]);
+ $student_id = mysqli_real_escape_string($con,$_POST["sno"]);
+ $email = mysqli_real_escape_string($con,$_POST["email"]);
- // validate student number
- if (strlen($student_id) != 12 || is_numeric($student_id) == FALSE) {
- echo "Invalid student number.";
- return;
- }
+ // validate student number
+ if (strlen($student_id) != 12 || is_numeric($student_id) == FALSE) {
+ echo "Invalid student number.";
+ return;
+ }
- // validate email
- if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
- echo "Invalid email address.";
- return;
- }
+ // validate email
+ if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
+ echo "Invalid email address.";
+ return;
+ }
- $result = mysqli_query($con, "SELECT * FROM users_table WHERE Email='$email' and Student_ID='$student_id'");
- if(mysqli_num_rows($result)==0)
- {
- $_SESSION["info_recover_password"]="Email address is not recognised.";
- $_SESSION["info_recover_password"] = "Identity not recognized. Try again or send an inquiry email message to lanhui at zjnu.edu.cn.";
- header("Location: recover_password.php");
- } else
- {
- $result = mysqli_query($con, "DELETE FROM users_table WHERE Email='$email' and Student_ID='$student_id'");
- $_SESSION["info_recover_password"] = "<b>Reset done. Please go to the sign up page and sign up again</b>.";
- header("Location: recover_password.php");
- }
+ $result = mysqli_query($con, "SELECT * FROM users_table WHERE Email='$email' and Student_ID='$student_id'");
+ if(mysqli_num_rows($result)==0)
+ {
+ $_SESSION["info_recover_password"]="Email address is not recognised.";
+ $_SESSION["info_recover_password"] = "Identity not recognized. Try again or send an inquiry email message to lanhui at zjnu.edu.cn.";
+ header("Location: recover_password.php");
+ } else
+ {
+ $result = mysqli_query($con, "DELETE FROM users_table WHERE Email='$email' and Student_ID='$student_id'");
+ $_SESSION["info_recover_password"] = "<b>Reset done. Please go to the sign up page and sign up again</b>.";
+ header("Location: recover_password.php");
+ }
}
+
// ################################ RESET Password #####################################
if (!empty($_POST["frm_reset_password"])) {
- $password=mysqli_real_escape_string($con,$_POST["password"]);
- $token=mysqli_real_escape_string($con,$_POST["token"]);
- $email=mysqli_real_escape_string($con,$_POST["email"]);
- $result = mysqli_query($con,
- "SELECT * FROM Users_Table WHERE email='$email'");
-if(mysqli_num_rows($result)==0)
- {
+ $password=mysqli_real_escape_string($con,$_POST["password"]);
+ $token=mysqli_real_escape_string($con,$_POST["token"]);
+ $email=mysqli_real_escape_string($con,$_POST["email"]);
+ $result = mysqli_query($con,
+ "SELECT * FROM Users_Table WHERE email='$email'");
+ if(mysqli_num_rows($result)==0)
+ {
-echo "invalid email";
-return;
+ echo "invalid email";
+ return;
- }
- else
- {
- while($row = mysqli_fetch_assoc($result)) {
-
- $userid=$row['User_ID'];
-
- $email=$row['Email'];
- $id=$row['Student_ID'];
-
- $user_token=$userid*$userid*$userid+$userid*0.00343;
-if($user_token==$token)
-{
-// Password Update
-
- // Password Update
- $hashed_password=hash('sha512', $password);
- $sql= "UPDATE users_table set HashPassword='$hashed_password' where User_ID=$userid;";
- if ($con->query($sql) === TRUE) {
-
- error_reporting(0);
-
- $_SESSION["info_login"]=" Password changed successfully , you can login now with your new password ";
- header("Location: index.php");
-
- }
- else {
- echo "Error: " . $sql . "<br>" . $con->error;
-}
-
-} else
-{
- echo "Invalid Token ";
-}
-
-
-
-
- }
}
- }
+ else
+ {
+ while($row = mysqli_fetch_assoc($result)) {
+
+ $userid=$row['User_ID'];
+
+ $email=$row['Email'];
+ $id=$row['Student_ID'];
+
+ $user_token=$userid*$userid*$userid+$userid*0.00343;
+ if($user_token==$token)
+ {
+ // Password Update
+
+ // Password Update
+ $hashed_password=hash('sha512', $password);
+ $sql= "UPDATE users_table set HashPassword='$hashed_password' where User_ID=$userid;";
+ if ($con->query($sql) === TRUE) {
+
+ error_reporting(0);
+
+ $_SESSION["info_login"]=" Password changed successfully , you can login now with your new password ";
+ header("Location: index.php");
+
+ }
+ else {
+ echo "Error: " . $sql . "<br>" . $con->error;
+ }
+
+ } else
+ {
+ echo "Invalid Token ";
+ }
+
+
+
+
+ }
+ }
+}
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- // ############################### CREATE Lecturer/TA USER ##################################
- if (!empty($_POST["frm_createlecturrer"])) {
- $email=mysqli_real_escape_string($con,$_POST["email"]);
- $passport=mysqli_real_escape_string($con,$_POST["passport"]);
- $fullname=mysqli_real_escape_string($con,$_POST["fullname"]);
- $type=mysqli_real_escape_string($con,$_POST["type"]);
- $password=$passport;
- // check if email is taken
- $result = mysqli_query($con,
- "SELECT * FROM Users_Table WHERE email='$email'");
- if(mysqli_num_rows($result)!=0)
+// ############################### CREATE Lecturer/TA USER ##################################
+if (!empty($_POST["frm_createlecturrer"])) {
+ $email=mysqli_real_escape_string($con,$_POST["email"]);
+ $passport=mysqli_real_escape_string($con,$_POST["passport"]);
+ $fullname=mysqli_real_escape_string($con,$_POST["fullname"]);
+ $type=mysqli_real_escape_string($con,$_POST["type"]);
+ $password=$passport;
+ // check if email is taken
+ $result = mysqli_query($con,
+ "SELECT * FROM Users_Table WHERE email='$email'");
+ if(mysqli_num_rows($result)!=0)
{
$_SESSION["info_Admin_Users"]="Email adress : ".$email." is already in use.";
header("Location: Admin.php");
}
$sql= "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`, `Passport_Number`) VALUES "
- . "('$email','$password','$fullname','$type','$passport')";
+ . "('$email','$password','$fullname','$type','$passport')";
- if ($con->query($sql) === TRUE) {
- $_SESSION["info_Admin_Users"]=$type." user Created successfully : email ".$email." and $password as Password.";
- header("Location: Admin.php");
+ if ($con->query($sql) === TRUE) {
+ $_SESSION["info_Admin_Users"]=$type." user Created successfully : email ".$email." and $password as Password.";
+ header("Location: Admin.php");
-} else {
- echo "Error: " . $sql . "<br>" . $con->error;
+ } else {
+ echo "Error: " . $sql . "<br>" . $con->error;
+ }
}
- }
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- // #### FUNCTION CHECK FILE TYPES ////
-function is_valid($file) {
-
-
- $allowed = array('pdf', 'rtf', 'jpg','png', 'doc', 'docx', 'xls', 'xlsx','sql','txt','md','py','css','html',
- 'cvc','c','class','cpp','h','java','sh','swift','zip','rar','ods','xlr','bak','ico','swf');
-
-
-
-$filename = $_FILES[$file]['name'];
-$ext = pathinfo($filename, PATHINFO_EXTENSION);
- $result=in_array($ext,$allowed);
- return $result;
+
+
+
+// #### FUNCTION CHECK FILE TYPES ////
+
+function is_valid_file_format($file) {
+
+
+ $allowed = array('pdf', 'rtf', 'jpg','png', 'doc', 'docx', 'xls', 'xlsx','sql','txt','md','py','css','html',
+ 'cvc','c','class','cpp','h','java','sh','swift','zip','rar','ods','xlr','bak','ico','swf');
+
+ $filename = $_FILES[$file]['name'];
+ $ext = pathinfo($filename, PATHINFO_EXTENSION);
+ $result = in_array($ext,$allowed);
+ return $result;
}
+
+
+
+
+
+// #### FUNCTION CREATE DIRECTORIES ////
-
-
-
- // #### FUNCTION CREATE DIRECTORIES ////
-
- function Create_dir($upPath)
+function Create_dir($upPath)
{
- try {
-
- // full path
-$tags = explode('/' ,$upPath); // explode the full path
-$mkDir = "";
+ try {
+ // full path
+ $tags = explode('/', $upPath); // explode the full path
+ $mkDir = "";
- foreach($tags as $folder) {
- $mkDir = $mkDir . $folder ."/"; // make one directory join one other for the nest directory to make
- // echo '"'.$mkDir.'"<br/>'; // this will show the directory created each time
- if(!is_dir($mkDir)) { // check if directory exist or not
- mkdir($mkDir, 0777); // if not exist then make the directory
- }
- }
- }
- catch (Exception $e) {
-
- }
- return $upPath;
+ foreach($tags as $folder) {
+ $mkDir = $mkDir . $folder ."/"; // make one directory join one other for the nest directory to make
+ echo '"'.$mkDir.'"<br/>'; // this will show the directory created each time
+ if(!is_dir($mkDir)) { // check if directory exist or not
+ mkdir($mkDir, 0777); // if not exist then make the directory
+ }
+ }
+ }
+ catch (Exception $e) {
+ return FALSE;
+ }
+ return $upPath;
}
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+function mkdirs($path)
+{
+ if (file_exists($path))
+ return $path;
+ $result = mkdir($path, 0777, true);
+ if ($result) {
+ return $path;
+ }
+ return $result;
+}
// ############################### #Post Assignment ##################################
- if (!empty($_POST["frm_uploadlab"])) {
+if (!empty($_POST["frm_uploadlab"])) {
- $course_id=mysqli_real_escape_string($con,$_POST["course_id"]);
- $deadlinedate=$_POST["deadlinedate"];
- $deadlinetime=$_POST["deadlinetime"];
- $instructions=mysqli_real_escape_string($con,$_POST["instructions"]);
- $title=mysqli_real_escape_string($con,$_POST["title"]);
- $marks=mysqli_real_escape_string($con,$_POST["marks"]);
- // $url=mysqli_real_escape_string($con,$_POST["url"]);
- $url=$_SESSION['url']; //using real_escape_string was failing to redirect to the main page
- $type=mysqli_real_escape_string($con,$_POST["type"]);
+ $course_id=mysqli_real_escape_string($con,$_POST["course_id"]);
+ $deadlinedate=$_POST["deadlinedate"];
+ $deadlinetime=$_POST["deadlinetime"];
+ $instructions=mysqli_real_escape_string($con,$_POST["instructions"]);
+ $title=mysqli_real_escape_string($con,$_POST["title"]);
+ $marks=mysqli_real_escape_string($con,$_POST["marks"]);
+ // $url=mysqli_real_escape_string($con,$_POST["url"]);
+ $url = $_SESSION['url']; //using real_escape_string was failing to redirect to the main page
+ $type = mysqli_real_escape_string($con, $_POST["type"]);
- $deadline=$deadlinedate." ".$deadlinetime;
- $date= date("Y-m-d H:i");
+ $deadline = $deadlinedate." ".$deadlinetime;
+ $date = date("Y-m-d H:i");
- // GET UPLOADED FILES
+ // GET UPLOADED FILES
- $target_dir =Create_dir("Lab_Report_Assignments/".$title."/");
+ $target_dir = Create_dir("Lab_Report_Assignments/".$title."/");
- $rnd=rand(10,1000);
- $rnd=""; // no more required , creating folder for each lab
- $targetfile = $target_dir.$rnd.$_FILES['attachment1']['name'];
- $targetfile2 = $target_dir.$rnd.$_FILES['attachment2']['name'];
- $targetfile3 = $target_dir.$rnd.$_FILES['attachment3']['name'];
- $targetfile4 = $target_dir.$rnd.$_FILES['attachment4']['name'];
+ $rnd=rand(10,1000);
+ $rnd=""; // no more required , creating folder for each lab
+ $targetfile = $target_dir.$rnd.$_FILES['attachment1']['name'];
+ $targetfile2 = $target_dir.$rnd.$_FILES['attachment2']['name'];
+ $targetfile3 = $target_dir.$rnd.$_FILES['attachment3']['name'];
+ $targetfile4 = $target_dir.$rnd.$_FILES['attachment4']['name'];
- $count=0;
+ $count=0;
- if(!is_valid("attachment1") && $_FILES["attachment1"]["name"]!="")
- {
- echo "Invalid File Type for Attachment 1";
- return;
- }
- if(!is_valid("attachment2") && $_FILES["attachment2"]["name"]!="")
- {
- echo "Invalid File Type for Attachment 2";
- return;
- }
- if(!is_valid("attachment3") && $_FILES["attachment3"]["name"]!="")
- {
- echo "Invalid File Type for Attachment 3";
- return;
- }
+ if(!is_valid_file_format("attachment1") && $_FILES["attachment1"]["name"]!="")
+ {
+ echo "Invalid File Type for Attachment 1";
+ return;
+ }
+ if(!is_valid_file_format("attachment2") && $_FILES["attachment2"]["name"]!="")
+ {
+ echo "Invalid File Type for Attachment 2";
+ return;
+ }
+ if(!is_valid_file_format("attachment3") && $_FILES["attachment3"]["name"]!="")
+ {
+ echo "Invalid File Type for Attachment 3";
+ return;
+ }
- //if($_FILES["attachment1"]["error"] != 0) {
- // echo "Error uploading the file ";
- //return;
-//}
-
-// use 4 for missing file
-
-
+ // use 4 for missing file
+ if (move_uploaded_file($_FILES['attachment1']['tmp_name'], $targetfile)) {
+ $count++;
+ } else {
+ echo $_FILES['attachment1']['error'];
+ }
+
+ if (move_uploaded_file($_FILES['attachment2']['tmp_name'], $targetfile2)) {
+ $count++;
+ } else {
+ echo $_FILES['attachment2']['error'];
+ }
+
+ if (move_uploaded_file($_FILES['attachment3']['tmp_name'], $targetfile3)) {
+ $count++;
+ } else {
+ echo $_FILES['attachment3']['error'];
+ }
+
+ if (move_uploaded_file($_FILES['attachment4']['tmp_name'], $targetfile4)) {
+ $count++;
+ } else {
+ echo $_FILES['attachment4']['error'];
+ }
- if (move_uploaded_file($_FILES['attachment1']['tmp_name'], $targetfile)) {
- $count++;
- } else {
- echo $_FILES['attachment1']['error'];
- }
+ echo $count." File(s) uploaded";
- if (move_uploaded_file($_FILES['attachment2']['tmp_name'], $targetfile2)) {
- $count++;
- } else {
- echo $_FILES['attachment2']['error'];
- }
-
- if (move_uploaded_file($_FILES['attachment3']['tmp_name'], $targetfile3)) {
- $count++;
- } else {
- echo $_FILES['attachment3']['error'];
- }
-
- if (move_uploaded_file($_FILES['attachment4']['tmp_name'], $targetfile4)) {
- $count++;
- } else {
- echo $_FILES['attachment4']['error'];
- }
-//}
-
-
-
-
- echo $count." File(s) uploaded";
-
- //CLEAN
- $targetfile="";
-$targetfile2="";
- $targetfile3="";
- $targetfile4="";
+ //CLEAN
+ $targetfile="";
+ $targetfile2="";
+ $targetfile3="";
+ $targetfile4="";
- if($_FILES['attachment1']['name']!=""){ $targetfile="/".$title."/".$_FILES['attachment1']['name']; }
- if($_FILES['attachment2']['name']!=""){ $targetfile2="/".$title."/".$_FILES['attachment2']['name']; }
- if($_FILES['attachment3']['name']!=""){ $targetfile3= "/".$title."/".$_FILES['attachment3']['name']; }
- if($_FILES['attachment4']['name']!=""){ $targetfile4= "/".$title."/".$_FILES['attachment4']['name']; }
+ if($_FILES['attachment1']['name']!=""){ $targetfile = "/".$title."/".$_FILES['attachment1']['name']; }
+ if($_FILES['attachment2']['name']!=""){ $targetfile2 = "/".$title."/".$_FILES['attachment2']['name']; }
+ if($_FILES['attachment3']['name']!=""){ $targetfile3 = "/".$title."/".$_FILES['attachment3']['name']; }
+ if($_FILES['attachment4']['name']!=""){ $targetfile4 = "/".$title."/".$_FILES['attachment4']['name']; }
-
-
-
- // return;
-
-
-
- $sql="INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`,
+ $sql="INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`,
`Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`,Marks,Type)
VALUES ('$course_id','$date','$deadline','$instructions','$title','$targetfile','$targetfile2','$targetfile3','$targetfile3',$marks,'$type')";
- if ($con->query($sql) === TRUE) {
+ if ($con->query($sql) === TRUE) {
- $_SESSION["info_courses"]=$type." Lab Report Assignment posted successfully.";
- header("Location: Courses.php?course=".$url);
+ $_SESSION["info_courses"] = $type." lab report assignment posted successfully.";
+ header("Location: Courses.php?course=".$url);
-} else {
- echo "Error: " . $sql . "<br>" . $con->error;
+ } else {
+ echo "Error: " . $sql . "<br>" . $con->error;
+ }
}
- }
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
function checksize($file)
{
- $filename = $_FILES[$file]['name'];
-
- $result=$_FILES["$file"]['size']/1024/1024;
+ $result = $_FILES["$file"]['size']/(1024*1024);
-
-
- //$max_upload = (int)(ini_get('upload_max_filesize'));
-//$max_post = (int)(ini_get('post_max_size'));
-//$memory_limit = (int)(ini_get('memory_limit'));
-//$upload_mb = min($max_upload, $max_post, $memory_limit);
-if($result>20)
-{
- return FALSE;
-}
- return TRUE;
+ if($result > 1)
+ {
+ return FALSE;
+ }
+ return TRUE;
}
@@ -661,738 +539,579 @@ if($result>20)
// ############################### Submit Assignment ##################################
if (!empty($_POST["frm_submitlab"])) {
-
-
- $lab_id=mysqli_real_escape_string($con,$_POST["lab_id"]);
- $student_id=$_POST["student_id"];
- $group_id=$_POST["group_id"];
+ $lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]);
+ $student_id = $_POST["student_id"];
+ $group_id = $_POST["group_id"];
+ $instructions = mysqli_real_escape_string($con, $_POST["instructions"]);
+ $title = mysqli_real_escape_string($con, $_POST["title"]);
+
+ $url = mysqli_real_escape_string($con, $_POST["url"]);
+
+ $deadline = $deadlinedate." ".$deadlinetime;
+ $date = date("Y-m-d H:i");
+
+ // GET UPLOADED FILES
+ $labName = mysqli_query($con,"SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID=$lab_id");
+ while($row = mysqli_fetch_assoc($labName))
+ {
+ $lab_name = $row['Title'];
+ $_SESSION['Sub_Type'] = $row['Type']; // submission type, either Individual or Group
+ }
- $instructions=mysqli_real_escape_string($con,$_POST["instructions"]);
- $title=mysqli_real_escape_string($con,$_POST["title"]);
-
- $url=mysqli_real_escape_string($con,$_POST["url"]);
-
-
- $deadline=$deadlinedate." ".$deadlinetime;
- $date= date("Y-m-d H:i");
-
-
-
-// GET UPLOADED FILES
-
-
-
- $labName = mysqli_query($con,"SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID=$lab_id");
- while($row = mysqli_fetch_assoc($labName))
- {$lab_name=$row['Title'];
- $_SESSION['Sub_Type']=$row['Type'];
- }
-
-
- $target_dir =Create_dir("Lab_Report_Submisions/".$student_id."/".$lab_name."/");
-
-
-
- $targetfile = $target_dir.$_FILES['attachment1']['name'];
- $targetfile2 = $target_dir.$_FILES['attachment2']['name'];
- $targetfile3 = $target_dir.$_FILES['attachment3']['name'];
- $targetfile4 = $target_dir.$_FILES['attachment4']['name'];
+ $upload_folder = "Lab_Report_Submisions"; // old place for storing students' submissions
+ $upload_folder = "./../../lrr_submission";
+ $target_dir = mkdirs($upload_folder."/".$student_id."/".$url."/".$lab_name."/"); # url is actually course code plus academic year, e.g., CSC3122020
+ $targetfile = $target_dir.$_FILES['attachment1']['name'];
+ $targetfile2 = $target_dir.$_FILES['attachment2']['name'];
+ $targetfile3 = $target_dir.$_FILES['attachment3']['name'];
+ $targetfile4 = $target_dir.$_FILES['attachment4']['name'];
-
-
-
-
-
-//$curDateTime = date("Y-m-d H:i");
-//$myDate = date("Y-m-d H:i", strtotime("2017-12-28 18:01"));
-//if($curDateTime <= $myDate ){
-// echo "active ".+$curDateTime." mydate= ".$myDate;
-//
-//}else{
-// echo "inactive c=".$curDateTime;
-//}
-//
-
-$count=0;
+ $count = 0;
+ //check zise
+ if(!checksize("attachment1"))
+ {
+ echo "1 MB is the maximum file size allowed";
+ return;
+ }
+ if(!checksize("attachment2") && $_FILES["attachment2"]["name"] != "")
+ {
+ echo "1 MB is the maximum file size allowed";
+ return;
+ }
+ if(!checksize("attachment3") && $_FILES["attachment3"]["name"] != "")
+ {
+ echo "1 MB is the maximum file size allowed";
+ return;
+ }
-
-//check zise
- if(!checksize("attachment1"))
-{
- echo "2 MB is the maximum file size allowed";
- return;
-}
- if(!checksize("attachment2") && $_FILES["attachment2"]["name"]!="")
-{
- echo "2 MB is the maximum file size allowed";
- return;
-}
- if(!checksize("attachment3") && $_FILES["attachment3"]["name"]!="")
-{
- echo "2 MB is the maximum file size allowed";
- return;
-}
-
-
-
-
-
-if(!is_valid("attachment1"))
-{
- echo "Invalid File Type for Attachment 1";
- return;
-}
- if(!is_valid("attachment2") && $_FILES["attachment2"]["name"]!="")
-{
- echo "Invalid File Type for Attachment 2";
- return;
-}
- if(!is_valid("attachment3") && $_FILES["attachment3"]["name"]!="")
-{
- echo "Invalid File Type for Attachment 3";
- return;
-}
-
-if($_FILES["attachment1"]["error"] != 0) {
- echo "Error uploading the file ";
- return;
-}
-
-// use 4 for missing file
-
-
-
-
-
-if (move_uploaded_file($_FILES['attachment1']['tmp_name'], $targetfile)) {
-$count++;
-} else {
- echo $_FILES['attachment1']['error'];
-}
-
-if (move_uploaded_file($_FILES['attachment2']['tmp_name'], $targetfile2)) {
- $count++;
-} else {
- echo $_FILES['attachment2']['error'];
-}
-
-if (move_uploaded_file($_FILES['attachment3']['tmp_name'], $targetfile3)) {
- $count++;
-} else {
- echo $_FILES['attachment3']['error'];
-}
-
- if (move_uploaded_file($_FILES['attachment4']['tmp_name'], $targetfile4)) {
- $count++;
-} else {
- echo $_FILES['attachment4']['error'];
-}
-//}
-
+ if(!is_valid_file_format("attachment1"))
+ {
+ echo "Invalid File Type for Attachment 1";
+ return;
+ }
+ if(!is_valid_file_format("attachment2") && $_FILES["attachment2"]["name"] != "")
+ {
+ echo "Invalid File Type for Attachment 2";
+ return;
+ }
+ if(!is_valid_file_format("attachment3") && $_FILES["attachment3"]["name"] != "")
+ {
+ echo "Invalid File Type for Attachment 3";
+ return;
+ }
+
+ if($_FILES["attachment1"]["error"] != 0) {
+ echo "Error when uploading the file.";
+ return;
+ }
+
+ // use 4 for missing file
+
+ if (move_uploaded_file($_FILES['attachment1']['tmp_name'], $targetfile)) {
+ $count++;
+ } else {
+ echo $_FILES['attachment1']['error'];
+ }
+
+ if (move_uploaded_file($_FILES['attachment2']['tmp_name'], $targetfile2)) {
+ $count++;
+ } else {
+ echo $_FILES['attachment2']['error'];
+ }
+
+ if (move_uploaded_file($_FILES['attachment3']['tmp_name'], $targetfile3)) {
+ $count++;
+ } else {
+ echo $_FILES['attachment3']['error'];
+ }
+
+ if (move_uploaded_file($_FILES['attachment4']['tmp_name'], $targetfile4)) {
+ $count++;
+ } else {
+ echo $_FILES['attachment4']['error'];
+ }
-echo $count." File(s) uploaded";
+ echo $count." File(s) uploaded";
-//CLEAN
-$targetfile1="";
- $targetfile2="";
- $targetfile3="";
- $targetfile4="";
+ //CLEAN
+ $targetfile1 = "";
+ $targetfile2 = "";
+ $targetfile3 = "";
+ $targetfile4 = "";
-if(strlen($_FILES['attachment1']['name']) > 2 ) {
- $targetfile="/".$student_id."/".$lab_name."/".$_FILES['attachment1']['name'];
-}
+ if(strlen($_FILES['attachment1']['name']) > 2 ) { // why greater than 2???
+ $targetfile = "/".$student_id."/".$url."/".$lab_name."/".$_FILES['attachment1']['name'];
+ }
- if(strlen($_FILES['attachment2']['name']) > 2 ) {
- $targetfile2="/".$student_id."/".$lab_name."/".$_FILES['attachment2']['name']; }
+ if(strlen($_FILES['attachment2']['name']) > 2 ) {
+ $targetfile2 = "/".$student_id."/".$url."/".$lab_name."/".$_FILES['attachment2']['name']; }
- if(strlen($_FILES['attachment3']['name']) > 2 ) {
- $targetfile3= "/".$student_id."/".$lab_name."/".$_FILES['attachment3']['name'];}
+ if(strlen($_FILES['attachment3']['name']) > 2 ) {
+ $targetfile3 = "/".$student_id."/".$url."/".$lab_name."/".$_FILES['attachment3']['name'];}
- if(strlen($_FILES['attachment4']['name']) > 2 ) {
- $targetfile4= "/".$student_id."/".$lab_name."/".$_FILES['attachment4']['name'];
- }
-
-
- $sql1="Delete from lab_report_submissions where Lab_Report_ID=$lab_id and Student_id=$student_id and Course_Group_id=$group_id";
- if ($con->query($sql1) === TRUE) {
- }
-
+ if(strlen($_FILES['attachment4']['name']) > 2 ) {
+ $targetfile4 = "/".$student_id."/".$url."/".$lab_name."/".$_FILES['attachment4']['name'];
+ }
// When $group_id is not properly initialized, use integer 0 as its value.
// This temporarily fixed the "Students unable to submit assignment after a recent change" bug at http://118.25.96.118/bugzilla/show_bug.cgi?id=65
if (trim($group_id) === '') { // when $group_id is an empty string or contains only whitespace characters.
- $group_id = 0; // FIXME
+ $group_id = 0; // FIXME
+ }
+
+ $sql1 = "DELETE FROM lab_report_submissions where Lab_Report_ID=$lab_id and Student_id=$student_id and Course_Group_id=$group_id";
+ if ($con->query($sql1) === TRUE) {
}
- $sql="INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`,"
- . " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)"
- . " VALUES ('$date',$lab_id,$student_id,$group_id,'$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4',"
- . "'Pending','$title','')";
-if ($con->query($sql) === TRUE) {
- if($_SESSION['Sub_Type']=='Individual')
- // {
- // // $con->query($sql = "UPDATE `lab_report_submissions` SET `Student_id` = ('".$student_id."') WHERE `lab_report_submissions`.`Course_Group_id` = '$group_id'");
- // }
- // else
- {
- $con->query($sql = "UPDATE `lab_report_submissions` SET `Course_Group_id` = '0' WHERE `lab_report_submissions`.`Lab_Report_ID` = '$lab_id'");
- }
- $_SESSION["info_courses"]=$type." Lab Report Assignment Submitted successfully.";
-header("Location: Course.php?url=".$url);
+ $sql="INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`,"
+ . " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)"
+ . " VALUES ('$date',$lab_id,$student_id,$group_id,'$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4',"
+ . "'Pending','$title','')";
+
+ if ($con->query($sql) === TRUE) {
+ if($_SESSION['Sub_Type']=='Individual')
+ {
+ $con->query($sql = "UPDATE `lab_report_submissions` SET `Course_Group_id` = '0' WHERE `lab_report_submissions`.`Lab_Report_ID` = '$lab_id'");
+ }
+
+ $_SESSION["info_courses"] = "Thanks. Your lab report assignment is submitted successfully.";
+ header("Location: Course.php?url=".$url);
} else {
- echo "Error: <br>" . $con->error;
-}
+ echo "Error: <br>" . $con->error;
+ }
}
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- // JOIN COURSE
- if (!empty($_GET["JoinCourse"])) {
+// JOIN COURSE
+if (!empty($_GET["JoinCourse"])) {
- $id=$_GET["id"];
- $student_id=$_GET["std"];
- $joining=$_GET["joining"];
-
- $status="Pending";
+ $id = $_GET["id"];
+ $student_id = $_GET["std"];
+ $joining = $_GET["joining"];
+ $status = "Pending";
- if($joining==0){ $status="Joined";}
+ if($joining == 0){ $status = "Joined";}
- $sql="INSERT INTO `course_students_table`(`Course_ID`, `Student_ID`,`Status`) VALUES
- ('$id','$student_id','$status')";
+ $sql="INSERT INTO `course_students_table`(`Course_ID`, `Student_ID`,`Status`) VALUES ('$id','$student_id','$status')";
- if ($con->query($sql) === TRUE) {
-
+ if ($con->query($sql) === TRUE) {
- if($joining==0)
- {
- $_SESSION["info_Courses_student"]="You enroll in this Course successfully.";
- }
- else {
- $_SESSION["info_Courses_student"]="Course enrollment request was sent to the lecturer.";
- }
+ if($joining==0)
+ {
+ $_SESSION["info_Courses_student"] = "You enrolled in this course successfully.";
+ }
+ else {
+ $_SESSION["info_Courses_student"] = "Course enrollment request was sent to the lecturer.";
+ }
- header("Location: Courses.php");
-
-
-
-} else {
- echo "Error: " . $sql . "<br>" . $con->error;
+ header("Location: Courses.php");
+
+ } else {
+ echo "Error: " . $sql . "<br>" . $con->error;
+ }
+
}
-
- }
-
-
-
-
-
-
-
-
-
-
-
- #MARK LAB REPORT
+
+
+
+
+
+#MARK LAB REPORT
- if (!empty($_GET["savemarks"])) {
+if (!empty($_GET["savemarks"])) {
- $id=$_GET["id"];
- $marks=$_GET["marks"];
- $total=$_GET["total"];
- $feedback=$_GET["feedback"];
- $header=$_GET["header"];
- $labid=$_GET["labid"];
- $status="Marked";
+ $id=$_GET["id"];
+ $marks=$_GET["marks"];
+ $total=$_GET["total"];
+ $feedback=$_GET["feedback"];
+ $header=$_GET["header"];
+ $labid=$_GET["labid"];
+ $status="Marked";
- if($marks>$total)
- {
- echo " Marks could not be greater than total";
- return;
- }
- $date= date("Y-m-d H:i");
- $feedback="<br>@$date : ".$feedback;
+ if($marks>$total)
+ {
+ echo " Marks could not be greater than total";
+ return;
+ }
+ $date= date("Y-m-d H:i");
+ $feedback="<br>@$date : ".$feedback;
- $sql="UPDATE `lab_report_submissions` SET `Marks`='$marks',`Status`='$status',"
- . ""
- . "Notes=if(Notes is null, ' ', concat(Notes, '$feedback'))"
- . ""
- . " WHERE Submission_ID=$id
+ $sql="UPDATE `lab_report_submissions` SET `Marks`='$marks',`Status`='$status',"
+ . ""
+ . "Notes=if(Notes is null, ' ', concat(Notes, '$feedback'))"
+ . ""
+ . " WHERE Submission_ID=$id
";
- if ($con->query($sql) === TRUE) {
+ if ($con->query($sql) === TRUE) {
- $_SESSION["info_Marking"]="Lab Report Submission Marked";
- header("Location: Submissions.php?id=".$labid."&header=".$header."&total=".$total);
+ $_SESSION["info_Marking"]="Lab Report Submission Marked";
+ header("Location: Submissions.php?id=".$labid."&header=".$header."&total=".$total);
-} else {
- echo "Error: " . $sql . "<br>" . $con->error;
+ } else {
+ echo "Error: " . $sql . "<br>" . $con->error;
+ }
+
}
-
- }
-
-
-
-
-
- #Update Report Visibility
- if (!empty($_GET["updatevisibility"])) {
+
+
+
+
+
+#Update Report Visibility
+if (!empty($_GET["updatevisibility"])) {
- $id=$_GET["id"];
- $marks=$_GET["marks"];
- $total=$_GET["total"];
- $status=$_GET["status"];
- $header=$_GET["header"];
- $labid=$_GET["labid"];
+ $id=$_GET["id"];
+ $marks=$_GET["marks"];
+ $total=$_GET["total"];
+ $status=$_GET["status"];
+ $header=$_GET["header"];
+ $labid=$_GET["labid"];
- $sql="UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID=$id
+ $sql="UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID=$id
";
- if ($con->query($sql) === TRUE) {
+ if ($con->query($sql) === TRUE) {
- $_SESSION["info_Marking"]="Lab Report Visibility Updated";
- header("Location: Submissions.php?id=".$labid."&header=".$header."&total=".$total);
+ $_SESSION["info_Marking"]="Lab Report Visibility Updated";
+ header("Location: Submissions.php?id=".$labid."&header=".$header."&total=".$total);
-} else {
- echo "Error: " . $sql . "<br>" . $con->error;
-}
+ } else {
+ echo "Error: " . $sql . "<br>" . $con->error;
+ }
- }
-
-
-
- #Remarking Request
+}
+
+
+
+
+
+#Remarking Request
- if (!empty($_GET["remarking"])) {
+if (!empty($_GET["remarking"])) {
- $id=$_GET["id"];
- $url=$_GET["url"];
+ $id=$_GET["id"];
+ $url=$_GET["url"];
- $status= $_GET["status"];
- $details=$_GET["details"];
+ $status= $_GET["status"];
+ $details=$_GET["details"];
- $sql="UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID=$id
+ $sql="UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID=$id
";
- if ($con->query($sql) === TRUE) {
+ if ($con->query($sql) === TRUE) {
- $_SESSION["info_ReMarking"]="Remarking Request Sent";
- header("Location: Course.php?url=".$url);
+ $_SESSION["info_ReMarking"]="Remarking Request Sent";
+ header("Location: Course.php?url=".$url);
-} else {
- echo "Error: " . $sql . "<br>" . $con->error;
-}
+ } else {
+ echo "Error: " . $sql . "<br>" . $con->error;
+ }
- }
-
-
-
- #Create Group Request
+}
+
+
+
+
+
+#Create Group Request
- if (!empty($_GET["creategroup"])) {
+if (!empty($_GET["creategroup"])) {
- $student_id=$_GET["student_id"];
- $url=$_GET["url"];
- $id=$_GET["id"];
- $name= $_GET["name"];
+ $student_id=$_GET["student_id"];
+ $url=$_GET["url"];
+ $id=$_GET["id"];
+ $name= $_GET["name"];
- $sql="INSERT INTO `course_groups_table`(`Group_Name`,
+ $sql="INSERT INTO `course_groups_table`(`Group_Name`,
`Group_Leader`, `Course_id`) VALUES ('$name',$student_id,$id)";
- if ($con->query($sql) === TRUE) {
+ if ($con->query($sql) === TRUE) {
- $resultx1 = mysqli_query($con,"Select Max(Course_Group_id) as cnt from course_groups_table");
- while($row = mysqli_fetch_assoc($resultx1)) {$gid=$row['cnt'];}
+ $resultx1 = mysqli_query($con,"Select Max(Course_Group_id) as cnt from course_groups_table");
+ while($row = mysqli_fetch_assoc($resultx1)) {$gid=$row['cnt'];}
- $sql="INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
+ $sql="INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
VALUES ($gid,$student_id,'Created')";
- if ($con->query($sql) === TRUE) {
- $_SESSION["info_ReMarking"]="Course group Created";
- header("Location: Course.php?url=".$url);
- } else {
- echo "Error: " . $sql . "<br>" . $con->error;
-}
+ if ($con->query($sql) === TRUE) {
+ $_SESSION["info_ReMarking"]="Course group Created";
+ header("Location: Course.php?url=".$url);
+ } else {
+ echo "Error: " . $sql . "<br>" . $con->error;
+ }
-} else {
- echo "Error: " . $sql . "<br>" . $con->error;
-}
-
- }
-
-
-
-
-
-
- //---------------------------------------Invite Group Request and add a new member into the database------------------------------------
-
- if (!empty($_GET["groupinvite"])) {
-
- $student_id=$_GET["student_id"];
- $url=$_GET["url"];
- $courseid=$_GET["courseid"];
- $groupid=$_GET["groupid"];
-
- // if(($_SESSION['Group_Member4']=='0') or ($_SESSION['Group_Member3']=='0') or ($_SESSION['Group_Member2']=='0') or ($_SESSION['Group_Member']=='0')){
- $sql="INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
- VALUES ($groupid,$student_id,'Invited')";
- if ($con->query($sql) === TRUE) {
-
- $resultx1 = mysqli_query($con,"SELECT * FROM course_groups_table where Course_Group_id ='$groupid'");
-
- while($row = mysqli_fetch_assoc($resultx1))
- {
- $Group_Member=$row['Group_Member'];
- $Group_Member4=$row['Group_Member4'];
- $Group_Member2=$row['Group_Member2'];
- $Group_Member3=$row['Group_Member3'];
- $_SESSION['Group_Member4']=$Group_Member4;
- $_SESSION['Group_Member3']=$Group_Member3;
- $_SESSION['Group_Member2']=$Group_Member2;
- $_SESSION['Group_Member']=$Group_Member;
-
- if($Group_Member=='0'){
- mysqli_query($con,"UPDATE `course_groups_table` SET `Group_Member` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
- $_SESSION["info_ReMarking"]=$student_id . " was invited to the group";
- header("Location: Course.php?url=".$url);
- }elseif($Group_Member2=='0'){
- mysqli_query($con,"UPDATE `course_groups_table` SET `Group_Member2` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
- $_SESSION["info_ReMarking"]=$student_id . " was invited to the group";
- header("Location: Course.php?url=".$url);
- }elseif($Group_Member3=='0'){
- mysqli_query($con,"UPDATE `course_groups_table` SET `Group_Member3` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
- $_SESSION["info_ReMarking"]=$student_id . " was invited to the group";
- header("Location: Course.php?url=".$url);
- }elseif($Group_Member4=='0'){
- mysqli_query($con,"UPDATE `course_groups_table` SET `Group_Member4` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
- $_SESSION["info_ReMarking"]=$student_id . " was invited to the group";
- header("Location: Course.php?url=".$url);
- } else {
- $_SESSION["info_ReMarking"]= " You cant add any more members";
- header("Location: Course.php?url=".$url);
-
+ } else {
+ echo "Error: " . $sql . "<br>" . $con->error;
}
- }
- // }
-
- } }
-
-
-
-
-
-
-
-
-
-
- #Accept deny Group Invite
-
- if (!empty($_GET["acceptinvite"])) {
-
- $student_id=$_GET["student_id"];
- $url=$_GET["url"];
- $action=$_GET["action"];
- $groupid=$_GET["groupid"];
- if($action==1)
- {
- $sql="Update `course_group_members_table` set Status='Joined' where Course_Group_id =$groupid and student_id=$student_id
+}
+
+
+
+
+
+//---------------------------------------Invite Group Request and add a new member into the database------------------------------------
+
+if (!empty($_GET["groupinvite"])) {
+
+ $student_id=$_GET["student_id"];
+ $url=$_GET["url"];
+ $courseid=$_GET["courseid"];
+ $groupid=$_GET["groupid"];
+
+ // if(($_SESSION['Group_Member4']=='0') or ($_SESSION['Group_Member3']=='0') or ($_SESSION['Group_Member2']=='0') or ($_SESSION['Group_Member']=='0')){
+ $sql="INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
+ VALUES ($groupid,$student_id,'Invited')";
+ if ($con->query($sql) === TRUE) {
+
+ $resultx1 = mysqli_query($con,"SELECT * FROM course_groups_table where Course_Group_id ='$groupid'");
+
+ while($row = mysqli_fetch_assoc($resultx1))
+ {
+ $Group_Member=$row['Group_Member'];
+ $Group_Member4=$row['Group_Member4'];
+ $Group_Member2=$row['Group_Member2'];
+ $Group_Member3=$row['Group_Member3'];
+ $_SESSION['Group_Member4']=$Group_Member4;
+ $_SESSION['Group_Member3']=$Group_Member3;
+ $_SESSION['Group_Member2']=$Group_Member2;
+ $_SESSION['Group_Member']=$Group_Member;
+
+ if($Group_Member=='0'){
+ mysqli_query($con,"UPDATE `course_groups_table` SET `Group_Member` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
+ $_SESSION["info_ReMarking"]=$student_id . " was invited to the group";
+ header("Location: Course.php?url=".$url);
+ }elseif($Group_Member2=='0'){
+ mysqli_query($con,"UPDATE `course_groups_table` SET `Group_Member2` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
+ $_SESSION["info_ReMarking"]=$student_id . " was invited to the group";
+ header("Location: Course.php?url=".$url);
+ }elseif($Group_Member3=='0'){
+ mysqli_query($con,"UPDATE `course_groups_table` SET `Group_Member3` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
+ $_SESSION["info_ReMarking"]=$student_id . " was invited to the group";
+ header("Location: Course.php?url=".$url);
+ }elseif($Group_Member4=='0'){
+ mysqli_query($con,"UPDATE `course_groups_table` SET `Group_Member4` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
+ $_SESSION["info_ReMarking"]=$student_id . " was invited to the group";
+ header("Location: Course.php?url=".$url);
+ } else {
+ $_SESSION["info_ReMarking"]= " You cant add any more members";
+ header("Location: Course.php?url=".$url);
+
+ }
+ }
+ }
+}
+
+
+
+
+
+#Accept deny Group Invite
+
+if (!empty($_GET["acceptinvite"])) {
+
+ $student_id=$_GET["student_id"];
+ $url=$_GET["url"];
+ $action=$_GET["action"];
+ $groupid=$_GET["groupid"];
+
+ if($action==1)
+ {
+ $sql="Update `course_group_members_table` set Status='Joined' where Course_Group_id =$groupid and student_id=$student_id
";
- }
- else
- {
- $sql="Delete from `course_group_members_table` where Course_Group_id =$groupid and student_id=$student_id
+ }
+ else
+ {
+ $sql="Delete from `course_group_members_table` where Course_Group_id =$groupid and student_id=$student_id
";
- }
+ }
- if ($con->query($sql) === TRUE) {
- $_SESSION["info_ReMarking"]=" Group Invite Updated";
- header("Location: Course.php?url=".$url);
- } else {
- echo "Error: " . $sql . "<br>" . $con->error;
-}
+ if ($con->query($sql) === TRUE) {
+ $_SESSION["info_ReMarking"]=" Group Invite Updated";
+ header("Location: Course.php?url=".$url);
+ } else {
+ echo "Error: " . $sql . "<br>" . $con->error;
+ }
}
-
-
-
-
-
-
-
- #Extend Deadline
+#Extend Deadline
- if (!empty($_GET["extenddeadline"])) {
+if (!empty($_GET["extenddeadline"])) {
- $id=$_GET["id"];
- $date=$_GET["date"];
- $time=$_GET["time"];
- $type=$_GET["type"];
+ $id=$_GET["id"];
+ $date=$_GET["date"];
+ $time=$_GET["time"];
+ $type=$_GET["type"];
- $stdid=$_GET["stdid"];
- $reason =$_GET["reason"];
- $url =$_GET["url"];
- $deadline=$date." ".$time;
+ $stdid=$_GET["stdid"];
+ $reason =$_GET["reason"];
+ $url =$_GET["url"];
+ $deadline=$date." ".$time;
- if($type==1)
- {
-
- }
-
-
-
- if($type==1)
- {
- $sql="UPDATE `lab_reports_table` SET `Deadline`='$deadline' WHERE Lab_Report_ID=$id";
+ if($type==1)
+ {
+ $sql="UPDATE `lab_reports_table` SET `Deadline`='$deadline' WHERE Lab_Report_ID=$id";
- }
- else
- {
- $sql="INSERT INTO `extended_deadlines_table`(`Student_ID`, "
- . "`Lab_Report_ID`, `Extended_Deadline_Date`,"
- . " `ReasonsForExtension`) VALUES ($stdid,$id,'$deadline','$reason')";
-
+ }
+ else
+ {
+ $sql="INSERT INTO `extended_deadlines_table`(`Student_ID`, "
+ . "`Lab_Report_ID`, `Extended_Deadline_Date`,"
+ . " `ReasonsForExtension`) VALUES ($stdid,$id,'$deadline','$reason')";
- }
+ }
-
-
- if ($con->query($sql) === TRUE) {
+ if ($con->query($sql) === TRUE) {
- $_SESSION["info_courses"]=" Lab Report Deadline extended successfully.";
- header("Location: Courses.php?course=".$url);
+ $_SESSION["info_courses"]=" Lab Report Deadline extended successfully.";
+ header("Location: Courses.php?course=".$url);
- } else {
- echo "Error: " . $sql . "<br>" . $con->error;
-}
+ } else {
+ echo "Error: " . $sql . "<br>" . $con->error;
+ }
}
-
-
-
-
-
-
-
-
-
-
+#IGNORE Remarking Request
-
-
- #IGNORE Remarking Request
-
- if (!empty($_GET["ignoreremarking"])) {
+if (!empty($_GET["ignoreremarking"])) {
- $id=$_GET["id"];
- $total=$_GET["total"];
- $header=$_GET["header"];
+ $id=$_GET["id"];
+ $total=$_GET["total"];
+ $header=$_GET["header"];
- $subid=$_GET["subid"];
+ $subid=$_GET["subid"];
- $sql="UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID=$subid";
+ $sql="UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID=$subid";
- if ($con->query($sql) === TRUE) {
+ if ($con->query($sql) === TRUE) {
- $_SESSION["info_Marking"]="Remarking Request Ignored , Submission Updated to 'Marked' status";
- header("Location: Submissions.php?id=".$id."&header=".$header."&total=".$total);
+ $_SESSION["info_Marking"]="Remarking Request Ignored , Submission Updated to 'Marked' status";
+ header("Location: Submissions.php?id=".$id."&header=".$header."&total=".$total);
-} else {
- echo "Error: " . $sql . "<br>" . $con->error;
-}
+ } else {
+ echo "Error: " . $sql . "<br>" . $con->error;
+ }
- }
-
-
-
+}
+
+
+
+
+
+#Assign TA
-
-
-
-
-
-
-
-
- #Assign TA
-
- if (!empty($_GET["assignTA"])) {
+if (!empty($_GET["assignTA"])) {
- $id=$_GET["id"];
- $ta=$_GET["ta"];
+ $id=$_GET["id"];
+ $ta=$_GET["ta"];
- $sql="INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ($id,$ta)";
+ $sql="INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ($id,$ta)";
- if ($con->query($sql) === TRUE) {
+ if ($con->query($sql) === TRUE) {
- $_SESSION["info_Admin_Courses"]=$type." Course TA Assigned ";
- header("Location: Admin.php");
+ $_SESSION["info_Admin_Courses"]=$type." Course TA Assigned ";
+ header("Location: Admin.php");
-} else {
- echo "Error: " . $sql . "<br>" . $con->error;
-}
+ } else {
+ echo "Error: " . $sql . "<br>" . $con->error;
+ }
- }
-
-
-
-
-
-
-
-
-
-
-
-
- //ACCEPT STUDNTS JOINING COURSSS
-
- if (!empty($_GET["AcceptStudent"])) {
-
- $id=$_GET["id"];
- $rs=$_GET["rs"];
-
- if($rs=="yes")
- {
- $sql="Update course_students_table set Status='Joined' Where ID=$id";
-
-
- } else {
- $sql="Delete FROM course_students_table Where ID=$id";
- }
-
- if ($con->query($sql) === TRUE) {
-
-
- if($rs=="yes")
- {
- $_SESSION["info_courses"]="Course Joining request Approved.";
- }
- else {
- $_SESSION["info_courses"]="Course Joining request Declined & Removed.";
- }
-
-
-
-
- header("Location: Courses.php");
-
-
- }
- else {
- echo "Error: " . $sql . "<br>" . $con->error;
}
- }
+
+
+
+
+//ACCEPT STUDNTS JOINING COURSSS
+
+if (!empty($_GET["AcceptStudent"])) {
+
+ $id=$_GET["id"];
+ $rs=$_GET["rs"];
+
+ if($rs=="yes")
+ {
+ $sql="Update course_students_table set Status='Joined' Where ID=$id";
+
+
+ } else {
+ $sql="Delete FROM course_students_table Where ID=$id";
+ }
+
+ if ($con->query($sql) === TRUE) {
+
+
+ if($rs=="yes")
+ {
+ $_SESSION["info_courses"]="Course Joining request Approved.";
+ }
+ else {
+ $_SESSION["info_courses"]="Course Joining request Declined & Removed.";
+ }
+ header("Location: Courses.php");
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- //action=passchange&uid=1&pass=1929
+ }
+ else {
+ echo "Error: " . $sql . "<br>" . $con->error;
+ }
+
+}
+
+
+
+
+
+//action=passchange&uid=1&pass=1929
if (!empty($_GET["action"])) {
@@ -1409,23 +1128,23 @@ if (!empty($_GET["action"])) {
// validate uid
if (intval($uid) < 0) {
- header("Location: index.php");
- return;
+ header("Location: index.php");
+ return;
}
if($action=="passchange")
{
- $sql= "UPDATE users_table set Password='$pass' where User_ID=$uid;";
- if ($con->query($sql) === TRUE) {
+ $sql= "UPDATE users_table set Password='$pass' where User_ID=$uid;";
+ if ($con->query($sql) === TRUE) {
error_reporting(0);
echo "Password has been changed";
// return;
- $_SESSION["infoChangePassword"]=$type." User password was changed successfully.";
+ $_SESSION["infoChangePassword"]=$type." User password was changed successfully.";
header("Location: index.php");
- } else {
+ } else {
// echo "Error: " . $sql . "<br>" . $con->error;
- echo "Something really bad happened while changing password. Contact lanhui at zjnu.edu.cn. Thanks!";
+ echo "Something really bad happened while changing password. Contact lanhui at zjnu.edu.cn. Thanks!";
}
}
@@ -1433,117 +1152,89 @@ if (!empty($_GET["action"])) {
if($action=="statuschange")
{
$sql= "UPDATE users_table set Status='$status' where User_ID=$uid;";
- if ($con->query($sql) === TRUE) {
- $_SESSION["info_Admin_Users"]=$type." user Status updated successfully ";
- header("Location: Admin.php");
- } else {
- // echo "Error: " . $sql . "<br>" . $con->error;
- echo "Something really bad happened while changing status. Contact lanhui at zjnu.edu.cn. Thanks!";
- }
- }
- }
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- // ############################### CREATE STUDENT USER ##################################
- if (!empty($_POST["frm_createCourse"])) {
- $name=mysqli_real_escape_string($con,$_POST["name"]);
- $academic=mysqli_real_escape_string($con,$_POST["academic"]);
- $lecturer=mysqli_real_escape_string($con,$_POST["lecturer"]);
- $ta=mysqli_real_escape_string($con,$_POST["ta"]);
- $faculty=mysqli_real_escape_string($con,$_POST["faculty"]);
- $code=mysqli_real_escape_string($con,$_POST["code"]);
- $url=mysqli_real_escape_string($con,$_POST["url"]);
- $verify=mysqli_real_escape_string($con,$_POST["verify"]);
- $who=mysqli_real_escape_string($con,$_POST["l"]);
+ if ($con->query($sql) === TRUE) {
+ $_SESSION["info_Admin_Users"]=$type." user Status updated successfully ";
+ header("Location: Admin.php");
+ } else {
+ // echo "Error: " . $sql . "<br>" . $con->error;
+ echo "Something really bad happened while changing status. Contact lanhui at zjnu.edu.cn. Thanks!";
+ }
+ }
+}
+
+
+
+
+
+// ############################### CREATE STUDENT USER ##################################
+if (!empty($_POST["frm_createCourse"])) {
+ $name=mysqli_real_escape_string($con,$_POST["name"]);
+ $academic=mysqli_real_escape_string($con,$_POST["academic"]);
+ $lecturer=mysqli_real_escape_string($con,$_POST["lecturer"]);
+ $ta=mysqli_real_escape_string($con,$_POST["ta"]);
+ $faculty=mysqli_real_escape_string($con,$_POST["faculty"]);
+ $code=mysqli_real_escape_string($con,$_POST["code"]);
+ $url=mysqli_real_escape_string($con,$_POST["url"]);
+ $verify=mysqli_real_escape_string($con,$_POST["verify"]);
+ $who=mysqli_real_escape_string($con,$_POST["l"]);
- if($url=="")
- {
- $url= $code.$academic;
- }
+ if($url=="")
+ {
+ $url= $code.$academic;
+ }
- if($ta=="")
- {
- $ta=0;
- }
+ if($ta=="")
+ {
+ $ta=0;
+ }
- // check if email is taked
-// $result = mysqli_query($con,
-// "SELECT * FROM courses_table WHERE Course_Name='$name'");
-// if(mysqli_num_rows($result)!=0)
-// {
-// $_SESSION["info_Admin_Courses"]="Course Name : ".$name." already used.";
-// header("Location: Admin.php");
-// }
-//
+ // check if email is taked
+ // $result = mysqli_query($con,
+ // "SELECT * FROM courses_table WHERE Course_Name='$name'");
+ // if(mysqli_num_rows($result)!=0)
+ // {
+ // $_SESSION["info_Admin_Courses"]="Course Name : ".$name." already used.";
+ // header("Location: Admin.php");
+ // }
+ //
- $sql="INSERT INTO `courses_table`(`Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`)
+ $sql="INSERT INTO `courses_table`(`Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`)
VALUES ('$name','$academic','$faculty','$lecturer','$ta','$code','$url','$verify')";
- if ($con->query($sql) === TRUE) {
- $_SESSION["info_Admin_Courses"]="Course portal was Created successfully.";
- if($who=="l")
- {
- header("Location: Courses.php");
- } else
- {
- header("Location: Admin.php");
- }
+ if ($con->query($sql) === TRUE) {
+ $_SESSION["info_Admin_Courses"]="Course portal was Created successfully.";
+ if($who=="l")
+ {
+ header("Location: Courses.php");
+ } else
+ {
+ header("Location: Admin.php");
+ }
-} else {
- echo "Error: " . $sql . "<br>" . $con->error;
+ } else {
+ echo "Error: " . $sql . "<br>" . $con->error;
+ }
}
- }
+
+
+
+
+
+// Export grade
-
-
-
-
-
-
- //exportgrade
-
- if (!empty($_GET["exportgrade"])) {
+if (!empty($_GET["exportgrade"])) {
- $lab=$_GET["lab"];
- $lab_name=$_GET["lab_name"];
+ $lab=$_GET["lab"];
+ $lab_name=$_GET["lab_name"];
- error_reporting(0);
+ error_reporting(0);
- $select = "SELECT lab_reports_table.Title as 'LAB_Report', lab_reports_table.Marks as Lab_Marks,
+ $select = "SELECT lab_reports_table.Title as 'LAB_Report', lab_reports_table.Marks as Lab_Marks,
`Submission_Date`, lab_report_submissions.Student_id, users_table.Full_Name as Student_Name, lab_report_submissions.Marks,`Notes`
FROM `lab_report_submissions`
@@ -1555,55 +1246,48 @@ INNER JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_
WHERE lab_report_submissions.Lab_Report_ID=$lab";
- $export = mysqli_query($con,$select);
+ $export = mysqli_query($con,$select);
- $fields = mysqli_num_fields ( $export );
+ $fields = mysqli_num_fields ( $export );
-for ( $i = 0; $i < $fields; $i++ )
-{
- $header .= mysqli_fetch_field_direct( $export , $i )->name. "\t";
-}
-
-
-while( $row = mysqli_fetch_row( $export ) )
-{
- $line = '';
- foreach( $row as $value )
- {
- if ( ( !isset( $value ) ) || ( $value == "" ) )
- {
- $value = "\t";
- }
- else
- {
- $value = str_replace( '"' , '""' , $value );
- $value = '"' . $value . '"' . "\t";
- }
- $line .= $value;
+ for ( $i = 0; $i < $fields; $i++ )
+ {
+ $header .= mysqli_fetch_field_direct( $export , $i )->name. "\t";
}
- $data .= trim( $line ) . "\n";
+
+
+ while( $row = mysqli_fetch_row( $export ) )
+ {
+ $line = '';
+ foreach( $row as $value )
+ {
+ if ( ( !isset( $value ) ) || ( $value == "" ) )
+ {
+ $value = "\t";
+ }
+ else
+ {
+ $value = str_replace( '"' , '""' , $value );
+ $value = '"' . $value . '"' . "\t";
+ }
+ $line .= $value;
+ }
+ $data .= trim( $line ) . "\n";
+ }
+ $data = str_replace( "\r" , "" , $data );
+
+ if ( $data == "" )
+ {
+ $data = "\n(0) Records Found!\n";
+ }
+
+ header("Content-type: application/octet-stream");
+ header("Content-Disposition: attachment; filename=$lab_name Garde Sheet.xls");
+ header("Pragma: no-cache");
+ header("Expires: 0");
+ print "$header\n$data";
+
}
-$data = str_replace( "\r" , "" , $data );
-
-if ( $data == "" )
-{
- $data = "\n(0) Records Found!\n";
-}
-
-header("Content-type: application/octet-stream");
-header("Content-Disposition: attachment; filename=$lab_name Garde Sheet.xls");
-header("Pragma: no-cache");
-header("Expires: 0");
-print "$header\n$data";
-
-
-
-
-
-
- }
-
-
diff --git a/Submissions.php b/Submissions.php
index 688fe89..411fe75 100644
--- a/Submissions.php
+++ b/Submissions.php
@@ -1,40 +1,40 @@
+<?php
+include 'NoDirectPhpAcess.php';
+?>
<?php
$page='Courses+';
include 'Header.php';
- $student_id=$_SESSION["user_student_id"];
- $group_id=$_SESSION["user_group_id"];
- $c_date= date("Y-m-d H:i");
+$student_id = $_SESSION["user_student_id"];
+$group_id = $_SESSION["user_group_id"];
+$c_date = date("Y-m-d H:i");
- if(!empty($_GET["id"]))
- {
- $id=$_GET["id"];
- $course_id=$id;
- }
- if(!empty($_GET["header"]))
- {
- $header=$_GET["header"];
- }
+if(!empty($_GET["id"]))
+{
+ $id = $_GET["id"];
+ $course_id = $id;
+}
+
+if(!empty($_GET["header"]))
+{
+ $header = $_GET["header"];
+}
- if(!empty($_GET["total"]))
- {
- $total=$_GET["total"];
- } else
- {
- $total=0;
- }
+if(!empty($_GET["total"]))
+{
+ $total = $_GET["total"];
+} else
+{
+ $total = 0;
+}
- $resultx1 = mysqli_query($con,"SELECT `Lab_Report_ID`,Title, `Course_ID`, `Posted_Date`, `Deadline`, `Marks`, `Type` FROM `lab_reports_table` WHERE Lab_Report_ID=$id");
- while($row = mysqli_fetch_assoc($resultx1)) {
-
- $Report_Type=$row['Type'];
- $c_id=$row['Course_ID'];
- $Report_Title=$row['Title'];
-
-
-
- }
+$resultx1 = mysqli_query($con,"SELECT `Lab_Report_ID`,Title, `Course_ID`, `Posted_Date`, `Deadline`, `Marks`, `Type` FROM `lab_reports_table` WHERE Lab_Report_ID=$id");
+while($row = mysqli_fetch_assoc($resultx1)) {
+ $Report_Type = $row['Type'];
+ $c_id = $row['Course_ID'];
+ $Report_Title = $row['Title'];
+}
@@ -52,83 +52,83 @@ echo "<div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF
-<!-- Lecture CODE-->
+ <!-- Lecturer CODE-->
<?php
-if( $_SESSION['user_type']=="Lecturer" || $_SESSION['user_type']=="TA")
- {
+ if( $_SESSION['user_type']=="Lecturer" || $_SESSION['user_type']=="TA")
+ {
-?>
+ ?>
-<div class="col-md-12">
+ <div class="col-md-12">
- <?php
+<?php
-error_reporting(0);
+ error_reporting(0);
-if(isset($_SESSION['info_Marking'])) {
- echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Marking'].'</div>';
- $_SESSION['info_Marking']=null;
-}
+ if(isset($_SESSION['info_Marking'])) {
+ echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Marking'].'</div>';
+ $_SESSION['info_Marking']=null;
+ }
-$resultx1 = mysqli_query($con,"Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id");
- while($row = mysqli_fetch_assoc($resultx1)) {$count_subs=$row['cnt'];}
+ $resultx1 = mysqli_query($con,"Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id");
+ while($row = mysqli_fetch_assoc($resultx1)) {$count_subs=$row['cnt'];}
- $resultx2 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Marked'");
- if(mysqli_num_rows($resultx2)==0){$count_marked=0;} else { while($row = mysqli_fetch_assoc($resultx2)) {$count_marked =$row['cnt'];}}
+ $resultx2 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Marked'");
+ if(mysqli_num_rows($resultx2)==0){$count_marked=0;} else { while($row = mysqli_fetch_assoc($resultx2)) {$count_marked =$row['cnt'];}}
- $resultx3 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Pending'");
- if(mysqli_num_rows($resultx3)==0){$count_unmarked=0;} else { while($row = mysqli_fetch_assoc($resultx3)) {$count_unmarked =$row['cnt'];}}
+ $resultx3 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Pending'");
+ if(mysqli_num_rows($resultx3)==0){$count_unmarked=0;} else { while($row = mysqli_fetch_assoc($resultx3)) {$count_unmarked =$row['cnt'];}}
- $resultx4 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Remarking'");
- if(mysqli_num_rows($resultx4)==0){$count_remark=0;} else { while($row = mysqli_fetch_assoc($resultx4)) {$count_remark =$row['cnt'];}}
+ $resultx4 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Remarking'");
+ if(mysqli_num_rows($resultx4)==0){$count_remark=0;} else { while($row = mysqli_fetch_assoc($resultx4)) {$count_remark =$row['cnt'];}}
-?>
+ ?>
- <b>Lab Report Submissions (<?php echo $count_subs;?>)</b>
- <!-- Nav tabs -->
- <ul class="nav nav-tabs" role="tablist">
- <li class="nav-item">
+ <b>Lab Report Submissions (<?php echo $count_subs;?>)</b>
+ <!-- Nav tabs -->
+ <ul class="nav nav-tabs" role="tablist">
+ <li class="nav-item">
<a class="nav-link active" data-toggle="tab" href="#menu1">Un-Marked Submissions<b> (<?php echo $count_unmarked;?>)</b></a>
- </li>
- <li class="nav-item">
+ </li>
+ <li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu2">Marked Submissions <b>(<?php echo $count_marked;?>)</b></a>
- </li>
+ </li>
- <li class="nav-item">
+ <li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu3">Re-Marking Requests <b>(<?php echo $count_remark;?>)</b></a>
- </li>
+ </li>
- <li class="nav-item">
+ <li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu4"> View Course Groups</a>
- </li>
- </ul>
- <div class="tab-content">
- <div id="menu1" class="container tab-pane active"><br>
+ </li>
+ </ul>
+ <div class="tab-content">
+ <div id="menu1" class="container tab-pane active"><br>
- <?php
+<?php
-if($Report_Type=="Group")
-{
- $result1 = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
+ if($Report_Type=="Group")
+ {
+ $result1 = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
`Title`,course_groups_table.Group_Name
FROM `lab_report_submissions`
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Submission_Date desc");
-}
- else
- {
- $result1 = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
+ }
+ else
+ {
+ $result1 = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
`Title`,users_table.Full_Name,course_group_members_table.Student_ID
@@ -136,87 +136,95 @@ FROM `lab_report_submissions`
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Submission_Date desc");
- }
+ }
-if(mysqli_num_rows($result1)==0)
- {
- echo "No Un-Marked Submissions for this Lab Report.";
+ if(mysqli_num_rows($result1)==0)
+ {
+ echo "No Un-Marked Submissions for this Lab Report.";
- } else { while($row = mysqli_fetch_assoc($result1)) {
- $title=$row['Title'];
- $Marks=$row['Marks'];
- //$ins=$row['Notes'];
- $posted=$row['Submission_Date'];
- $deadline=$row['Deadline'];
- $att1=$row['Attachment1'];
- $att2=$row['Attachment2'];
- $att3=$row['Attachment3'];
- $att4=$row['Attachment4'];
- $labid=$row['Lab_Report_ID'];
+ } else {
+ while($row = mysqli_fetch_assoc($result1)) {
+ $title=$row['Title'];
+ $Marks=$row['Marks'];
+ $posted=$row['Submission_Date'];
+ $deadline=$row['Deadline'];
+ $att1=$row['Attachment1'];
+ $att2=$row['Attachment2'];
+ $att3=$row['Attachment3'];
+ $att4=$row['Attachment4'];
+ $labid=$row['Lab_Report_ID'];
- $submitted_std=$row['Student_id'];
- $submitted_group=$row['Course_Group_id'];
- $Submission_ID=$row['Submission_ID'];
- $names=$row['Full_Name'];
- $groupname=$row['Group_Name'];
- $student_id=$row['sub_std'];
+ $submitted_std=$row['Student_id'];
+ $submitted_group=$row['Course_Group_id'];
+ $Submission_ID=$row['Submission_ID'];
+ $names=$row['Full_Name'];
+ $groupname=$row['Group_Name'];
+ $student_id=$row['sub_std'];
- if($submitted_group==0)
- {
- $submitted_by= $names."(".$student_id.")";
- } else {
- $submitted_by="<i>(GROUP)</i> $groupname" ;
- }
+ if($submitted_group==0)
+ {
+ $submitted_by= $names."(".$student_id.")";
+ } else {
+ $submitted_by="<i>(GROUP)</i> $groupname" ;
+ }
+
+ $base_att1 = basename($att1);
+ $base_att2 = basename($att2);
+ $base_att3 = basename($att3);
+ $base_att4 = basename($att4);
+
+ $full_link = "<a href='~\..\Download.php?file=$att1&attachment=1'>$base_att1</a>"; // prevent students from directly accessing their classmates' submissions
+
+ if($att2!=""){
+ $full_link= $full_link." | <a href='~\..\Download.php?file=$att2&attachment=2'>$base_att2</a>";
+ }
+ if($att3!=""){
+ $full_link= $full_link." | <a href='~\..\Download.php?file=$att3&attachment=3'>$base_att3</a>";
+ }
+
+ if($att4!=""){
+ $full_link= $full_link." | <a href='~\..\Download.php?file=$att4&attachment=4'>$base_att4</a>";
+ }
+
- $full_link="<a href='~\..\Lab_Report_Submisions\\$att1'>$att1</a>";
-
- if($att2!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att2'>$att2</a>";
- }
- if($att3!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att3'>$att3</a>";
- }
-
- if($att4!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
- }
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
- $title <br> by : <b> $submitted_by </b>
- <br> <span style='font-size:8pt'>Submitted : $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark Submission</button><br> Attachments : $full_link </span>
+ $title <br> by: <b> $submitted_by </b>
+ <br> <span style='font-size:8pt'>Submitted at $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark Submission</button><br> Attachments : $full_link </span>
</div></k>";
- }}
- echo "";
- ?>
+ }
+ }
+ echo "";
+ ?>
- </div>
+ </div>
- <div id="menu2" class="container tab-pane"><br>
+ <div id="menu2" class="container tab-pane"><br>
- <?php
+<?php
-if($Report_Type=="Group")
-{
- $result = mysqli_query($con,"SELECT `Submission_ID`,Visibility, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
+ if($Report_Type=="Group")
+ {
+ $result = mysqli_query($con,"SELECT `Submission_ID`,Visibility, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
`Title`,course_groups_table.Group_Name
FROM `lab_report_submissions`
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Marked'");
-}
- else
- {
- $result = mysqli_query($con,"SELECT `Submission_ID`,Visibility, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
+ }
+ else
+ {
+ $result = mysqli_query($con,"SELECT `Submission_ID`,Visibility, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
`Title`,users_table.Full_Name,course_group_members_table.Student_ID
@@ -224,55 +232,55 @@ FROM `lab_report_submissions`
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Marked' Order by lab_report_submissions.Student_id Desc");
- }
+ }
- if(mysqli_num_rows($result)==0)
- {
- echo "No Marked submissions for this lab";
+ if(mysqli_num_rows($result)==0)
+ {
+ echo "No Marked submissions for this lab";
- } else {
+ } else {
- echo "<h3><a href='~\..\Script.php?exportgrade=true&lab=$id&lab_name=$Report_Title'><i class='fa fa-book'></i> Export Grade Sheet </a></h3>";
+ echo "<h3><a href='~\..\Script.php?exportgrade=true&lab=$id&lab_name=$Report_Title'><i class='fa fa-book'></i> Export Grade Sheet </a></h3>";
- while($row = mysqli_fetch_assoc($result)) {
- $title=$row['Title'];
- $Marks=$row['Marks'];
- //$ins=$row['Notes'];
- $posted=$row['Submission_Date'];
- $deadline=$row['Deadline'];
- $att1=$row['Attachment1'];
- $att2=$row['Attachment2'];
- $att3=$row['Attachment3'];
- $att4=$row['Attachment4'];
- $labid=$row['Lab_Report_ID'];
+ while($row = mysqli_fetch_assoc($result)) {
+ $title=$row['Title'];
+ $Marks=$row['Marks'];
+ //$ins=$row['Notes'];
+ $posted=$row['Submission_Date'];
+ $deadline=$row['Deadline'];
+ $att1=$row['Attachment1'];
+ $att2=$row['Attachment2'];
+ $att3=$row['Attachment3'];
+ $att4=$row['Attachment4'];
+ $labid=$row['Lab_Report_ID'];
- $submitted_std=$row['Student_id'];
- $submitted_group=$row['Course_Group_id'];
- $Submission_ID=$row['Submission_ID'];
- $names=$row['Full_Name'];
- $student_id=$row['sub_std'];
- $Visibility=$row['Visibility'];
- $notes=$row['Notes'];
+ $submitted_std=$row['Student_id'];
+ $submitted_group=$row['Course_Group_id'];
+ $Submission_ID=$row['Submission_ID'];
+ $names=$row['Full_Name'];
+ $student_id=$row['sub_std'];
+ $Visibility=$row['Visibility'];
+ $notes=$row['Notes'];
- if($submitted_group==0)
- {
- $submitted_by= $names."(".$student_id.")";
- } else {
- $submitted_by="<i>(GROUP)</i> Group X " ;
- }
+ if($submitted_group==0)
+ {
+ $submitted_by= $names."(".$student_id.")";
+ } else {
+ $submitted_by="<i>(GROUP)</i> Group X " ;
+ }
- $full_link="<a href='~\..\Lab_Report_Submisions\\$att1'>$att1</a>";
+ $full_link="<a href='~\..\Lab_Report_Submisions\\$att1'>$att1</a>";
- if($att2!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att2'>$att2</a>";
- }
- if($att3!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att3'>$att3</a>";
- }
+ if($att2!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att2'>$att2</a>";
+ }
+ if($att3!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att3'>$att3</a>";
+ }
- if($att4!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
- }
+ if($att4!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
+ }
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> by : <b> $submitted_by [ Marked $Marks ] </b> Visibility : <b>$Visibility </b> <button class='btn-sm btn-success' style='margin-left:50px;' onclick='updatev($Submission_ID)'>Update visibility</button>
<hr> Lecturer/TA notes : $notes<br> <span style='font-size:8pt'>Submitted : $posted <b> </b> <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Re-Mark Submission</button><br> Attachments : $full_link </span>
@@ -280,28 +288,28 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Marked' Order by lab
- }}
- echo "";
- ?>
+ }}
+ echo "";
+ ?>
- </div>
+ </div>
- <div id="menu3" class="container tab-pane"><br>
+ <div id="menu3" class="container tab-pane"><br>
- <?php
+<?php
- if($Report_Type=="Group")
-{
- $resulty = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
+ if($Report_Type=="Group")
+ {
+ $resulty = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, lab_report_submissions.Marks, lab_report_submissions.Status,
`Title`,course_groups_table.Group_Name
@@ -309,10 +317,10 @@ FROM `lab_report_submissions`
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
-}
-else
-{
- $resulty = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
+ }
+ else
+ {
+ $resulty = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Remarking_Reason,
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, lab_report_submissions.Marks, lab_report_submissions.Status,
@@ -321,69 +329,69 @@ FROM `lab_report_submissions`
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
-}
+ }
- if(mysqli_num_rows($resulty)==0)
- {
- echo "No Remarking Request for this lab";
+ if(mysqli_num_rows($resulty)==0)
+ {
+ echo "No Remarking Request for this lab";
- } else { while($row = mysqli_fetch_assoc($resulty)) {
- $title=$row['Title'];
- $Marks=$row['Marks'];
- //$ins=$row['Notes'];
- $posted=$row['Submission_Date'];
- $deadline=$row['Deadline'];
+ } else { while($row = mysqli_fetch_assoc($resulty)) {
+ $title=$row['Title'];
+ $Marks=$row['Marks'];
+ //$ins=$row['Notes'];
+ $posted=$row['Submission_Date'];
+ $deadline=$row['Deadline'];
- $att1=$row['Attachment1'];
- $att2=$row['Attachment2'];
- $att3=$row['Attachment3'];
- $att4=$row['Attachment4'];
- $labid=$row['Lab_Report_ID'];
+ $att1=$row['Attachment1'];
+ $att2=$row['Attachment2'];
+ $att3=$row['Attachment3'];
+ $att4=$row['Attachment4'];
+ $labid=$row['Lab_Report_ID'];
- $remarking_reason=$row['Remarking_Reason'];
+ $remarking_reason=$row['Remarking_Reason'];
- $submitted_std=$row['Student_id'];
- $submitted_group=$row['Course_Group_id'];
- $Submission_ID=$row['Submission_ID'];
- $names=$row['Full_Name'];
- $student_id=$row['sub_std'];
- $gname=$row['Group_Name '];
+ $submitted_std=$row['Student_id'];
+ $submitted_group=$row['Course_Group_id'];
+ $Submission_ID=$row['Submission_ID'];
+ $names=$row['Full_Name'];
+ $student_id=$row['sub_std'];
+ $gname=$row['Group_Name '];
- if($submitted_group==0)
- {
- $submitted_by= $names."(".$student_id.")";
- } else {
- $submitted_by="<i>(GROUP)</i> $gname" ;
- }
+ if($submitted_group==0)
+ {
+ $submitted_by= $names."(".$student_id.")";
+ } else {
+ $submitted_by="<i>(GROUP)</i> $gname" ;
+ }
- $full_link="<a href='~\..\Lab_Report_Submisions\\$att1'>$att1</a>";
+ $full_link="<a href='~\..\Lab_Report_Submisions\\$att1'>$att1</a>";
- if($att2!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att2'>$att2</a>";
- }
- if($att3!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att3'>$att3</a>";
- }
+ if($att2!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att2'>$att2</a>";
+ }
+ if($att3!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att3'>$att3</a>";
+ }
- if($att4!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
- }
+ if($att4!=""){
+ $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
+ }
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> by : <b> $submitted_by [ Marked $Marks ] </b> <br> Remarking Reason : <b>$remarking_reason </b>
<hr> <span style='font-size:8pt'>Submitted : $posted <b> </b> "
- . "<button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Re-Mark Submission</button>"
- . " <a href='~\..\Script.php?ignoreremarking=yes&id=$id&subid=$Submission_ID&header=$header&total=$total&status=Marked' class='btn-sm btn-warning'> Ignore Request </a>"
- . "<br> Attachments : $full_link </span>
+ . "<button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Re-Mark Submission</button>"
+ . " <a href='~\..\Script.php?ignoreremarking=yes&id=$id&subid=$Submission_ID&header=$header&total=$total&status=Marked' class='btn-sm btn-warning'> Ignore Request </a>"
+ . "<br> Attachments : $full_link </span>
</div></k>";
- }}
- echo "";
- ?>
+ }}
+ echo "";
+ ?>
- </div>
+ </div>
@@ -391,48 +399,48 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
- <div id="menu4" class="container tab-pane"><br>
+ <div id="menu4" class="container tab-pane"><br>
- <h3>Course Groups</h3>
+ <h3>Course Groups</h3>
<hr>
- <?php
+<?php
- $result = mysqli_query($con," SELECT `Course_Group_id`, `Group_Name`, `Group_Leader`, `Course_id`,users_table.Full_Name
+ $result = mysqli_query($con," SELECT `Course_Group_id`, `Group_Name`, `Group_Leader`, `Course_id`,users_table.Full_Name
FROM `course_groups_table`
INNER JOIN users_table on users_table.Student_ID=course_groups_table.Group_Leader
WHERE Course_id=$c_id");
-if(mysqli_num_rows($result)==0)
- {
- echo "You have no Group in this Course";
- } else { while($row = mysqli_fetch_assoc($result)) {
- $name=$row['Group_Name'];
- $leader=$row['Full_Name']."(".$row['Group_Leader'].")";
- $id= $row['Course_Group_id'];
+ if(mysqli_num_rows($result)==0)
+ {
+ echo "You have no Group in this Course";
+ } else { while($row = mysqli_fetch_assoc($result)) {
+ $name=$row['Group_Name'];
+ $leader=$row['Full_Name']."(".$row['Group_Leader'].")";
+ $id= $row['Course_Group_id'];
- echo "<div class='btn-default'><small> $name - Leader : $leader </small></div>";
+ echo "<div class='btn-default'><small> $name - Leader : $leader </small></div>";
- $rs2=mysqli_query($con,"SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID,
+ $rs2=mysqli_query($con,"SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID,
course_group_members_table.`Status`,users_table.Full_Name FROM `course_group_members_table`
INNER JOIN users_table on users_table.Student_ID=course_group_members_table.Student_ID
where course_group_members_table.Course_Group_id=$id");
- while($row = mysqli_fetch_assoc($rs2)) {
- $name=$row['Full_Name'];
- $id=$row['Course_Group_id'];
- $status=$row['Status'];
- $Student_ID=$row['Student_ID'];
+ while($row = mysqli_fetch_assoc($rs2)) {
+ $name=$row['Full_Name'];
+ $id=$row['Course_Group_id'];
+ $status=$row['Status'];
+ $Student_ID=$row['Student_ID'];
- echo "<li><small> $name-$Student_ID ($status)</small></li>";
+ echo "<li><small> $name-$Student_ID ($status)</small></li>";
- }
+ }
@@ -440,190 +448,100 @@ where course_group_members_table.Course_Group_id=$id");
- }
+ }
}
- ?>
+ ?>
- </div>
+ </div>
- </div>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-</div>
+ </div>
+ </div>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- </div>
+ </div>
<?php
- }
- include 'Footer.php';
- ?>
+ }
+include 'Footer.php';
+?>
-
-
-
-
-<script src="https://code.jquery.com/jquery-1.11.1.min.js"></script>
+<script src="./css/jquery-1.11.1.min.js"></script>
-<script src="https://code.jquery.com/ui/1.11.1/jquery-ui.min.js"></script>
+<script src="./css/jquery-ui.min.js"></script>
+
+<link rel="stylesheet" href="./css/jquery-ui.css" />
-<link rel="stylesheet" href="https://code.jquery.com/ui/1.11.1/themes/smoothness/jquery-ui.css" />
<script>
+
+
function mark(id,title,marks) {
- try
- {
+ try
+ {
- $('<form id="frm" method="get" action="Script.php">'+title+'('+marks+' marks) <input type="hidden" name="savemarks" value="true">\n\
+ $('<form id="frm" method="get" action="Script.php">'+title+'('+marks+' marks) <input type="hidden" name="savemarks" value="true">\n\
<input type="hidden" name="total" value="'+marks+'" > <input type="hidden" name="id" value="'+id+'" ><br> Marks <input type="text" name="marks">\n\
Comments <textarea name="feedback"></textarea> \n\
<input type="hidden" name="labid" value="<?php echo $course_id; ?>"> <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({
- modal: true,
- title:'Mark Submission',
- buttons: {
- 'Submit Marking': function () {
- $('#frm').submit();
+ modal: true,
+ title:'Mark Submission',
+ buttons: {
+ 'Submit Marking': function () {
+ $('#frm').submit();
- $(this).dialog('close');
- },
- 'X': function () {
+ $(this).dialog('close');
+ },
+ 'X': function () {
- $(this).dialog('close');
- }
+ $(this).dialog('close');
+ }
- }
-});
+ }
+ });
- }catch(e){ alert(e); }
-}
+ }catch(e){ alert(e); }
+ }
- function updatev(id) {
+function updatev(id)
+{
try
{
- $('<form id="frm" method="get" action="Script.php"> <input type="hidden" name="updatevisibility" value="true">\n\
+ $('<form id="frm" method="get" action="Script.php"> <input type="hidden" name="updatevisibility" value="true">\n\
<input type="hidden" name="id" value="'+id+'" > <br>\n\
Update Visibility<br><select name="status"> <option> Public </option><option>Private</option> </select> \n\
<input type="hidden" name="labid" value="<?php echo $id; ?>"> <input type="hidden" name="total" value="<?php echo $total; ?>" > <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({
- modal: true,
- title:'Update Report Visibility',
- buttons: {
- 'Update': function () {
- $('#frm').submit();
+ modal: true,
+ title:'Update Report Visibility',
+ buttons: {
+ 'Update': function () {
+ $('#frm').submit();
- $(this).dialog('close');
- },
- 'X': function () {
+ $(this).dialog('close');
+ },
+ 'X': function () {
- $(this).dialog('close');
- }
+ $(this).dialog('close');
+ }
- }
-});
+ }
+ });
}catch(e){ alert(e); }
}
- </script>
+</script>
diff --git a/SubmitLab.php b/SubmitLab.php
index 97d186c..edb9f91 100644
--- a/SubmitLab.php
+++ b/SubmitLab.php
@@ -1,157 +1,135 @@
+<?php
+include 'NoDirectPhpAcess.php';
+?>
+
<?php
$page='Submit LAB+';
include 'Header.php';
?>
<div class='row' style='width:80%;margin:auto;'>
+
+
<?php
- $c_date= date("Y-m-d H:i");
- $student_id=$_SESSION["user_student_id"];
-
-
- $student_id=$_SESSION["user_student_id"];
+$c_date = date("Y-m-d H:i");
+$student_id = $_SESSION["user_student_id"];
- if(!empty($_GET["id"]))
- {
- $id=$_GET["id"];
- $url=$_GET["url"];
+if(!empty($_GET["id"]))
+{
+ $id = $_GET["id"];
+ $url = $_GET["url"];
- $result1 = mysqli_query($con," SELECT Type, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, "
- . "`Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and deadline > '$c_date' ORDER by Lab_Report_ID DESC");
-if(mysqli_num_rows($result1)==0)
+ $result1 = mysqli_query($con," SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and Deadline > '$c_date' ORDER by Lab_Report_ID DESC");
+ if(mysqli_num_rows($result1) == 0)
{
- echo "No Active assignments for this course so far.";
+ echo "No active assignments for this course so far.";
- } else { while($row = mysqli_fetch_assoc($result1)) {
+ } else {
- $Course_ID=$row['Course_ID'];
- $title=$row['Title'];
- $ins=$row['Instructions'];
- $posted=$row['Posted_Date'];
- $deadline=$row['Deadline'];
- $att1=$row['Attachment_link_1'];
- $att2=$row['Attachment_link_2'];
- $att3=$row['Attachment_link_3'];
- $att4=$row['Attachment_link_4'];
- $labid=$row['Lab_Report_ID'];
-
- $type=$row['Type'];
+ while($row = mysqli_fetch_assoc($result1)) {
- //----------------------------------Giving both Group Admin and Group Members same priviledges to submit assignment--------------------------------------
- if($type=="Group"){
- $resultx1 = mysqli_query($con,"SELECT Course_Group_id FROM `course_groups_table` WHERE (Course_id=$Course_ID) and ((Group_Member=$student_id ) or (Group_Member2=$student_id ) or (Group_Member3=$student_id ) or (Group_Member4=$student_id ) or(Group_Leader=$student_id))");
+ $Course_ID = $row['Course_ID'];
+ $title = $row['Title'];
+ $ins = $row['Instructions'];
+ $posted = $row['Posted_Date'];
+ $deadline = $row['Deadline'];
+ $att1 = $row['Attachment_link_1'];
+ $att2 = $row['Attachment_link_2'];
+ $att3 = $row['Attachment_link_3'];
+ $att4 = $row['Attachment_link_4'];
+ $labid = $row['Lab_Report_ID'];
+ $type = $row['Type'];
+
+ //----------------------------------Giving both the Group Admin and Group Members same priviledges to submit assignment--------------------------------------
+ if($type=="Group"){
+ $resultx1 = mysqli_query($con,"SELECT Course_Group_id FROM `course_groups_table` WHERE (Course_id=$Course_ID) and ((Group_Member=$student_id ) or (Group_Member2=$student_id ) or (Group_Member3=$student_id ) or (Group_Member4=$student_id ) or (Group_Leader=$student_id))");
while($row = mysqli_fetch_assoc($resultx1)) {
- $_SESSION["Group_ID"]=$row['Course_Group_id'];}
+ $_SESSION["Group_ID"] = $row['Course_Group_id'];
+ }
- if($_SESSION["Group_ID"]<1)
- {
- echo" <center><h3> This Lab report can only be submitted by Group Admin </h3> </center> ";
- return;
- }
- }
+ if($_SESSION["Group_ID"] < 1)
+ {
+ echo" <center><h3> This Lab report can only be submitted by Group Admin </h3> </center> ";
+ return;
+ }
+ }
+ $full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
-
- $full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
+ if($att2!=""){
+ $full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
+ }
+ if($att3!=""){
+ $full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
+ }
- if($att2!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
- }
- if($att3!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
- }
-
- if($att4!=""){
- $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
- }
+ if($att4!=""){
+ $full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
+ }
-
- echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
+ echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
Courses > $url > Submlit Lab Report > $title
<br>
</a></div>
";
-
-// echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;width:100%;'>
-// $title <br> <span style='font-size:8pt'> $ins</span>
-// <br> <span style='font-size:8pt'>Posted : $posted Deadline : $deadline <br> Attachments : $full_link </span>
-//</div></k>";
-
-
-
-
-
-
- echo "";
-
-
-
-
-
-
-
- }}
-
-
- }
- $Group_ID=$_SESSION["Group_ID"];
+
+ echo "";
+ }
+ }
+}
+
+$Group_ID = $_SESSION["Group_ID"];
+
?>
-
-
-
-
-
-
</div>
+
+
+
+
<div style="width:80%;margin:auto;">
- <h3> Submit Lab Report Assignment </h3>
- <hr>
+ <h3> Submit Lab Report Assignment </h3>
+ <hr>
<div class="row">
- <div class="col-md-6">
+ <div class="col-md-6">
-
-<form method='post' enctype='multipart/form-data' action='Script.php'>
- <input type='hidden' name='frm_submitlab' value='true' required=''/>
- <input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/>
- <input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/>
-
- <input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required=''/>
- <input type='hidden' name='url' value='<?php echo $url; ?>' required=''/>
+ <form method='post' enctype='multipart/form-data' action='Script.php'>
+ <input type='hidden' name='frm_submitlab' value='true' required=''/>
+ <input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/>
+ <input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/>
+ <input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required=''/>
+ <input type='hidden' name='url' value='<?php echo $url; ?>' required=''/>
-
-
-Title
-<input type='text' name='title' placeholder='Ttle' class='form-control' required=''>
- Attachment 1
-<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
+ Title
+ <input type='text' name='title' placeholder='Ttle' class='form-control' required=''>
- Attachment 2
-<input type='file' name='attachment2' placeholder='Attachment 1' class='form-control'>
+ Attachment 1
+ <input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
- </div>
- <div class="col-md-6">
+ Attachment 2
+ <input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
+ </div>
- Attachment 3
-<input type='file' name='attachment3' placeholder='Attachment 1' class='form-control' >
+ <div class="col-md-6">
+ Attachment 3
+ <input type='file' name='attachment3' placeholder='Attachment 3' class='form-control' >
- Attachment 4
-<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
-<br>
- <input type='submit' class='btn btn-primary' value='Submit Lab Assignment'><br>
-</form>
+ Attachment 4
+ <input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
+ <br>
+
+ <input type='submit' class='btn btn-primary' value='Submit Lab Assignment'><br>
+ </form>
+ </div>
-
-
-</div>
- </div>
+ </div>
- </div>
\ No newline at end of file
+</div>
diff --git a/index.php b/index.php
index 72594c3..1f3fb3e 100644
--- a/index.php
+++ b/index.php
@@ -1,137 +1,129 @@
-
-
-
<?php
$page='Home';
include 'Header.php';
-
session_start();
-
?>
-
-
+<?php
+// if the user has already logged in, then clicking the LRRS icon should not display the login page (i.e., index.php).
+if (isset($_SESSION["user_fullname"])) {
+ header("Location: Courses.php");
+}
+?>
<br><br><br>
<div class="row" style="width:80%;margin:auto;">
<div class="col-md-4">
- <br><br>
- <img src="logo_text.png" style="width">
- <h1> Lab Report Repository System </h1>
- <br><br>
+ <br><br>
+ <img src="logo_text.png" style="width">
+ <h1> Lab Report Repository </h1>
+ <br><br>
</div>
-
-<div class="col-md-4 list-group">
+ <div class="col-md-4 list-group">
<br>
-<h4 class="list-group-item active"> Sign in </h4>
-<div class="list-group-item">
+ <h4 class="list-group-item active"> Sign in </h4>
+ <div class="list-group-item">
<div class="panel-body">
-<form method="post" action="Script.php" name="frm_login">
- <input type="hidden" name="frm_login" value="true"/>
-Student ID / Email
-<input type="text" name="user" placeholder="Email / Student Number" class="form-control" required="required" />
+
+
+ <form method="post" action="Script.php" name="frm_login">
+ <input type="hidden" name="frm_login" value="true"/>
+ Student ID / Email
+ <input type="text" name="user" placeholder="Email / Student Number" class="form-control" required="required" />
- Password
-<input type="password" class="form-control" name="password" placeholder="password" required="required" />
- <br>
- <input type="submit" class="btn btn-primary" value="Login"><br> <a href="recover_password.php" style="font-weight:normal;color:orange">Reset my password</a>
-
-<?php
-
-error_reporting(E_ALL);
-
-if(isset($_SESSION['info_login'])) {
- echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_login'].'</div>';
- $_SESSION['info_login']=null;
-}
+ Password
+ <input type="password" class="form-control" name="password" placeholder="password" required="required" />
+ <br>
+ <input type="submit" class="btn btn-primary" value="Login"><br> <a href="recover_password.php" style="font-weight:normal;color:gray">Reset my password</a>
-// wrong pass
-if(isset($_SESSION['wrong_pass'])) {
- echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['wrong_pass'].'</div>';
- $_SESSION['wrong_pass']=null;
-}
-
-
-if(isset($_SESSION['infoChangePassword'])) {
- echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['infoChangePassword'].'</div>';
- $_SESSION['infoChangePassword']=null;
-}
-
-
-?>
-</form>
-
-</div>
-
-</div>
-</div>
-<div class="col-md-4 list-group">
-
+ <?php
+
+ error_reporting(E_ALL);
+
+ if(isset($_SESSION['info_login'])) {
+ echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_login'].'</div>';
+ $_SESSION['info_login']=null;
+ }
+
+
+ // wrong pass
+ if(isset($_SESSION['wrong_pass'])) {
+ echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['wrong_pass'].'</div>';
+ $_SESSION['wrong_pass']=null;
+ }
+
+
+ if(isset($_SESSION['infoChangePassword'])) {
+ echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['infoChangePassword'].'</div>';
+ $_SESSION['infoChangePassword']=null;
+ }
- <br>
-<h4 class="list-group-item active"> Student sign up </h4>
-<div class="list-group-item">
+ ?>
-<form method="post" action="Script.php" name="frm_signup_1">
+ </form>
+
+</div>
+</div>
+</div>
+
+
+<div class="col-md-4 list-group">
+
+ <br>
+ <h4 class="list-group-item active"> Sign up </h4>
+ <div class="list-group-item">
+
+ <form method="post" action="Script.php" name="frm_signup_1">
<input type="hidden" name="frm_signup_1" value="true"/>
Student ID
-<input type="text" name="student_id" placeholder="Entre your Student ID" class="form-control" required="">
+ <input type="text" name="student_id" placeholder="Entre your Student ID" class="form-control" required="">
-Your Passport / National ID
- <input type="text" class="form-control" name="passport" placeholder="(Optional)">
- <br>
- <input type="submit" name="frm_signup_1" class="btn btn-primary" value="Next"> <br> Click Next to set up password
-<?php
+ Your Passport / National ID
+ <input type="text" class="form-control" name="passport" placeholder="(Optional)">
+ <br>
+ <input type="submit" name="frm_signup_1" class="btn btn-primary" value="Next"> <br> Click Next to set up password
-error_reporting(E_ALL);
-if(isset($_SESSION['info_signup1'])) {
- echo '<div class="alert alert-danger" role="alert">'.$_SESSION['info_signup1'].'</div>';
- $_SESSION['info_signup1']=null;
-}
-?>
-
-</div>
-</form>
+ <?php
+
+ error_reporting(E_ALL);
+ if(isset($_SESSION['info_signup1'])) {
+ echo '<div class="alert alert-danger" role="alert">'.$_SESSION['info_signup1'].'</div>';
+ $_SESSION['info_signup1']=null;
+ }
+
+ ?>
+
+ </div>
+ </form>
+
</div>
</div>
</div>
-
-
-
-
-
-
-
-
-
-
-
-
<hr>
<div style="" id="footer">
-LRRS was originally developed as a <a href="http://lanlab.org/course/2018f/se/homepage.html" style="color:white;">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi. Please submit your suggestions or bug reports to lanhui _at_ zjnu.edu.cn. Last updated on 18/04/2020 by Ashly. <a href="./homepage" style="color:white;">More information ...</a>
-</div>
+ LRRS was originally developed as a <a href="http://lanlab.org/course/2018f/se/homepage.html" style="color:white;">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi. Please submit your suggestions or bug reports to lanhui _at_ zjnu.edu.cn. Last updated on 18/04/2020 by Ashly. <a href="./homepage" style="color:white;">More information ...</a>
+ </div>
-</body>
+ </body>
<style>
#footer{
- position:fixed;
- bottom:0;
- left:0;
+position:fixed;
+bottom:0;
+left:0;
background-color:#03417C;
color:#FFF;
text-align:center;
@@ -139,4 +131,3 @@ width:100%;
}
</style>
</html>
-
diff --git a/recover_password.php b/recover_password.php
index 2eb4709..387d6ae 100644
--- a/recover_password.php
+++ b/recover_password.php
@@ -1,3 +1,7 @@
+<?php
+ include 'NoDirectPhpAcess.php';
+?>
+
<?php
/*
diff --git a/signup.php b/signup.php
index 9817d02..562ea58 100644
--- a/signup.php
+++ b/signup.php
@@ -1,59 +1,50 @@
<?php
+include 'NoDirectPhpAcess.php';
+?>
-/*
- * To change this license header, choose License Headers in Project Properties.
- * To change this template file, choose Tools | Templates
- * and open the template in the editor.
- */
+<?php
include 'Header.php';
-
?>
<div class="row">
-<div class="col-md-4 list-group" style="margin:auto;">
+ <div class="col-md-4 list-group" style="margin:auto;">
<br>
-<h4 class="list-group-item active"> Sign Up </h4>
-<div class="list-group-item">
+ <h4 class="list-group-item active"> Please fill in each field below </h4>
+ <div class="list-group-item">
<div class="panel-body">
-<form method="post" action="Script.php" >
- <input type="hidden" name="frm_signup_2" value="true"/>
- Full Name
- <input type="text" name="fullname" placeholder="Your Full Name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>" required="required"/>
+ <form method="post" action="Script.php" >
+ <input type="hidden" name="frm_signup_2" value="true"/>
+ Full Name
+ <input type="text" name="fullname" placeholder="Your Full Name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>" required="required"/>
- Email
- <input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" />
+ Email
+ <input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" />
- Password
- <input type="password" class="form-control" name="password" placeholder="password" required="required" />
+ Password (<i>must include uppercase and lowercase letters, digits and special characters</i>)
+ <input type="password" class="form-control" name="password" placeholder="password" required="required" />
- Confirm Password
- <input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password" required="required" />
- <br>
- <input type="submit" class="btn btn-primary" value="Sign up">
+ Confirm Password
+ <input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password" required="required" />
+ <br>
+ <input type="submit" class="btn btn-primary" value="Sign up">
<?php
-
-
error_reporting(E_ALL);
if(isset($_SESSION['info_signup2'])) {
- echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_signup2'].'</div>';
- $_SESSION['info_signup2'] = null;
+ echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_signup2'].'</div>';
+ $_SESSION['info_signup2'] = null;
}
-
?>
</form>
-</div>
-
-</div>
-</div>
+
</div>
-</form>
-</div>
- </div>
\ No newline at end of file
+</div>
+</div>
+</div>