malango
/
LRR
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #46 from lanlab-org/Hui-LoginWithStudentNumber 

Script.php: allow people to log in when they give a valid student number.
Bug460-Malango
Software Project Management 2020-09-26 20:35:18 +08:00 committed by GitHub
parent cd0085b919 df3b48553a
commit b37df84b72
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
17 changed files with 918 additions and 778 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

695
Admin.php
View File

@ -1,335 +1,362 @@
<?php
$page="admin";
include 'Header.php';
?>
<style>
.col-md-4{
border-right: 1px solid skyblue;
}
</style>
<br>
<div style="width: 80%;margin: auto;"> <h2> Administration Panel </h2> </div>
<hr>
<div class="row" style="width: 80%;margin: auto;">
<!--<h4>General system Settings</h4><hr>
<a href="" class="btn btn-lg btn-primary">View System Log </a>
<hr>
Lab Privacy Mode: (STUDENT VERIFICATION)
<hr>
-->
<div class="col-md-6">
<h4> User account Management </h4><hr>
<b>Lecturer / TA Accounts </b><br>
<div class="container">
<!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist">
<li class="nav-item">
<a class="nav-link active" data-toggle="tab" href="#home">Create New Account</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu1">Existing Accounts</a>
</li>
</ul>
<!-- Tab panes -->
<div class="tab-content">
<div id="home" class="container tab-pane active"><br>
<b>Create Lecturer/TA Accounts </b>
<form method="post" action="Script.php">
<input type="hidden" name="frm_createlecturrer" value="true" required=""/>
Full_Name
<input type="text" name="fullname" placeholder="Full Name" class="form-control" required="">
Email
<input type="text" name="email" placeholder="Email / Student Number" class="form-control" required="">
Passport_Number / ID (Used as Intial Password)
<input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required="">
<br> User Type :
<input type="radio" name="type" value="Lecturer" required=""> Lecturer
<input type="radio" name="type" value="TA" required=""> T/A
<input type="submit" class="btn btn-primary" value="Create"><br>
<?php
error_reporting(E_ALL);
if(isset($_SESSION['info_Admin_Users'])) {
echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Admin_Users'].'</div>';
$_SESSION['info_Admin_Users']=null;
}
if(isset($_SESSION['info_Admin_Users'])) {
echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Admin_Users'].'</div>';
$_SESSION['info_Admin_Users']=null;
}
?>
</form>
<hr>
</div>
<div id="menu1" class="container tab-pane fade"><br>
<table class="table-bordered" style="font-size: 10pt;">
<tr style="font-size:10pt;">
<th>ID</th>
<th>Name</th>
<th>Email</th>
<th>Passport / ID </th>
<th>Reset Password </th>
<th>Block/Activate </th>
</tr>
<?php
$result = mysqli_query($con,
"SELECT * FROM Users_Table WHERE UserType in ('Lecturer','TA')");
while($row = mysqli_fetch_assoc($result)) {
$pass=$row['Passport_Number'];
$btn="<button class='btn-primary' onclick=\"updatePass(".$row['User_ID'].",'$pass')\">Reset</button>";
if($row['Status']=="Active")
{ $newstatus="Blocked";
$btnBlock="<button class='btn-danger' onclick=\"blockUser(".$row['User_ID'].",'$newstatus')\">Block</button>";
}else{
$newstatus="Active";
$btnBlock="<button class='btn-success' onclick=\"blockUser(".$row['User_ID'].",'$newstatus')\">Activate</button>";
}
echo "<tr><td>".$row['User_ID']."</td><td>".$row['Full_Name']."</td><td>".$row['Email']."</td> <td>".$row['Passport_Number']."</td><td>$btn</td><td>$btnBlock</td></tr>";
}
?></table>
</div>
</div>
</div>
</div>
<div class="col-md-6">
<div class="container">
<!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist">
<li class="nav-item">
<a class="nav-link active" data-toggle="tab" href="#menua"> Course Portal </a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menub">Existing Courses</a>
</li>
</ul>
<!-- Tab panes -->
<div class="tab-content">
<div id="menua" class="container tab-pane active"><br>
<hr>
<b>Create new Portal </b>
<form method="post" action="Script.php">
<input type="hidden" name="frm_createCourse" value="true" required=""/>
Course Name
<input type="text" name="name" placeholder="Course Name" class="form-control" required="">
Course Code
<input type="text" name="code" placeholder="Course Code" class="form-control" required="">
URL (Leave blank to use Course Name)
<input type="text" name="url" placeholder="Choose Custom URL " class="form-control" required="">
Academic Year
<input type="text" name="academic" placeholder="Academic Year" class="form-control" required="">
Faculty <br>
<input type="text" name="faculty" placeholder="Faculty" class="form-control" required="">
Assign Lecturer
<br>
<select name="lecturer" class="form-control">
<?php
$result = mysqli_query($con,"SELECT * FROM Users_Table WHERE UserType='Lecturer'");
if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) {
$id=$row['User_ID'];
$name=$row['Full_Name'];
echo "<option value='$id'> $name </option>";
}}?>
</select>
Assigned T/A <br>
<select name="ta" class="form-control">
<?php
$result = mysqli_query($con,"SELECT * FROM Users_Table WHERE UserType='TA'");
if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) {
$id=$row['User_ID'];
$name=$row['Full_Name'];
echo "<option value='$id'> $name </option>";
}}?>
</select>
Verify Joining Students
<input type="radio" name="verify" value="1"> Yes
<input type="radio" name="verify" value="0" checked=""> No
<br>
<input type="submit" class="btn btn-primary" value="Create Portal"><br>
</form>
<?php
error_reporting(E_ALL);
if(isset($_SESSION['info_Admin_Courses'])) {
echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Admin_Courses'].'</div>';
$_SESSION['info_Admin_Courses']=null;
}
if(isset($_SESSION['info_Admin_Courses'])) {
echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Admin_Courses'].'</div>';
$_SESSION['info_Admin_Courses']=null;
}
?>
</div>
<div id="menub" class="container tab-pane fade"><br>
<b> Existing Course Portals </b>
<hr>
<table class="table-bordered" style="font-size: 10pt;">
<tr> <th>Course Name </th> <th> Faculty </th> <th>Lecturer </th> <th>TAs</th> <th>Assign new TA </th> </tr>
<?php
$result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID");
if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) {
$name=$row['Course_Name'];
$code=$row['Course_Code'];
$faculty=$row['Faculty'];
$lecturer=$row['Full_Name'];
$academic=$row['Academic_Year'];
$c_id=$row['Course_ID'];
$resultTA = mysqli_query($con,"SELECT `Course_ID`, `TA`,users_table.Full_Name as TA_NAME FROM `course_ta`
INNER JOIN users_table on users_table.User_ID=course_ta.TA
where course_ta.Course_ID=$c_id");
$ta="";
while($rowTA = mysqli_fetch_assoc($resultTA)) {
$ta=$ta." - ".$rowTA['TA_NAME'];
}
echo"
<tr> <td>$code - $name</td> <td>$faculty </td> <td>$lecturer</td><td>$ta</td> <td><form method='get' action='Script.php'> <select name='ta' class=''>";
$resultx = mysqli_query($con,"SELECT * FROM Users_Table WHERE UserType='TA'");
if(mysqli_num_rows($resultx)==0)
{} else { while($row = mysqli_fetch_assoc($resultx)) {
$id=$row['User_ID'];
$name=$row['Full_Name'];
echo "<option value='$id'> $name </option>";
}}
echo "</select> <input type='hidden' name='assignTA' value='true'> <input type='hidden' name='id' value='$c_id'> <input type='submit' value='assign'></form> </td></tr>
";
}}?>
</table>
</div>
</div>
</div>
<script>
function updatePass(id,pass)
{
if(!confirm('Are you to Reset User Password'))
{
return;
}
window.location.href="\Script.php\?action=passchange&uid="+id+"&pass="+pass;
}
function blockUser(id,status)
{
if(!confirm('Are you to change User Status'))
{
return;
}
window.location.href="\Script.php\?action=statuschange&uid="+id+"&status="+status;
}
<?php
$page="admin";
include 'Header.php';
?>
<?php
if ($_SESSION['user_type'] != "Lecturer") {
$_SESSION["info_login"]="You must log in first.";
echo $_SESSION["info_login"];
header("Location: index.php");
}
?>
<style>
.col-md-4{
border-right: 1px solid skyblue;
}
</style>
<br>
<div style="width: 80%;margin: auto;"> <h2> Administration Panel </h2> </div>
<hr>
<div class="row" style="width: 80%;margin: auto;">
<!--<h4>General system Settings</h4><hr>
<a href="" class="btn btn-lg btn-primary">View System Log </a>
<hr>
Lab Privacy Mode: (STUDENT VERIFICATION)
<hr>
-->
<div class="col-md-6">
<h4> User account Management </h4><hr>
<b>Lecturer / TA Accounts </b><br>
<div class="container">
<!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist">
<li class="nav-item">
<a class="nav-link active" data-toggle="tab" href="#home">Create New Account</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu2">Batch Create New Student Accounts</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu1">Existing Accounts</a>
</li>
</ul>
<!-- Tab panes -->
<div class="tab-content">
<div id="home" class="container tab-pane active"><br>
<b>Create Lecturer/TA Accounts </b>
<form method="post" action="Script.php">
<input type="hidden" name="frm_createlecturrer" value="true" required=""/>
Full_Name
<input type="text" name="fullname" placeholder="Full Name" class="form-control" required="">
Email
<input type="text" name="email" placeholder="Email / Student Number" class="form-control" required="">
Passport_Number / ID (Used as Intial Password)
<input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required="">
<br> User Type :
<input type="radio" name="type" value="Lecturer" required=""> Lecturer
<input type="radio" name="type" value="TA" required=""> T/A
<input type="submit" class="btn btn-primary" value="Create"><br>
<?php
error_reporting(E_ALL);
if(isset($_SESSION['info_Admin_Users'])) {
echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Admin_Users'].'</div>';
$_SESSION['info_Admin_Users']=null;
}
if(isset($_SESSION['info_Admin_Users'])) {
echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Admin_Users'].'</div>';
$_SESSION['info_Admin_Users']=null;
}
?>
</form>
<hr>
</div>
<div id="menu1" class="container tab-pane fade"><br>
<table class="table-bordered" style="font-size: 10pt;">
<tr style="font-size:10pt;">
<th>ID</th>
<th>Name</th>
<th>Email</th>
<th>Passport / ID </th>
<th>Reset Password </th>
<th>Block/Activate </th>
</tr>
<?php
$result = mysqli_query($con,
"SELECT * FROM Users_Table WHERE UserType in ('Lecturer','TA')");
while($row = mysqli_fetch_assoc($result)) {
$pass=$row['Passport_Number'];
$btn="<button class='btn-primary' onclick=\"updatePass(".$row['User_ID'].",'$pass')\">Reset</button>";
if($row['Status']=="Active")
{ $newstatus="Blocked";
$btnBlock="<button class='btn-danger' onclick=\"blockUser(".$row['User_ID'].",'$newstatus')\">Block</button>";
}else{
$newstatus="Active";
$btnBlock="<button class='btn-success' onclick=\"blockUser(".$row['User_ID'].",'$newstatus')\">Activate</button>";
}
echo "<tr><td>".$row['User_ID']."</td><td>".$row['Full_Name']."</td><td>".$row['Email']."</td> <td>".$row['Passport_Number']."</td><td>$btn</td><td>$btnBlock</td></tr>";
}
?></table>
</div>
<!-- code contributed by Xu Xiaopeng (https://github.com/xxp1999) -->
<div id="menu2" class="container tab-pane fade" style="margin-top:10px" >
<b>Please separate student numbers with spaces.</b><br>
<form action="batch_insert.php" method="post">
<p>
<textarea cols="80" rows="16" name="users" required=""></textarea>
</p>
<input type="submit" class="btn btn-primary" value="Create All"><br>
</form>
</div>
</div>
</div>
</div>
<div class="col-md-6">
<div class="container">
<!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist">
<li class="nav-item">
<a class="nav-link active" data-toggle="tab" href="#menua"> Course Portal </a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menub">Existing Courses</a>
</li>
</ul>
<!-- Tab panes -->
<div class="tab-content">
<div id="menua" class="container tab-pane active"><br>
<hr>
<b>Create new Portal </b>
<form method="post" action="Script.php">
<input type="hidden" name="frm_createCourse" value="true" required=""/>
Course Name
<input type="text" name="name" placeholder="Course Name" class="form-control" required="">
Course Code
<input type="text" name="code" placeholder="Course Code" class="form-control" required="">
URL (Leave blank to use Course Name)
<input type="text" name="url" placeholder="Choose Custom URL " class="form-control" required="">
Academic Year
<input type="text" name="academic" placeholder="Academic Year" class="form-control" required="">
Faculty <br>
<input type="text" name="faculty" placeholder="Faculty" class="form-control" required="">
Assign Lecturer
<br>
<select name="lecturer" class="form-control">
<?php
$result = mysqli_query($con,"SELECT * FROM Users_Table WHERE UserType='Lecturer'");
if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) {
$id=$row['User_ID'];
$name=$row['Full_Name'];
echo "<option value='$id'> $name </option>";
}}?>
</select>
Assigned T/A <br>
<select name="ta" class="form-control">
<?php
$result = mysqli_query($con,"SELECT * FROM Users_Table WHERE UserType='TA'");
if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) {
$id=$row['User_ID'];
$name=$row['Full_Name'];
echo "<option value='$id'> $name </option>";
}}?>
</select>
Verify Joining Students
<input type="radio" name="verify" value="1"> Yes
<input type="radio" name="verify" value="0" checked=""> No
<br>
<input type="submit" class="btn btn-primary" value="Create Portal"><br>
</form>
<?php
error_reporting(E_ALL);
if(isset($_SESSION['info_Admin_Courses'])) {
echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Admin_Courses'].'</div>';
$_SESSION['info_Admin_Courses']=null;
}
if(isset($_SESSION['info_Admin_Courses'])) {
echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Admin_Courses'].'</div>';
$_SESSION['info_Admin_Courses']=null;
}
?>
</div>
<div id="menub" class="container tab-pane fade"><br>
<b> Existing Course Portals </b>
<hr>
<table class="table-bordered" style="font-size: 10pt;">
<tr> <th>Course Name </th> <th> Faculty </th> <th>Lecturer </th> <th>TAs</th> <th>Assign new TA </th> </tr>
<?php
$result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID");
if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) {
$name=$row['Course_Name'];
$code=$row['Course_Code'];
$faculty=$row['Faculty'];
$lecturer=$row['Full_Name'];
$academic=$row['Academic_Year'];
$c_id=$row['Course_ID'];
$resultTA = mysqli_query($con,"SELECT `Course_ID`, `TA`,users_table.Full_Name as TA_NAME FROM `course_ta`
INNER JOIN users_table on users_table.User_ID=course_ta.TA
where course_ta.Course_ID=$c_id");
$ta="";
while($rowTA = mysqli_fetch_assoc($resultTA)) {
$ta=$ta." - ".$rowTA['TA_NAME'];
}
echo"
<tr> <td>$code - $name</td> <td>$faculty </td> <td>$lecturer</td><td>$ta</td> <td><form method='get' action='Script.php'> <select name='ta' class=''>";
$resultx = mysqli_query($con,"SELECT * FROM Users_Table WHERE UserType='TA'");
if(mysqli_num_rows($resultx)==0)
{} else { while($row = mysqli_fetch_assoc($resultx)) {
$id=$row['User_ID'];
$name=$row['Full_Name'];
echo "<option value='$id'> $name </option>";
}}
echo "</select> <input type='hidden' name='assignTA' value='true'> <input type='hidden' name='id' value='$c_id'> <input type='submit' value='assign'></form> </td></tr>
";
}}?>
</table>
</div>
</div>
</div>
<script>
function updatePass(id,pass)
{
if(!confirm('Are you to Reset User Password'))
{
return;
}
window.location.href="\Script.php\?action=passchange&uid="+id+"&pass="+pass;
}
function blockUser(id,status)
{
if(!confirm('Are you to change User Status'))
{
return;
}
window.location.href="\Script.php\?action=statuschange&uid="+id+"&status="+status;
}
</script>

39
Connect.php
View File

@ -1,23 +1,16 @@
<?php
$servername = "localhost";
$username = "root";
$password = "";
// $servername = "sql202.epizy.com";
// $username = "epiz_23626301";
// $password = "wtn2rmj3";
// Create connection
$con = new mysqli($servername, $username, $password,'lrr');
// Check connection
if ($con->connect_error) {
die("Database Connection failed: " . $conn->connect_error);
}
// else
// {
// echo "Connected";
// }
session_start();
<?php
session_start();
$con=mysqli_connect("localhost","username","password","lrr");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
else
{
echo "Connected";
}

29
Course.php
View File

@ -15,7 +15,9 @@ include 'Header.php';
. " ON users_table.User_ID=courses_table.Lecturer_User_ID where URL='$course_url' ");
if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) {
{echo "should not be here";} else {
while($row = mysqli_fetch_assoc($result)) {
$name=$row['Course_Name'];
$code=$row['Course_Code'];
$faculty=$row['Faculty'];
@ -27,7 +29,7 @@ include 'Header.php';
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
Courses > $name ($code) > Lab Reports
<br> <span style='font-size:8pt'>Faculty : $faculty Year : $academic Lecturer :$lecturer </span>
<br> <span style='font-size:8pt'>Faculty: $faculty | Year: $academic | Lecturer: $lecturer </span>
</a></div>
@ -75,7 +77,7 @@ if( $_SESSION['user_type']=="Student")
<!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist">
<li class="nav-item">
<a class="nav-link active" data-toggle="tab" href="#menu1">New Labs Reports</a>
<a class="nav-link active" data-toggle="tab" href="#menu1">New Lab Reports</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu2">Missed Lab Reports </a>
@ -100,20 +102,18 @@ course_groups_table on course_group_members_table.Course_Group_id = course_grou
WHERE course_group_members_table.Student_ID=$student_id and course_groups_table.Course_id=$course_id";
$resultx1 = mysqli_query($con,$sql);
$resultx1 = mysqli_query($con,$sql);
while($row = mysqli_fetch_assoc($resultx1)) {$_SESSION['group_id']=$row['Course_Group_id'];}
$group_id=$_SESSION['group_id'];
if($group_id==""){$group_id=-1;}
$group_id=$_SESSION['group_id'];
$var="SELECT Type,Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
FROM `lab_reports_table` WHERE Course_ID=$course_id "
. ""
. "and (deadline > '$c_date' or Lab_Report_ID in (SELECT `Lab_Report_ID` FROM `extended_deadlines_table`"
. "and (Deadline > '$c_date' or Lab_Report_ID in (SELECT `Lab_Report_ID` FROM `extended_deadlines_table`"
. " WHERE Lab_Report_ID in (select Lab_Report_ID from lab_reports_table where Course_ID=$course_id) and Student_ID=$student_id and Extended_Deadline_Date > '$c_date') ) "
. ""
. ""
@ -124,9 +124,7 @@ $var="SELECT Type,Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `
. ""
. " ORDER by Lab_Report_ID DESC";
$result1 = mysqli_query($con,$var);
$result1 = mysqli_query($con,$var);
if(mysqli_num_rows($result1)==0)
{
@ -652,11 +650,10 @@ where course_group_members_table.Course_Group_id=$id");
?>
<script src="css/jquery-1.11.1.min.js"></script>
<script src="css/jquery-ui.min.js"></script>
<script src="./css/jquery-1.11.1.min.js"></script>
<script src="./css/jquery-ui.min.js"></script>
<link rel="stylesheet" href="./css/jquery-ui.css" />
<link rel="stylesheet" href="css/jquery-ui.css" />
<script>
function CreateGroup() {

18
Courses.php
View File

@ -29,12 +29,12 @@ $user_d=$_SESSION['user_id'];
<div class="row" style="width:80%;margin:auto; text-align:left;">
<script src="css/jquery-1.11.1.min.js"></script>
<script src="css/jquery-ui.min.js"></script>
<link rel="stylesheet" href="css/jquery-ui.css" />
<script src="./css/jquery-1.11.1.min.js"></script>
<script src="./css/jquery-ui.min.js"></script>
<link rel="stylesheet" href="./css/jquery-ui.css" />
<script>
@ -139,7 +139,7 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
$sql = "UPDATE `lab_reports_table` SET `Deadline` = ('" . $Deadline . "'), `Instructions` = ('" . $instructions . "'), `Title` = ('" . $title . "'), `Marks` = ('" . $marks . "') WHERE `lab_reports_table`.`Lab_Report_ID` = '$getid'";
if ($con->query($sql) === TRUE) {
$_SESSION["info_updated"]="Assignment information updated successfully.";
$_SESSION["info_Updated"]="Information Updated Successfull";
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -253,9 +253,9 @@ Submission Type <input type='radio' name='type' value='Individual' required=''>
echo "<div class='col-md-7'> <h3> Lab Report Assignment list </h3>";
error_reporting(0);
if(isset($_SESSION["info_updated"])){
echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_updated'] . '</div>';
$_SESSION['info_updated'] = null;
if(isset($_SESSION["info_Updated"])){
echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Updated'] . '</div>';
$_SESSION['info_Updated'] = null;
}
if (isset($_SESSION['info_courses'])) {
echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_courses'] . '</div>';

44
Footer.php
View File

@ -1,23 +1,23 @@
<br><br><br><br><br><br><br><br><br>
<div style="background-color:;width:100%di">
<br><br><br><br><br><br><br><br><br>
<div style="background-color:;width:100%di">
</div>

37
Header.php
View File

@ -5,7 +5,7 @@ error_reporting(0);
date_default_timezone_set('Asia/Shanghai');
$con=mysqli_connect("localhost","root","","lrr");
$con=mysqli_connect("localhost","username","password","lrr");
// Check connection
if (mysqli_connect_errno())
{
@ -25,15 +25,14 @@ else
<html>
<header>
<title>Lab Report Repository System</title>
<link href="css/bootstrap.min.css" rel="stylesheet" type="text/css"/>
<link href="font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css"/>
<script src="http://118.25.96.118/nor/css/jquery.min.js" type="text/javascript"></script>
<script src="http://118.25.96.118/nor/css/bootsrap.min.js" type="text/javascript"></script>
<link href="http://118.25.96.118/nor/css/bootstrap.min.css" rel="stylesheet" type="text/css"/>
<script src="http://118.25.96.118/nor/css/jquery.datetimepicker.min.js" type="text/javascript"></script>
<link rel = "shortcut icon" href = "logo_text.png">
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css"/>
<link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css"/>
<script src="./css/jquery.min.js" type="text/javascript"></script>
<script src="./css/bootsrap.min.js" type="text/javascript"></script>
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css"/>
<script src="./css/jquery.datetimepicker.min.js" type="text/javascript"></script>
@ -60,7 +59,7 @@ else
<li class="nav-item active">
<li class="nav-item active">
<a class='nav-link' href='~\..\Visitors.php'> <i class='fa fa-globe'></i> Visitor Portal <span class='sr-only'>(current)</span></a>
<!-- <a class='nav-link' href='~\..\Visitors.php'> <i class='fa fa-globe'></i> Visitor Portal <span class='sr-only'>(current)</span></a> -->
</li>
<?php
if(isset($_SESSION["user_fullname"]))
@ -83,12 +82,18 @@ else
?>
<?php
if ($_SESSION['user_type'] == "Lecturer") {
echo "&nbsp;&nbsp;&nbsp; <i class=\"fa fa-cog\" style=\"color:#fff;\"> </i> &nbsp;<a style='color:#fff !important' href=\"~\..\Admin.php\">Admin </a>";
}
?>
&nbsp;&nbsp;&nbsp; <i class="fa fa-user" style="color:#fff;"> </i>
&nbsp;<a href="#" style='color:#fff !important' onclick="updatePass(<?php echo $_SESSION['user_id'];?>)">Update password</a>
&nbsp;&nbsp;&nbsp; <i class="fa fa-lock" style="color:#fff;"> </i> &nbsp;<a style='color:#fff !important' href="~\..\logout.php">Logout </a>
&nbsp; | &nbsp;<a href="#" style='color:#fff !important' onclick="updatePass(<?php echo $_SESSION['user_id'];?>)">Update Password</a>
<?php
}
?>
@ -162,9 +167,9 @@ else
function updatePass(id)
{
var pass= prompt("Enter your New Password : ", "...");
var pass= prompt("Enter your new password : ", "...");
if(!confirm('Are you sure to Reset your Password?'))
if(!confirm('Are you sure to reset your password?'))
{
return;
}

2
Reset_password.php
View File

@ -46,4 +46,4 @@ $email=$_GET['email'];
</div>
</form>
</div>
</div>
</div>

304
Script.php
View File

@ -10,7 +10,7 @@
session_start();
date_default_timezone_set('Asia/Shanghai');
// CONNeCTION
$con=mysqli_connect("localhost","Teecloudy","5q7Ol2e!#!","lrr");
$con=mysqli_connect("localhost","username","password","lrr");
// Check connection
if (mysqli_connect_errno())
{
@ -30,17 +30,30 @@ if (mysqli_connect_errno())
error_reporting(0);
if (!empty($_POST["frm_signup_1"])) {
$student_id=mysqli_real_escape_string($con,$_POST["student_id"]);
$passport=mysqli_real_escape_string($con,$_POST["passport"]);
echo $student_id.' and '.$passport;
$student_id = mysqli_real_escape_string($con,$_POST["student_id"]);
$passport = mysqli_real_escape_string($con,$_POST["passport"]);
// validate student number
if (strlen($student_id) != 12 || is_numeric($student_id) == FALSE) {
$_SESSION["info_signup1"] = "Invalid student number.";
header("Location: index.php");
return;
}
// passport should be empty (not used)
if (strcmp(trim($passport), '') != 0) {
$_SESSION["info_signup1"] = "Passport is disused. Please leave it empty.";
header("Location: index.php");
return;
}
$result = mysqli_query($con,
"SELECT * FROM `students_data` WHERE Student_ID='$student_id'");
// Just removed this condition from the above command and (Passport_Number='$passport' or Passport_Number = '')
if(mysqli_num_rows($result)==0)
{
$_SESSION["info_signup1"]="Student Information could not be verified ! Please contact Student Management Office.";
$_SESSION["info_signup1"]="Student number could not be verified! Please contact Student Management Office (lanhui at zjnu.edu.cn). Thanks.";
header("Location: index.php");
return;
}
@ -61,7 +74,7 @@ if (!empty($_POST["frm_signup_1"])) {
}
else
{
$_SESSION["info_signup1"]="Student ID already in use ! Please contact Student Management Office if you failed to login to your account.";
$_SESSION["info_signup1"]="Student ID already in use! Please contact Student Management Office (lanhui at zjnu.edu.cn).";
header("Location: index.php");
return;
}
@ -83,35 +96,40 @@ if (!empty($_POST["frm_signup_1"])) {
// ############################### CREATE STUDENT USER ##################################
if (!empty($_POST["frm_signup_2"])) {
$email=mysqli_real_escape_string($con,$_POST["email"]);
$password=mysqli_real_escape_string($con,$_POST["password"]);
$confirmpassword=mysqli_real_escape_string($con,$_POST["confirmpassword"]);
$fullname=mysqli_real_escape_string($con,$_POST["fullname"]);
$student_id=$_SESSION['user_student_id'];
$passport= $_SESSION['user_passport'];
$_SESSION['user_fullname']=$fullname;
$_SESSION['user_type']="Student";
$_SESSION['user_email']=$email;
$email = mysqli_real_escape_string($con,$_POST["email"]);
$password = mysqli_real_escape_string($con,$_POST["password"]);
$confirmpassword = mysqli_real_escape_string($con,$_POST["confirmpassword"]);
$fullname = mysqli_real_escape_string($con,$_POST["fullname"]);
$student_id = $_SESSION['user_student_id'];
$passport = $_SESSION['user_passport'];
$_SESSION['user_fullname'] = $fullname;
$_SESSION['user_type'] = "Student";
$_SESSION['user_email'] = $email;
// check confirmed password
if ( strcasecmp( $password, $confirmpassword ) != 0 ){
$_SESSION['info_signup2']="Incorrect Password confirmation";
header("Location: signup.php");
return;
$_SESSION['info_signup2']="Password confirmation failed.";
header("Location: signup.php");
return;
}
// $containsLetter = preg_match('/[a-zA-Z]/', $password);
// $containsDigit = preg_match('/\d/', $password);
// $containsSpecial = preg_match('/[^a-zA-Z\d]/', $password);
$upperLetter = preg_match('@[A-Z]@', $password);
$smallLetter = preg_match('@[a-z]@', $password);
$containsDigit = preg_match('@[0-9]@', $password);
$containsSpecial = preg_match('@[^\w]@', $password);
// validate email
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$_SESSION['info_signup2']="Invalid email address.";
header("Location: signup.php");
return;
}
$upperLetter = preg_match('@[A-Z]@', $password);
$smallLetter = preg_match('@[a-z]@', $password);
$containsDigit = preg_match('@[0-9]@', $password);
$containsSpecial = preg_match('@[^\w]@', $password);
$containsAll = $upperLetter && $smallLetter && $containsDigit && $containsSpecial;
// check for strong password
if($containsAll < 8)
{
$_SESSION['info_signup2']="Password should contain Letters , Numbers and sepcial characters";
header("Location: signup.php");
return;
// check for strong password
if($containsAll < 8) {
$_SESSION['info_signup2']="Password must have at least characters that include letters, numbers and sepcial characters.";
header("Location: signup.php");
return;
}
// check if email is taked
$result = mysqli_query($con,
@ -128,12 +146,12 @@ if (!empty($_POST["frm_signup_1"])) {
. "('$email','$password_hash','$fullname','Student','$student_id','$passport')";
if ($con->query($sql) === TRUE) {
header("Location: Courses.php");
} else {
echo "Error: " . $sql . "<br>" . $con->error;
header("Location: Courses.php");
} else {
// echo "Error: " . $sql . "<br>" . $con->error;
echo "Something really bad happend during sign up.";
}
}
}
@ -142,23 +160,41 @@ if (!empty($_POST["frm_signup_1"])) {
if (!empty($_POST["frm_login"])) {
$user=mysqli_real_escape_string($con,$_POST["user"]);
$is_student_number = 0;
// Validate student number
if (is_numeric($user) && strlen($user) != 12) {
$_SESSION["info_login"] = "Invalid student number:"."$user";
header("Location: index.php");
return;
} else {
$is_student_number = 1;
}
if ($is_student_number == 0 && !filter_var($user, FILTER_VALIDATE_EMAIL)) {
$_SESSION["info_login"] = "Invalid email address: "."$user";
header("Location: index.php");
return;
}
$password=mysqli_real_escape_string($con,$_POST["password"]);
// $hashed_password=hash('sha512', $password); Not necessary in the login
$result = mysqli_query($con, "SELECT * FROM users_table WHERE (Email='$user')");
$result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')");
if(mysqli_num_rows($result)==0)
{
$_SESSION["info_login"]="Inavlid login Information.";
$_SESSION["info_login"]="Inavlid login information.";
echo $_SESSION["info_login"];
echo $_SESSION["info_login"];
header("Location: index.php");
header("Location: index.php");
}
else
{
while($row = mysqli_fetch_assoc($result)) {
// verify the hashed password and unhashed password
$sha512pass = hash('sha512', $password); // for backward compatibility. Old passwords were hashed using SHA512 algorithm.
if(password_verify($password, $row["Password"]) or $sha512pass == $row["HashPassword"] or $password == $row["Password"]){
if(password_verify($password, $row["Password"]) or $sha512pass == $row["HashPassword"]) {
$_SESSION['user_id']=$row['User_ID'];
$_SESSION['user_email']=$row['Email'];
$_SESSION['user_student_id']=$row['Student_ID'];
@ -205,85 +241,39 @@ header("Location: index.php");
// ################################ Recover Password #####################################
if (!empty($_POST["frm_recover_password"])) {
$email=mysqli_real_escape_string($con,$_POST["email"]);
$result = mysqli_query($con,
"SELECT * FROM Users_Table WHERE email='$email'");
if(mysqli_num_rows($result)==0)
{
$_SESSION["info_recover_password"]="Email address is not recognised.";
$student_id = mysqli_real_escape_string($con,$_POST["sno"]);
$email = mysqli_real_escape_string($con,$_POST["email"]);
echo "Email address was not recognised";
return;
header("Location: recover_password.php");
}
else
{
while($row = mysqli_fetch_assoc($result)) {
// validate student number
if (strlen($student_id) != 12 || is_numeric($student_id) == FALSE) {
echo "Invalid student number.";
return;
}
$userid=$row['User_ID'];
$email=urlencode($row['Email']);
$pure_email=$row['Email'];
$id=$row['Student_ID'];
$token=$userid*$userid*$userid+$userid*0.00343;
$name=$row['Full_Name'];
$link="<a href='http://118.25.96.118/nor/Reset_password.php?token=$token&email=$email'>Click Here (点击这里) </a>";
$msg=urlencode(" <h3>Lab Report Repository System - ZJNU</h3> <br> Hi <b>"
.$name.
" </b> Here is your password recovery link , "
.$link.
" to reset your password , <br> please ignore this message if you did not request password recovery.<br><br> <hr><br><br>
您好 $name, 这是你的密码恢复链接,点击上面的链接 重置你的密码,
如果您没有请求密码恢复,请忽略此消息。 <br><br><br><br><br> <small>LRR System by Mohamed Nor. </small><hr>");
$title=urlencode("Password recovery Request for LRR system - ZJNU ");
$url="http://sms.samesoftware.com/email/send/?Subject=$title&Body=$msg&ToAddress=$email&token=s1234";
//$response = file_get_contents($url);
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
$data = curl_exec($ch);
if(curl_errno($ch))
echo 'Curl error: '.curl_error($ch);
curl_close ($ch);
echo $data."<hr>";
$_SESSION["info_login"]="<br> Please check your Inbox & Junk folders for the recovery email , a reset link was sent to your email <b> $pure_email </b>";
header("Location: index.php");
}
}
// validate email
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo "Invalid email address.";
return;
}
$result = mysqli_query($con, "SELECT * FROM users_table WHERE Email='$email' and Student_ID='$student_id'");
if(mysqli_num_rows($result)==0)
{
$_SESSION["info_recover_password"]="Email address is not recognised.";
$_SESSION["info_recover_password"] = "Identity not recognized. Try again or send an inquiry email message to lanhui at zjnu.edu.cn.";
header("Location: recover_password.php");
} else
{
$result = mysqli_query($con, "DELETE FROM users_table WHERE Email='$email' and Student_ID='$student_id'");
$_SESSION["info_recover_password"] = "<b>Reset done. Please go to the sign up page and sign up again</b>.";
header("Location: recover_password.php");
}
}
@ -826,21 +816,18 @@ if(strlen($_FILES['attachment1']['name']) > 2 ) {
$sql1="Delete from lab_report_submissions where Lab_Report_ID=$lab_id and Student_id=$student_id and Course_Group_id=$group_id";
if ($con->query($sql1) === TRUE) {
}
// When $group_id is not properly initialized, use integer 0 as its value.
// This temporarily fixed the "Students unable to submit assignment after a recent change" bug at http://118.25.96.118/bugzilla/show_bug.cgi?id=65
if (trim($group_id) === '') { // when $group_id is an empty string or contains only whitespace characters.
$group_id = 0; // FIXME
}
$sql="INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`,"
. " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)"
. " VALUES ('$date',$lab_id,$student_id,$group_id,'$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4',"
. "'Pending','$title','')";
if ($con->query($sql) === TRUE) {
if($_SESSION['Sub_Type']=='Individual')
// {
@ -1402,47 +1389,54 @@ header("Location: Course.php?url=".$url);
//action=passchange&uid=1&pass=1929
if (!empty($_GET["action"])) {
if (!empty($_GET["action"])) {
$action=$_GET["action"];
$uid=$_GET["uid"];
$pass=$_GET["pass"];
$status=$_GET["status"];
$action=$_GET["action"];
$uid=$_GET["uid"];
$pass = $_GET["pass"];
$pass = password_hash($pass, PASSWORD_DEFAULT);
$status=$_GET["status"];
// validate uid
if (intval($uid) < 0) {
header("Location: index.php");
return;
}
if($action=="passchange")
{
$sql= "UPDATE users_table set Password='$pass' where User_ID=$uid;";
if ($con->query($sql) === TRUE) {
error_reporting(0);
echo "Password has been changed";
return;
$_SESSION["info_Admin_Users"]=$type." User Password was Reset to his/her Passport/ID successfully ";
header("Location: Admin.php");
}
}
else {
echo "Error: " . $sql . "<br>" . $con->error;
}
if($action=="statuschange")
{
$sql= "UPDATE users_table set Status='$status' where User_ID=$uid;";
if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"]=$type." user Status updated successfully ";
header("Location: Admin.php");
if($action=="passchange")
{
$sql= "UPDATE users_table set Password='$pass' where User_ID=$uid;";
if ($con->query($sql) === TRUE) {
error_reporting(0);
echo "Password has been changed";
// return;
$_SESSION["infoChangePassword"]=$type." User password was changed successfully.";
header("Location: index.php");
} else {
// echo "Error: " . $sql . "<br>" . $con->error;
echo "Something really bad happened while changing password. Contact lanhui at zjnu.edu.cn. Thanks!";
}
}
if($action=="statuschange")
{
$sql= "UPDATE users_table set Status='$status' where User_ID=$uid;";
if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"]=$type." user Status updated successfully ";
header("Location: Admin.php");
} else {
// echo "Error: " . $sql . "<br>" . $con->error;
echo "Something really bad happened while changing status. Contact lanhui at zjnu.edu.cn. Thanks!";
}
}
}else {
echo "Error: " . $sql . "<br>" . $con->error;
}
}
}

40
Student.php
View File

@ -1,20 +1,20 @@
<?php
$page="student";
include 'Header.php';
?>
<br><br><br>
<div class="row" style="width:80%;margin:auto;">
<div class="col-md-6">
<h1> STUEDNT Account Created , Now you can Browse Course Portals </h1>
</div>
</div>
<?php
$page="student";
include 'Header.php';
?>
<br><br><br>
<div class="row" style="width:80%;margin:auto;">
<div class="col-md-6">
<h1> STUEDNT Account Created , Now you can Browse Course Portals </h1>
</div>
</div>

7
Submissions.php
View File

@ -556,11 +556,11 @@ where course_group_members_table.Course_Group_id=$id");
<script src="css/jquery-1.11.1.min.js"></script>
<script src="https://code.jquery.com/jquery-1.11.1.min.js"></script>
<script src="css/jquery-ui.min.js"></script>
<script src="https://code.jquery.com/ui/1.11.1/jquery-ui.min.js"></script>
<link rel="stylesheet" href="css/jquery-ui.css" />
<link rel="stylesheet" href="https://code.jquery.com/ui/1.11.1/themes/smoothness/jquery-ui.css" />
<script>
function mark(id,title,marks) {
@ -626,3 +626,4 @@ Update Visibility<br><select name="status"> <option> Public </option><option>Pri
}
</script>

134
Visitors.php
View File

@ -1,67 +1,67 @@
<?php
$page='Submit LAB+';
include 'Header.php';
?>
<div class='row' style='width:80%;margin:auto;'>
<?php
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
LRRS > Visitor Portal > Public Lab Reports
<br> <span style='font-size:8pt'> </span>
</a></div>
";
$result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Student_id,
`Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, `Title`, `Visibility` ,
users_table.Full_Name,course_groups_table.Group_Name
FROM `lab_report_submissions`
left join users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
WHERE Visibility='Public' ");
if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) {
$att1=$row['Attachment1'];
$att2=$row['Attachment2'];
$sdate=$row['Submission_Date'];
$att3=$row['Attachment3'];
$att4=$row['Attachment4'];
$labid=$row['Lab_Report_ID'];
$title=$row['Title'];
$submitted_std=$row['Student_id'];
$submitted_group=$row['Course_Group_id'];
$Submission_ID=$row['Submission_ID'];
$sname=$row['Full_Name'];
$gname=$row['Group_Name'];
$Visibility=$row['Visibility'];
$full_link="<a href='~\..\Lab_Report_Submisions\\$att1'>$att1</a>";
if($att2!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att2'>$att2</a>";
}
if($att3!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att3'>$att3</a>";
}
if($att4!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
}
echo"
<div class='btn btn-default'>
$title <small>by $gname $sname </small>
<br> <span style='font-size:8pt'>Submission Date :$sdate &nbsp;&nbsp; &nbsp; Files : $full_link </span>
</div>
";
}}?>
</div>
<?php
$page='Submit LAB+';
include 'Header.php';
?>
<div class='row' style='width:80%;margin:auto;'>
<?php
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
LRRS > Visitor Portal > Public Lab Reports
<br> <span style='font-size:8pt'> </span>
</a></div>
";
$result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Student_id,
`Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, `Title`, `Visibility` ,
users_table.Full_Name,course_groups_table.Group_Name
FROM `lab_report_submissions`
left join users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
WHERE Visibility='Public' ");
if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) {
$att1=$row['Attachment1'];
$att2=$row['Attachment2'];
$sdate=$row['Submission_Date'];
$att3=$row['Attachment3'];
$att4=$row['Attachment4'];
$labid=$row['Lab_Report_ID'];
$title=$row['Title'];
$submitted_std=$row['Student_id'];
$submitted_group=$row['Course_Group_id'];
$Submission_ID=$row['Submission_ID'];
$sname=$row['Full_Name'];
$gname=$row['Group_Name'];
$Visibility=$row['Visibility'];
$full_link="<a href='~\..\Lab_Report_Submisions\\$att1'>$att1</a>";
if($att2!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att2'>$att2</a>";
}
if($att3!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att3'>$att3</a>";
}
if($att4!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
}
echo"
<div class='btn btn-default'>
$title <small>by $gname $sname </small>
<br> <span style='font-size:8pt'>Submission Date :$sdate &nbsp;&nbsp; &nbsp; Files : $full_link </span>
</div>
";
}}?>
</div>

55
batch_insert.php Normal file
View File

@ -0,0 +1,55 @@
<?php
// Code contributed by Xu Xiaopeng and his team (https://github.com/lanlab-org/LRR/pull/39/files#diff-b69ba96bf0e469383b373e8c9de257c0)
//数据库信息
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "lrr";
// 创建连接
$conn = mysqli_connect($servername, $username, $password, $dbname);
// 检测连接
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
//获得用户名数据
$source = $_POST['users'];
//如有多个空格,删除剩一个空格
$source1 = preg_replace('/\s\s+/', ' ', $source);
//去除首尾巴的空格
$source2 = trim($source1);
//根据空格拆分
$user = explode(' ', $source2);
//插入数据
for($index=0; $index < count($user); $index++) {
$result = mysqli_query($conn, "SELECT * FROM `students_data` WHERE Student_ID='$user[$index]'");
if (mysqli_num_rows($result) < 1) {
if (! mysqli_query($conn, "REPLACE INTO `students_data`(`Student_ID`, `Passport_Number`) VALUES('$user[$index]', '')" ) ) {
echo "SQL Error: " . $sql_stmt . "<br>" . mysqli_error($conn);
} else {
echo "<p>Student number $user[$index] added.</p>";
}
} else {
echo "<p><b>Student number $user[$index] already exists.</b></p>";
}
}
//返回按钮
echo "</br><input type='button' name='Back' onclick='javascript:history.back(-1);' value=' 返回 '>";
//释放缓存
$result->free();
//中断连接
mysqli_close($conn);
?>

19
index.php
View File

@ -40,21 +40,31 @@ Student ID / Email
Password
<input type="password" class="form-control" name="password" placeholder="password">
<br>
<input type="submit" class="btn btn-primary" value="Login"><br> <a href="recover_password.php" style="font-weight:bold;color:orange">Recover lost password</a>
<input type="submit" class="btn btn-primary" value="Login"><br> <a href="recover_password.php" style="font-weight:normal;color:orange">Reset my password</a>
<?php
error_reporting(E_ALL);
if(isset($_SESSION['info_login'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_login'].'</div>';
$_SESSION['info_login']=null;
}
// wrong pass
if(isset($_SESSION['wrong_pass'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['wrong_pass'].'</div>';
$_SESSION['wrong_pass']=null;
}
if(isset($_SESSION['infoChangePassword'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['infoChangePassword'].'</div>';
$_SESSION['infoChangePassword']=null;
}
?>
</form>
@ -67,7 +77,7 @@ if(isset($_SESSION['wrong_pass'])) {
<br>
<h4 class="list-group-item active"> Student Sign up </h4>
<h4 class="list-group-item active"> Student sign up </h4>
<div class="list-group-item">
<form method="post" action="Script.php" name="frm_signup_1">
@ -79,7 +89,7 @@ if(isset($_SESSION['wrong_pass'])) {
Your Passport / National ID
<input type="text" class="form-control" name="passport" placeholder="(Optional)">
<br>
<input type="submit" name="frm_signup_1" class="btn btn-primary" value="Next"> <br>
<input type="submit" name="frm_signup_1" class="btn btn-primary" value="Next"> <br> Click Next to set up password
<?php
error_reporting(E_ALL);
@ -112,8 +122,7 @@ if(isset($_SESSION['info_signup1'])) {
<hr>
<div style="" id="footer">
Developed by : Mohamed Nor (201825800050)-houzi you can submit your suggestions & bug reports to mohamednor@qq.com <small>Last Update : 18/04/2020 by <i>Ashly</i> </small>
LRRS was originally developed as a <a href="http://lanlab.org/course/2018f/se/homepage.html" style="color:white;">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi. Please submit your suggestions or bug reports to lanhui _at_ zjnu.edu.cn. Last updated on 18/04/2020 by Ashly. <a href="./homepage" style="color:white;">More information ...</a>
</div>
</body>

46
logout.php
View File

@ -1,24 +1,22 @@
<?php
// Destory sessions & refiret to index
session_destroy();
session_unset();
// Start a new session
session_start();
// Generate a new session ID
session_regenerate_id(true);
// Then finally, make sure you pick up the new session ID
$session_id = session_id();
unset( $_SESSION['user_id']);
unset( $_SESSION['user_email']);
unset( $_SESSION['user_type']);
unset( $_SESSION['user_student_id']);
unset( $_SESSION['user_fullname']);
header("Location: index.php");
<?php
// Destory sessions & refiret to index
session_destroy();
session_unset();
// Start a new session
session_start();
// Generate a new session ID
session_regenerate_id(true);
// Then finally, make sure you pick up the new session ID
$session_id = session_id();
unset( $_SESSION['user_id']);
unset( $_SESSION['user_email']);
unset( $_SESSION['user_type']);
unset( $_SESSION['user_student_id']);
unset( $_SESSION['user_fullname']);
header("Location: index.php");

54
recover_password.php
View File

@ -6,42 +6,42 @@
* and open the template in the editor.
*/
include 'Header.php';
?>
<div class="row">
<div class="col-md-4 list-group" style="margin:auto;">
<br>
<h4 class="list-group-item active"> Recover lost password </h4>
<div class="list-group-item">
<div class="panel-body">
<form method="post" action="Script.php" >
<input type="hidden" name="frm_recover_password" value="true"/>
Email
<input type="text" name="email" placeholder="Enter your Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>">
<div class="col-md-4 list-group" style="margin:auto;">
<br>
<input type="submit" class="btn btn-primary" value="Recover">
<br> * You will recieve email with recovery information
<?php
<h4 class="list-group-item active"> Reset my password </h4>
<div class="list-group-item">
<div class="panel-body">
<form method="post" action="Script.php" >
<input type="hidden" name="frm_recover_password" value="true"/>
Student number <input type="text" name="sno" placeholder="Enter your student number" class="form-control" value="<?php echo $_SESSION['student_number']; ?>">
<br/>
Email <input type="text" name="email" placeholder="Enter your email address" class="form-control" value="<?php echo $_SESSION['user_email']; ?>">
<br/>
<input type="submit" class="btn btn-primary" value="Recover">
<br> * You will need to sign up again after you click the above button.
</form>
</div>
</div>
</div>
</div>
<?php
if(isset($_SESSION['info_recover_password'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_recover_password'].'</div>';
$_SESSION['info_recover_password']=null;
}
?>
</form>
</div>
</div>
</div>
</div>
</form>
</div>
</div>

112
signup.php
View File

@ -1,57 +1,57 @@
<?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
include 'Header.php';
?>
<div class="row">
<div class="col-md-4 list-group" style="margin:auto;">
<br>
<h4 class="list-group-item active"> Sign Up </h4>
<div class="list-group-item">
<div class="panel-body">
<form method="post" action="Script.php" >
<input type="hidden" value="true"/>
Full Name
<input type="text" name="fullname" placeholder="Your Full Name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>">
Email
<input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>">
Password
<input type="password" class="form-control" name="password" placeholder="password">
Confirm Password
<input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password">
<br>
<input type="submit" name="frm_signup_2" class="btn btn-primary" value="Sign up">
<?php
error_reporting(E_ALL);
if(isset($_SESSION['info_signup2'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_signup2'].'</div>';
$_SESSION['info_signup2']=null;
}
?>
</form>
</div>
</div>
</div>
</div>
</form>
</div>
<?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
include 'Header.php';
?>
<div class="row">
<div class="col-md-4 list-group" style="margin:auto;">
<br>
<h4 class="list-group-item active"> Sign Up </h4>
<div class="list-group-item">
<div class="panel-body">
<form method="post" action="Script.php" >
<input type="hidden" name="frm_signup_2" value="true"/>
Full Name
<input type="text" name="fullname" placeholder="Your Full Name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>">
Email
<input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>">
Password
<input type="password" class="form-control" name="password" placeholder="password">
Confirm Password
<input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password">
<br>
<input type="submit" class="btn btn-primary" value="Sign up">
<?php
error_reporting(E_ALL);
if(isset($_SESSION['info_signup2'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_signup2'].'</div>';
$_SESSION['info_signup2']=null;
}
?>
</form>
</div>
</div>
</div>
</div>
</form>
</div>
</div>

61
test.php Normal file
View File

@ -0,0 +1,61 @@
<?php
error_reporting(E_ALL);
ini_set('display_errors', 'on');
echo phpversion();
$hashed_password1 = hash('sha512', '123a');
$hashed_password2 = hash('sha512', '123a');
echo "Hash1=".$hashed_password1;
echo "<hr>Hash2=".$hashed_password2;
$con=mysqli_connect("localhost","username","password","lrr");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
else
{
echo "Connected ";
}
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$query = "SELECT * from users_table;";
$result = mysqli_query($con, $query);
if (mysqli_num_rows($result) > 0) {
echo "<table>";
while ($row = mysqli_fetch_assoc($result)) {
$id=$row["User_ID"];
$pass=$row["Password"];
$hash_pass=hash('sha512', $pass);
$inner_query = "update users_table set HashPassword='$hash_pass' where User_ID=$id;";
if ($con->query($inner_query) === TRUE) { echo " User # $id updated<br>"; }
//echo "<tr>";
//echo "<td>{$row['Password']}</td><td>{$row['Email']}</td>";
//echo "</tr>";
}
echo "</table>";
}