mrlan
/
LRR
3
0
Fork 2
Code Issues Pull Requests 7 Projects Releases Wiki Activity

sucessfully

BUG352-NEIL
KOUONTCHOU NEIL ARMSTRONG 2023-12-05 04:53:52 +01:00
parent 244af4c11b
commit 21b643d8d9
24 changed files with 2273 additions and 2578 deletions

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
.vscode .vscode
.DS_Store

559
Admin.php
View File

@ -1,293 +1,266 @@
<?php <?php
include 'NoDirectPhpAcess.php'; include 'NoDirectPhpAcess.php';
?> ?>
<?php <?php
$page = "admin"; $page = "admin";
include 'Header.php'; include 'Header.php';
?> ?>
<?php <?php
// Only Lecturer or Admin could access this page //Only Lecturer or Admin could access this page
if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") { if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
die("Sorry. Nothing to see here."); die("Sorry. Nothing to see here.");
} }
?> ?>
<div class="container">
<style>
.col-md-4 {
border-right: 1px solid skyblue; <br>
} <h1 class="display-6"> Administration panel </h1>
</style>
<hr>
<br> <div class="row">
<div style="width: 80%;margin: auto;">
<h2> Administration Panel </h2> <div class="col-md-6">
</div>
<!-- Nav tabs -->
<hr> <ul class="nav nav-tabs" id="myTab">
<div class="row" style="width: 80%;margin: auto;">
<li class="nav-item">
<!--<h4>General system Settings</h4><hr> <a class="nav-link active" href="#tab-student-accounts" id="batch_tab">Create student accounts</a>
<a href="" class="btn btn-lg btn-primary">View System Log </a> </li>
<hr>
Lab Privacy Mode: (STUDENT VERIFICATION) <li class="nav-item">
<hr> <a class="nav-link" href="#tab-ins-accounts">Create instructor account</a>
--> </li>
<div class="col-md-6">
<li class="nav-item">
<?php <a class="nav-link" href="#tab-existing-accounts" id="existing_accounts_tab">Existing accounts</a>
if ($_SESSION['user_type'] == "Lecturer") { </li>
</ul>
echo " <h4> TA Account Management </h4>
<hr> " ; <!-- Tab panes -->
echo "<b>TA Accounts </b><br>" ; <div class="tab-content">
}
else if($_SESSION['user_type'] == "Admin"){ <!-- code contributed by Xu Xiaopeng (https://github.com/xxp1999) -->
echo " <h4> Lecturer Account Management </h4> <div id="tab-student-accounts" class="tab-pane active" style="margin-top:5px">
<hr> "; <p class="text-muted">Copy & paste student number to the following box, and separate two student numbers with a space.</p>
echo "<b>Lecturer Accounts </b><br>"; <form action="batch_insert.php" method="post" id="batch_form">
} <textarea cols="60" rows="16" name="users" required=""></textarea>
<button type="submit" class="btn btn-primary" id="register_btn">Register students</button>
?> </form>
</div>
<div class="container">
<div id="tab-ins-accounts" class="tab-pane"><br>
<!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist"> <?php
if ($_SESSION['user_type'] == "Lecturer") {
<li class="nav-item"> echo "<p class=\"text-muted\">Create TA Accounts</p>";
<a class="nav-link active" data-toggle="tab" href="#home">Create New Account</a> }
</li> else if($_SESSION['user_type'] == "Admin"){
echo "<p class=\"text-muted\">Create Lecturer Accounts</p>";
<li class="nav-item"> }
<a class="nav-link" data-toggle="tab" href="#menu2" id="batch_tab">Batch Create New Student Accounts</a>
</li> ?>
<form method="post" action="Script.php" id="create_account_form">
<li class="nav-item"> <input type="hidden" name="form_createlecturrer" value="true" required="" />
<a class="nav-link" data-toggle="tab" href="#menu1" id="existing_accounts_tab">Existing Accounts</a> Full name
</li> <input type="text" name="fullname" placeholder="Full Name" class="form-control" required=""> <br>
Email
</ul> <input type="text" name="email" placeholder="Email / Student Number" class="form-control" > <br>
Initial password
<!-- Tab panes -->
<div class="tab-content"> <input type="text" class="form-control" name="passport" minlength="8" placeholder="Initial password" >
Leave it empty to let LRR generate a strong password for you.<br><br>
<div id="home" class="container tab-pane active"><br> User type:
<?php <?php
if ($_SESSION['user_type'] == "Lecturer") {
if ($_SESSION['user_type'] == "Lecturer") {
echo "<b>Create TA Accounts </b>"; echo ' <input type="radio" name="type" value="TA" required="" id="role_TA"> TA (Teaching Assistant) ';
} else if ($_SESSION['user_type'] == "Admin"){
} echo " <input type='radio' name='type' value='Lecturer' required='' id='role_lecturer'> Lecturer ";
else if($_SESSION['user_type'] == "Admin"){ }
echo "<b>Create Lecturer Accounts </b>";
} ?>
?> <br><br>
<form method="post" action="Script.php" id="create_account_form"> <button type="submit" class="btn btn-primary" name="create_btn">Create</button>
<input type="hidden" name="frm_createlecturrer" value="true" required="" />
Full Name <?php
<input type="text" name="fullname" placeholder="Full Name" class="form-control" required=""> error_reporting(E_ALL);
Email if (isset($_SESSION['info_Admin_Users'])) {
<input type="text" name="email" placeholder="Email / Student Number" class="form-control" required=""> echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>';
$_SESSION['info_Admin_Users'] = null;
Passport Number / ID (Used as Initial Password) }
<input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required=""> if (isset($_SESSION['info_Admin_Users'])) {
<br> User Type : echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>';
$_SESSION['info_Admin_Users'] = null;
<?php }
?>
if ($_SESSION['user_type'] == "Lecturer") {
</form>
echo ' <input type="radio" name="type" value="TA" required="" id="role_TA"> TA (Teaching Assistant) ';
</div>
}
else if($_SESSION['user_type'] == "Admin"){
<div id="tab-existing-accounts" class="tab-pane"><br>
echo " <input type='radio' name = 'type' value = 'Lecturer' required = '' id='role_lecturer' > Lecturer ";
<table class="table" style="font-size: 10pt;">
} <tr style="font-size:10pt;">
<th>ID</th>
?> <th>Name</th>
<th>Email</th>
<input type="submit" class="btn btn-primary" value="Create" id="create_btn"><br> <th>Reset password </th>
<th>Block/Activate </th>
<?php </tr>
<?php
error_reporting(E_ALL);
if (isset($_SESSION['info_Admin_Users'])) { if ($_SESSION['user_type'] == "Lecturer") {
echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>';
$_SESSION['info_Admin_Users'] = null; $result = mysqli_query(
} $con,
if (isset($_SESSION['info_Admin_Users'])) { "SELECT * FROM users_table WHERE UserType in ('TA')"
echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>'; );
$_SESSION['info_Admin_Users'] = null; }
}
else if ($_SESSION['user_type'] == "Admin"){
?> $result = mysqli_query(
$con,
</form> "SELECT * FROM users_table WHERE UserType in ('Lecturer')"
);
<hr> }
</div> while ($row = mysqli_fetch_assoc($result)) {
$pass = $row['Password'];
<div id="menu1" class="container tab-pane fade"><br> $btn = "<button class='btn btn-warning' onclick=\"updatePassword(" . $row['User_ID'] . ",'$pass')\">Reset</button>";
if ($row['Status'] == "Active") {
<table class="table-bordered" style="font-size: 10pt;"> $newstatus = "Blocked";
<tr style="font-size:10pt;"> $btnBlock = "<button class='btn btn-danger' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"block_account_1\">Block</button>";
<th>ID</th> } else {
<th>Name</th> $newstatus = "Active";
<th>Email</th> $btnBlock = "<button class='btn btn-success' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"activate_account_1\">Activate</button>";
<th>Passport / ID </th> }
<th>Reset Password </th>
<th>Block/Activate </th> echo "<tr><td>" . $row['User_ID'] . "</td><td>" . $row['Full_Name'] . "</td><td>" . $row['Email'] . "</td><td>$btn</td><td>$btnBlock</td></tr>";
</tr> }
<?php ?>
</table>
if ($_SESSION['user_type'] == "Lecturer") { </div>
$result = mysqli_query( </div>
$con,
"SELECT * FROM Users_Table WHERE UserType in ('TA')" </div>
);
} <div class="col-md-6">
else if($_SESSION['user_type'] == "Admin"){ <ul class="nav nav-tabs" id="myTab">
$result = mysqli_query( <li class="nav-item">
$con, <a class="nav-link active" href="#tab-existing-courses" id="existing_courses">Existing courses</a>
"SELECT * FROM Users_Table WHERE UserType in ('Lecturer')" </li>
); </ul>
}
<div id="tab-existing-courses" class="tab-pane active"><br>
while ($row = mysqli_fetch_assoc($result)) {
$pass = $row['Passport_Number']; <p class="text-muted"> Past courses </p>
$btn = "<button class='btn-primary' onclick=\"updatePass(" . $row['User_ID'] . ",'$pass')\">Reset</button>";
if ($row['Status'] == "Active") { <table class="table" style="font-size: 10pt;">
$newstatus = "Blocked"; <tr>
$btnBlock = "<button class='btn-danger' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"block_account_1\">Block</button>"; <th>Course name</th>
} else { <th>Faculty</th>
$newstatus = "Active"; <th>Lecturer</th>
$btnBlock = "<button class='btn-success' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"activate_account_1\">Activate</button>"; <th>TAs</th>
} <th>Assign a new TA </th>
</tr>
echo "<tr><td>" . $row['User_ID'] . "</td><td>" . $row['Full_Name'] . "</td><td>" . $row['Email'] . "</td> <td>" . $row['Passport_Number'] . "</td><td>$btn</td><td>$btnBlock</td></tr>";
} <?php
?> $user_id = $_SESSION['user_id'];
</table> if ($_SESSION['user_type'] == 'Lecturer') {
$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `TA_User_ID`, `Course_Code`, `Full_Name` FROM courses_table INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID WHERE User_ID=$user_id ORDER BY Academic_Year DESC;");
</div> } else if ($_SESSION['user_type'] == 'Admin') {
$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `TA_User_ID`, `Course_Code`, `Full_Name` FROM courses_table INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID ORDER BY Academic_Year DESC;");
<!-- code contributed by Xu Xiaopeng (https://github.com/xxp1999) --> }
if (mysqli_num_rows($result) != 0) {
<div id="menu2" class="container tab-pane fade" style="margin-top:10px"> $counter = 0;
<b>Separate two student numbers with a space.</b><br> while ($row = mysqli_fetch_assoc($result)) {
<form action="batch_insert.php" method="post" id="batch_form"> $name = $row['Course_Name'];
<p> $code = $row['Course_Code'];
<textarea cols="80" rows="16" name="users" required=""></textarea> $faculty = $row['Faculty'];
</p> $lecturer = $row['Full_Name'];
<input type="submit" class="btn btn-primary" value="Register Students" id="register_btn"><br> $academic = $row['Academic_Year'];
</form> $c_id = $row['Course_ID'];
</div> $counter += 1;
</div> $resultTA = mysqli_query($con, "SELECT `Course_ID`, `TA`, users_table.Full_Name as TA_NAME FROM course_ta INNER JOIN users_table on users_table.User_ID=course_ta.TA where course_ta.Course_ID=$c_id");
</div>
$ta = "";
</div> while ($rowTA = mysqli_fetch_assoc($resultTA)) {
$ta = $ta . " " . $rowTA['TA_NAME'];
<div class="col-md-6"> }
<div class="container"> echo "
<!-- Nav tabs --> <tr> <td>$code - $name</td> <td>$faculty </td> <td>$lecturer</td><td>$ta</td> <td><form method='get' action='Script.php' id='drop_menu_form_$counter'> <select name='ta' class=''>";
<ul class="nav nav-tabs" role="tablist">
<li class="nav-item"> $resultx = mysqli_query($con, "SELECT * FROM users_table WHERE UserType='TA'");
<a class="nav-link active" data-toggle="tab" href="#menub" id="existing_courses">Existing Courses</a> if (mysqli_num_rows($resultx) == 0) {
</li> } else {
while ($row = mysqli_fetch_assoc($resultx)) {
</ul> $id = $row['User_ID'];
$name = $row['Full_Name'];
<!-- Tab panes --> echo "<option value='$id'> $name </option>";
}
</div> }
<div id="menub" class="container tab-pane active"><br> echo "</select> <input type='hidden' name='assignTA' value='true'> <input type='hidden' name='id' value='$c_id'> <button class='btn btn-outline-secondary btn-sm' type='submit' id='assign_btn_$counter'>assign</button></form> </td></tr>
";
<b> Existing Course Portals </b> }
<hr> }
<table class="table-bordered" style="font-size: 10pt;"> ?>
<tr>
<th>Course Name </th> </table>
<th> Faculty </th>
<th>Lecturer </th> </div>
<th>TAs</th>
<th>Assign new TA </th> </div>
</tr>
<?php </div>
$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID");
if (mysqli_num_rows($result) == 0) { </div>
} else {
$counter = 0; <?php include 'Footer.php';?>
while ($row = mysqli_fetch_assoc($result)) {
$name = $row['Course_Name']; <script>
$code = $row['Course_Code']; function updatePassword(id, pass) {
$faculty = $row['Faculty']; if (!confirm('Are you sure to reset user password?')) {
$lecturer = $row['Full_Name']; return;
$academic = $row['Academic_Year']; }
$c_id = $row['Course_ID'];
$counter += 1; window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
}
$resultTA = mysqli_query($con, "SELECT `Course_ID`, `TA`,users_table.Full_Name as TA_NAME FROM `course_ta`
INNER JOIN users_table on users_table.User_ID=course_ta.TA function blockUser(id, status) {
where course_ta.Course_ID=$c_id"); if (!confirm('Are you sure to change user status?')) {
return;
$ta = ""; }
while ($rowTA = mysqli_fetch_assoc($resultTA)) { window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status;
$ta = $ta . " - " . $rowTA['TA_NAME']; }
}
/* For tabs to work */
echo " const triggerTabList = document.querySelectorAll('#myTab a')
<tr> <td>$code - $name</td> <td>$faculty </td> <td>$lecturer</td><td>$ta</td> <td><form method='get' action='Script.php' id='drop_menu_form_$counter'> <select name='ta' class=''>"; triggerTabList.forEach(triggerEl => {
const tabTrigger = new bootstrap.Tab(triggerEl)
$resultx = mysqli_query($con, "SELECT * FROM Users_Table WHERE UserType='TA'"); triggerEl.addEventListener('click', event => {
if (mysqli_num_rows($resultx) == 0) { event.preventDefault()
} else { tabTrigger.show()
while ($row = mysqli_fetch_assoc($resultx)) { })
$id = $row['User_ID']; })
$name = $row['Full_Name'];
echo "<option value='$id'> $name </option>"; </script>
}
}
</body>
echo "</select> <input type='hidden' name='assignTA' value='true'> <input type='hidden' name='id' value='$c_id'> <input type='submit' value='assign' id='assign_btn_$counter'></form> </td></tr> </html>
";
}
} ?>
</table>
</div>
</div>
</div>
<script>
function updatePass(id, pass) {
if (!confirm('Are you to Reset User Password')) {
return;
}
window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
}
function blockUser(id, status) {
if (!confirm('Are you to change User Status')) {
return;
}
window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status;
}
</script>

1414
Course.php
View File

File diff suppressed because it is too large Load Diff

1213
Courses.php
View File

File diff suppressed because it is too large Load Diff

2
Download.php
View File

@ -25,7 +25,7 @@ $type = filetype($file);
$today = date("F j, Y, g:i a"); $today = date("F j, Y, g:i a");
$time = time(); $time = time();
if ((isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"]) > 0) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA" ) { if ((isset($_SESSION["user_student_id"]) && (strpos($file, $_SESSION["user_student_id"]) > 0 || strpos($file, "Lab_Report_Assignments"))) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA" ) {
// 发送文件头部 // 发送文件头部
header("Content-type: $type"); header("Content-type: $type");
header('Content-Disposition: attachment;filename="'.urldecode($filename).'"'); header('Content-Disposition: attachment;filename="'.urldecode($filename).'"');

7
Footer.php
View File

@ -1,4 +1,3 @@
<br><br><br><br><br><br><br><br><br> <?php
<div style="background-color:white;width:100%di"> echo "<p id='myfooter' class='text-center'>Copyright &copy; 2018-" . date("Y") . " The Authors</p>";
?>
</div>

292
Header.php
View File

@ -3,175 +3,199 @@ session_start();
error_reporting(0); error_reporting(0);
date_default_timezone_set('Asia/Shanghai'); date_default_timezone_set('Asia/Shanghai');
include "get_mysql_credentials.php"; //include "get_mysql_credentials.php";
$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr"); $mysql_host= "localhost";
$mysql_username = "root";
$mysql_password = "";
$mysql_db = "lrr";
// $mysql_username, $mysql_password variable declared directly
$con = mysqli_connect($mysql_host,$mysql_username,$mysql_password,$mysql_db);
// Check database connection // Check database connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
<html> <html lang="en-US">
<head> <head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>LRR</title>
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css" /> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-4bw+/aepP/YC94hEpVNVgiZdgIC5+VKNBQNGCHeKRQN+PtmoHDEXuppvnDJzQIu9" crossorigin="anonymous">
<link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" /> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/bootstrap.bundle.min.js" integrity="sha384-HwwvtgBNo3bZJJLYd8oVXjrBZt8cqVSpeBNS5n7C8IVInixGAoxmnlMuBnhbgrkm" crossorigin="anonymous"></script>
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<!-- *this css file can be used across all the websites
and any new css class can be added there.
* The reason is to make the css code reusable.
* the css file is used by submissions.php
-->
<link href = "./css/main.css" rel = "stylesheet" type = "text/css" />
<script src="./css/jquery.min.js" type="text/javascript"></script> <link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" />
<script src="./css/bootsrap.min.js" type="text/javascript"></script> <!-- *this css file can be used across all the websites
<script src="./css/jquery.datetimepicker.min.js" type="text/javascript"></script> and any new css class can be added there.
* The reason is to make the css code reusable.
* the css file is used by submissions.php
-->
<link href = "./css/main.css" rel="stylesheet" type="text/css" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js" integrity="sha512-3gJwYpMe3QewGELv8k/BX9vcqhryRdzRMxVfq6ngyWXwo03GFEzjsUm8Q7RZcHPHksttq7/GFoxjCVUjkjvPdw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script src="./css/jquery.datetimepicker.min.js" type="text/javascript"></script>
</head> <style>
<body> .btn-default {
border: 2px solid #f8f8f8;
width: 100%;
text-align: left;
margin: 4px auto;
}
<nav class="navbar navbar-expand-lg navbar-dark bg-dark" style="padding-left:150px;padding-right:150px;margin:auto;"> .btn-default:hover {
<a class="navbar-brand" href="~\..\index.php"> <img src="logo.png" style="width:30px;height:30px;"> LRR </a> background: #f8f8f8;
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarColor02" aria-controls="navbarColor02" aria-expanded="false" aria-label="Toggle navigation"> }
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarColor02"> h1,
<ul class="navbar-nav mr-auto"> h2,
<li class="nav-item active"> h3,
h4 {
color: #03407B;
}
<li class="nav-item active"> a {
<!-- <a class='nav-link' href='~\..\Visitors.php'> <i class='fa fa-globe'></i> Visitor Portal <span class='sr-only'>(current)</span></a> --> color: #03407B;
</li> }
<?php
if (isset($_SESSION["user_fullname"])) {
echo " <a class='nav-link' href='~\..\Courses.php'><i class='fa fa-book'></i> Courses <span class='sr-only'>(current)</span></a>"; .break-word {
?> word-wrap: break-word;
</li> white-space: -moz-pre-wrap !important;
</ul> /* Mozilla, since 1999 */
<form class="form-inline my-2 my-lg-0" style="color:#fff;"> white-space: -pre-wrap;
Welcome &nbsp; <b> <?php echo $_SESSION['user_fullname']; ?> </b> &nbsp; /* Opera 4-6 */
white-space: -o-pre-wrap;
/* Opera 7 */
white-space: pre-wrap;
/* css-3 */
word-wrap: break-word;
/* Internet Explorer 5.5+ */
white-space: -webkit-pre-wrap;
/* Newer versions of Chrome/Safari*/
word-break: break-all;
white-space: normal;
}
<?php .ui-widget-content.ui-dialog {
$c_date = date("Y-m-d H:i"); border: 2px solid #03488B;
if (isset($_SESSION['user_student_id']))
echo "(" . $_SESSION['user_type'] . " - " . $_SESSION['user_student_id'] . ") ";
else
echo "(" . $_SESSION['user_type'] . ") ";
?>
<?php }
if ($_SESSION['user_type'] == "Lecturer") {
echo "&nbsp;&nbsp;&nbsp; <i class=\"fa fa-cog\" style=\"color:#fff;\"> </i> &nbsp;<a style='color:#fff !important' href=\"~\..\Admin.php\" id=\"admin_tab\">Admin </a>";
}
?>
&nbsp;&nbsp;&nbsp; <i class="fa fa-user" style="color:#fff;"> </i> .ui-dialog>.ui-widget-header {
&nbsp;<a href="#" style='color:#fff !important' onclick="updatePass(<?php echo $_SESSION['user_id']; ?>)">Update password</a> background: #03488B;
&nbsp;&nbsp;&nbsp; <i class="fa fa-lock" style="color:#fff;"> </i> &nbsp;<a style='color:#fff !important' href="~\..\logout.php">Logout </a> color: white
}
<?php .ui-button {
} background: #03488B;
?> color: white
</form> }
</div>
</nav>
<style>
.nav-item { .ui-dialog-titlebar-close::before {
border-color: #00ff66; content: "X";
position: absolute;
top: 1px;
left: 3px;
line-height: 1rem;
} }
.nav-tabs { #footer{
border-color: #00ff66; position:fixed;
} bottom:0;
left:0;
text-align:center;
width:100%;
}
.btn-default { .form-control{
border: 2px solid #00ff66; padding-top: 1px;
width: 100%; padding-bottom:1px;
text-align: left; }
margin: 3px auto;
font-weight: bold;
font-size: 13pt;
}
.table-bordered {
padding: 5px !important;
}
.alert { </style>
font-weight: bold;
}
h1, </head>
h2,
h3,
h4 {
color: #03407B;
}
a { <body>
color: #03407B;
}
.break-word { <nav class="navbar navbar-expand-lg bg-body-tertiary" style="padding-left:180px;padding-right:150px;margin:auto;">
word-wrap: break-word; <div class="container-fluid">
white-space: -moz-pre-wrap !important;
/* Mozilla, since 1999 */
white-space: -pre-wrap;
/* Opera 4-6 */
white-space: -o-pre-wrap;
/* Opera 7 */
white-space: pre-wrap;
/* css-3 */
word-wrap: break-word;
/* Internet Explorer 5.5+ */
white-space: -webkit-pre-wrap;
/* Newer versions of Chrome/Safari*/
word-break: break-all;
white-space: normal;
}
.ui-widget-content.ui-dialog { <a class="navbar-brand" href="~\..\index.php"> <img src="logo.png" style="width:30px;height:30px;" alt="LRR Logo"> LRR </a>
border: 2px solid #03488B;
} <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNavAltMarkup" aria-controls="navbarNavAltMarkup" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
.ui-dialog>.ui-widget-header { <div class="collapse navbar-collapse" id="navbarNavAltMarkup">
background: #03488B; <div class="navbar-nav">
color: white
}
.ui-button { <a class="nav-link" href="#">
background: #03488B; <?php
color: white if (isset($_SESSION["user_fullname"])) {
} echo "<b>" . $_SESSION['user_fullname'] . "</b>";
</style> }
?>
<script> &nbsp;
function updatePass(id) {
var pass = prompt("Enter your new password : ", "Enter a strong password"); <?php
$c_date = date("Y-m-d H:i");
if (isset($_SESSION['user_student_id']))
echo "(" . $_SESSION['user_type'] . " ID: " . $_SESSION['user_student_id'] . ") ";
elseif (isset($_SESSION['user_type']))
echo "(" . $_SESSION['user_type'] . ") ";
?>
</a>
if (!confirm('Are you sure you want to reset your password?')) { <?php
return; if (isset($_SESSION["user_fullname"])) {
} if ($_SESSION['user_type'] == "Student" || $_SESSION['user_type'] == 'Lecturer') {
echo "<a class='nav-link' href='~\..\Courses.php'><i class='fa fa-book'></i> My courses </a>";
}
?>
window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
}
function blockUser(id, status) { <?php
if (!confirm('Are you sure you want to change user status?')) { if ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == 'Admin') { // Show Admin link
return; echo "&nbsp;&nbsp;&nbsp;&nbsp;<a class='nav-link' href=\"~\..\Admin.php\" id=\"admin_tab\"><i class='fa fa-cog'></i>Admin</a>";
} }
window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status; ?>
}
</script> &nbsp;&nbsp;&nbsp;&nbsp;
<a class="nav-link" href="#" onclick="updatePass(<?php echo $_SESSION['user_id']; ?>)"><i class="fa fa-user"> </i> Update password</a>
&nbsp;&nbsp;&nbsp;&nbsp;
<a class="nav-link" href="~\..\logout.php"><i class="fa fa-lock"> </i> Logout</a>
<?php
} // Closing this conditional test block: if (isset($_SESSION["user_fullname"])) { ...
?>
</div>
</div>
</div>
</nav>
<script>
function updatePass(id) {
const pass = prompt("Enter your new password : ", "Enter a strong password");
if (!confirm('Are you sure you want to reset your password?')) {
return;
}
window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
}
</script>

10
NoDirectPhpAcess.php
View File

@ -1,7 +1,7 @@
<?php <?php
// https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file // https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file
if (!isset($_SERVER['HTTP_REFERER']) ) { //if (!isset($_SERVER['HTTP_REFERER']) ) {
/* choose the appropriate page to redirect users */ // /* choose the appropriate page to redirect users */
die( header( 'location: logout.php' ) ); // die( header( 'location: logout.php' ) );
} //}
?> ?>

29
README.md
View File

@ -27,8 +27,8 @@ LRR needs Apache and MySQL to run. I followed [How To Install Linux, Apache, My
LRR uses a database called `lrr`. So create this database using MySQL root account. Open MySQL's prompt using `sudo mysql`. Create the database using command `CREATE DATABASE lrr;`, and grant all privileges to MySQL user `lrr` using command `GRANT ALL PRIVILEGES ON lrr.* TO 'mnc'@'localhost' WITH GRANT OPTION;`. If MySQL user mnc does not exist, create it using command `CREATE USER 'mnc'@'localhost' IDENTIFIED BY 'password'`. LRR uses a database called `lrr`. So create this database using MySQL root account. Open MySQL's prompt using `sudo mysql`. Create the database using command `CREATE DATABASE lrr;`, and grant all privileges to MySQL user `lrr` using command `GRANT ALL PRIVILEGES ON lrr.* TO 'mnc'@'localhost' WITH GRANT OPTION;`. If MySQL user mnc does not exist, create it using command `CREATE USER 'mnc'@'localhost' IDENTIFIED BY 'password'`.
To facilitate data migration, I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server. To facilitate data migration, I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server.
The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.txt`, where mnc after -u is MySQL's username, and lrr after -p is the database name. The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.sql`, where mnc after -u is MySQL's username, and lrr after -p is the database name.
The command for importing is `mysql -u mnc -p lrr < lrr_database_dump.txt`. Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail. Do not have lrr_database_dump.txt? You can use lrr_database.sql in this repo instead. The command for importing is `mysql -u username -p lrr < lrr_database_dump.sql`. You must create database `lrr` first on your computer before doing the import. Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail. Do not have lrr_database_dump.sql? You can use lrr_database.sql in this repo instead.
LRR also needs to store assignment submissions. We store them in a folder called `../../lrr_submission`. Note that `lrr_submission` is two levels above the project folder (where many PHP files reside). I copied this folder from the existing one. I think it is also OK if you create an empty folder. LRR also needs to store assignment submissions. We store them in a folder called `../../lrr_submission`. Note that `lrr_submission` is two levels above the project folder (where many PHP files reside). I copied this folder from the existing one. I think it is also OK if you create an empty folder.
We need to set a proper owner and accessibility for `lrr_submission` using the following two commands: We need to set a proper owner and accessibility for `lrr_submission` using the following two commands:
@ -51,6 +51,31 @@ Enable the site lrr: `sudo a2ensite lrr`. Restart the apache server: `sudo syst
Visit the LRR application by entering this URL in a web browser: http://121.4.94.30/. Visit the LRR application by entering this URL in a web browser: http://121.4.94.30/.
### Solving the coding problems in the dump file
If the database contains Chinese characters, the dump file (e.g., lrr_database_dump.sql) may contain *weird* characters, e.g., `研究生`, so weird that no one can tell their meaning.
We need to correct these abnormal characters before we import them to the new database, so that the PHP program can correctly display Chinese information.
The simplest solution is using the ftfy (fixes text for you) Python package to convert them, as follows:
```
from ftfy import fix_text
with open('lrr_database_dump.sql') as f:
content = f.read()
content2 = fix_text(content)
with open('lrr_database_dump_sql_fixed.txt', 'w') as f:
f.write(content2)
```
Now, import data using lrr_database_dump_sql_*fixed*.txt.
If you encounter the 'Unknown MySQL server host' problem during import, replace all apostrophes with a space in the dump file. For example, if a database table field contains *can't*, then the apostrophe between *n* and *t* can cause that problem.
## Enock steps ## Enock steps
Enock, a graduate student here, has made a tutorial about how he deployed LRR to a remote server (http://lanlab.org/course/2021s/spm/PuTTY-Server.txt). Enock, a graduate student here, has made a tutorial about how he deployed LRR to a remote server (http://lanlab.org/course/2021s/spm/PuTTY-Server.txt).

49
Reset_password.php
View File

@ -1,49 +0,0 @@
<?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
include 'Header.php';
$token = htmlspecialchars($_GET['token']);
$email = htmlspecialchars($_GET['email']);
?>
<div class="row">
<div class="col-md-4 list-group" style="margin:auto;">
<br>
<h4 class="list-group-item active"> Reset your password </h4>
<div class="list-group-item">
<div class="panel-body">
<form method="post" action="Script.php" >
<input type="hidden" name="frm_reset_password" value="true"/>
<input type="hidden" name="token" value="<?php echo $token ?>"/>
Email
<input type="text" name="email" readonly="" placeholder="Enter your Email" class="form-control" value="<?php echo $email; ?>">
<br>
New Password
<input type="password" name="password" placeholder="Enter your new Password" class="form-control" value="">
<br>
<input type="submit" class="btn btn-primary" value="Reset">
<br>
<?php
?>
</form>
</div>
</div>
</div>
</div>
</form>
</div>
</div>

108
Script.php
View File

@ -1,7 +1,19 @@
<?php <?php
include 'NoDirectPhpAcess.php'; include 'NoDirectPhpAcess.php';
function downloadFile($filename)
{
$file_url = './acounts/' . $filename.'.txt';
header('content-type: text/plain');
header('Cache-Control: no-cache, must-revalidate');
header('Content-Disposition: attachment; filename=' . basename($file_url));
readfile($file_url);
header("Refresh: 5");
}
?> ?>
<?php <?php
/* /*
@ -12,9 +24,18 @@ session_start();
date_default_timezone_set('Asia/Shanghai'); date_default_timezone_set('Asia/Shanghai');
// Connect to MySQL database // Connect to MySQL database
include "get_mysql_credentials.php"; $mysql_host= "localhost";
$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr"); $mysql_username = "root";
$mysql_password = "";
$mysql_db = "lrr";
// $mysql_username, $mysql_password variable declared directly
$con= mysqli_connect($mysql_host,$mysql_username,$mysql_password,$mysql_db);
//$con = mysqli_connect("localhost", "root", "", "lrr");
// Check connection // Check connection
if (mysqli_connect_errno()) { if (mysqli_connect_errno()) {
@ -126,7 +147,7 @@ if (!empty($_POST["form_signup"])) {
// ################################ LOGIN ##################################### // ################################ LOGIN #####################################
if (!empty($_POST["frm_login"])) { if (!empty($_POST["form_login"])) {
$user = mysqli_real_escape_string($con, $_POST["user"]); // user could be a 12-digit student number or an email address $user = mysqli_real_escape_string($con, $_POST["user"]); // user could be a 12-digit student number or an email address
$is_student_number = 0; $is_student_number = 0;
@ -187,7 +208,7 @@ if (!empty($_POST["frm_login"])) {
// ################################ Recover Password ##################################### // ################################ Recover Password #####################################
if (!empty($_POST["frm_recover_password"])) { if (!empty($_POST["form_recover_password"])) {
$student_id = mysqli_real_escape_string($con, $_POST["sno"]); $student_id = mysqli_real_escape_string($con, $_POST["sno"]);
$email = mysqli_real_escape_string($con, $_POST["email"]); $email = mysqli_real_escape_string($con, $_POST["email"]);
@ -220,7 +241,7 @@ if (!empty($_POST["frm_recover_password"])) {
// ################################ RESET Password ##################################### // ################################ RESET Password #####################################
if (!empty($_POST["frm_reset_password"])) { if (!empty($_POST["form_reset_password"])) {
$password = mysqli_real_escape_string($con, $_POST["password"]); $password = mysqli_real_escape_string($con, $_POST["password"]);
$token = mysqli_real_escape_string($con, $_POST["token"]); $token = mysqli_real_escape_string($con, $_POST["token"]);
$email = mysqli_real_escape_string($con, $_POST["email"]); $email = mysqli_real_escape_string($con, $_POST["email"]);
@ -264,11 +285,19 @@ if (!empty($_POST["frm_reset_password"])) {
} }
// ############################### CREATE Lecturer/TA USER ################################## // ############################### CREATE Lecturer/TA USER ##################################
if (!empty($_POST["frm_createlecturrer"])) { if (!empty($_POST["form_createlecturrer"])){
$email = mysqli_real_escape_string($con, $_POST["email"]); $email = mysqli_real_escape_string($con, $_POST["email"]);
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]); $fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
$type = mysqli_real_escape_string($con, $_POST["type"]); $type = mysqli_real_escape_string($con, $_POST["type"]);
$password = mysqli_real_escape_string($con, $_POST["passport"]); $password = mysqli_real_escape_string($con, $_POST["passport"]);
$pass_len=strlen($password);
if ($pass_len==0) {
$password = generateStrongPassword();
}
// $passport_no=$password;
// check if email is taken // check if email is taken
$result = mysqli_query( $result = mysqli_query(
$con, $con,
@ -277,17 +306,40 @@ if (!empty($_POST["frm_createlecturrer"])) {
if (mysqli_num_rows($result) != 0) { if (mysqli_num_rows($result) != 0) {
$_SESSION["info_Admin_Users"] = "Email address : " . $email . " is already in use."; $_SESSION["info_Admin_Users"] = "Email address : " . $email . " is already in use.";
header("Location: Admin.php"); header("Location: Admin.php");
exit;
// header( "refresh:5;url=Admin.php" );
} }
$password_hash = password_hash("$password", PASSWORD_DEFAULT); $password_hash = password_hash("$password", PASSWORD_DEFAULT);
$sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES " $sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
. "('$email','$password_hash','$fullname','$type')"; . "('$email','$password_hash','$fullname','$type')";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"] = $type . " user created successfully. Use email " . $email . " as account name and $password as password."; // $file_name = $email.'.txt';
$_SESSION["info_Admin_Users"] = $type . " user created successfully. Use email " . $email . " as account name and ". $password ." as password.";
// file_put_contents('./acounts/'.$file_name, $_SESSION["info_Admin_Users"]);
//downloadFile($email);
header("Location: Admin.php"); header("Location: Admin.php");
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; alert("Error: " . $sql . "<br>" . $con->error);
} }
}
// ### FUNCTION TO GENERATE INITIAL PASSWORDS ###//
function generateStrongPassword() {
$characters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_';
$password_length = 12;
$gen_password = '';
for ($i = 0; $i < $password_length; $i++) {
$random_index = mt_rand(0, strlen($characters) - 1);
$gen_password .= $characters[$random_index];
}
// Return the generated password
return $gen_password;
} }
// #### FUNCTION CHECK FILE TYPES //// // #### FUNCTION CHECK FILE TYPES ////
@ -340,7 +392,7 @@ function mkdirs($path)
} }
// ############################### #Post Assignment ################################## // ############################### #Post Assignment ##################################
if (!empty($_POST["frm_uploadlab"])) { if (!empty($_POST["form_uploadlab"])) {
$course_id = mysqli_real_escape_string($con, $_POST["course_id"]); $course_id = mysqli_real_escape_string($con, $_POST["course_id"]);
$deadlinedate = $_POST["deadlinedate"]; $deadlinedate = $_POST["deadlinedate"];
@ -357,7 +409,7 @@ if (!empty($_POST["frm_uploadlab"])) {
// GET UPLOADED FILES // GET UPLOADED FILES
$target_dir = Create_dir("Lab_Report_Assignments/" . $title . "/"); $target_dir = Create_dir("./../../lrr_submission/Lab_Report_Assignments/$course_id/" . $title . "/");
$rnd = rand(10, 1000); $rnd = rand(10, 1000);
$rnd = ""; // no more required , creating folder for each lab $rnd = ""; // no more required , creating folder for each lab
@ -416,16 +468,16 @@ if (!empty($_POST["frm_uploadlab"])) {
$targetfile4 = ""; $targetfile4 = "";
if ($_FILES['attachment1']['name'] != "") { if ($_FILES['attachment1']['name'] != "") {
$targetfile = "/" . $title . "/" . $_FILES['attachment1']['name']; $targetfile = "/Lab_Report_Assignments/$course_id/" . $title . "/" . $_FILES['attachment1']['name'];
} }
if ($_FILES['attachment2']['name'] != "") { if ($_FILES['attachment2']['name'] != "") {
$targetfile2 = "/" . $title . "/" . $_FILES['attachment2']['name']; $targetfile2 = "/Lab_Report_Assignments/$course_id" . $title . "/" . $_FILES['attachment2']['name'];
} }
if ($_FILES['attachment3']['name'] != "") { if ($_FILES['attachment3']['name'] != "") {
$targetfile3 = "/" . $title . "/" . $_FILES['attachment3']['name']; $targetfile3 = "/Lab_Report_Assignments/$course_id" . $title . "/" . $_FILES['attachment3']['name'];
} }
if ($_FILES['attachment4']['name'] != "") { if ($_FILES['attachment4']['name'] != "") {
$targetfile4 = "/" . $title . "/" . $_FILES['attachment4']['name']; $targetfile4 = "/Lab_Report_Assignments/$course_id" . $title . "/" . $_FILES['attachment4']['name'];
} }
$sql = "INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, $sql = "INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`,
@ -434,7 +486,7 @@ if (!empty($_POST["frm_uploadlab"])) {
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_courses"] = $type . " lab report assignment posted successfully."; $_SESSION["info_courses"] = $type . " lab report assignment posted successfully. ";
header("Location: Courses.php?course=" . $url); header("Location: Courses.php?course=" . $url);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -452,7 +504,7 @@ function checksize($file)
} }
// ############################### Submit Assignment ################################## // ############################### Submit Assignment ##################################
if (!empty($_POST["frm_submitlab"])) { if (!empty($_POST["form_submitlab"])) {
$lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]); $lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]);
$student_id = $_POST["student_id"]; $student_id = $_POST["student_id"];
@ -585,7 +637,7 @@ if (!empty($_POST["frm_submitlab"])) {
$con->query($sql = "UPDATE `lab_report_submissions` SET `Course_Group_id` = '0' WHERE `lab_report_submissions`.`Lab_Report_ID` = '$lab_id'"); $con->query($sql = "UPDATE `lab_report_submissions` SET `Course_Group_id` = '0' WHERE `lab_report_submissions`.`Lab_Report_ID` = '$lab_id'");
} }
$_SESSION["info_courses"] = "Thanks. Your lab report assignment is submitted successfully."; $_SESSION["info_courses"] = "Thanks. You have successfully submitted your assignment.";
header("Location: Course.php?url=" . $url); header("Location: Course.php?url=" . $url);
} else { } else {
echo "Error: <br>" . $con->error; echo "Error: <br>" . $con->error;
@ -648,7 +700,7 @@ if (!empty($_GET["savemarks"])) {
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_Marking"] = "Lab Report Submission Marked"; $_SESSION["info_Marking"] = "Assignment marked";
header("Location: Submissions.php?id=" . $labid . "&header=" . $header . "&total=" . $total); header("Location: Submissions.php?id=" . $labid . "&header=" . $header . "&total=" . $total);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -692,7 +744,7 @@ if (!empty($_GET["remarking"])) {
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = "Remarking Request Sent"; $_SESSION["info_general"] = "Remarking request sent";
header("Location: Course.php?url=" . $url); header("Location: Course.php?url=" . $url);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -815,7 +867,7 @@ if (!empty($_GET["acceptinvite"])) {
} }
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = " Group Invite Updated"; $_SESSION["info_general"] = " Group invitation status updated";
header("Location: Course.php?url=" . $url); header("Location: Course.php?url=" . $url);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -833,7 +885,7 @@ if (!empty($_GET["removemember"])) {
$sql = "Delete from `course_group_members_table` where student_id=$student_id and Course_Group_id=$group_id"; $sql = "Delete from `course_group_members_table` where student_id=$student_id and Course_Group_id=$group_id";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = " Member " . $student_id . " removed from the group"; $_SESSION["info_general"] = " Member " . $student_id . " is gone.";
header("Location: Course.php?url=" . $url); header("Location: Course.php?url=" . $url);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -867,7 +919,7 @@ if (!empty($_GET["extenddeadline"])) {
$time = mysqli_real_escape_string($con, $_GET["time"]); $time = mysqli_real_escape_string($con, $_GET["time"]);
$type = mysqli_real_escape_string($con, $_GET["type"]); $type = mysqli_real_escape_string($con, $_GET["type"]);
$stdid = mysqli_real_escape_string($con, $_GET["stdid"]); $studentid = mysqli_real_escape_string($con, $_GET["studentid"]);
$reason = mysqli_real_escape_string($con, $_GET["reason"]); $reason = mysqli_real_escape_string($con, $_GET["reason"]);
$url = mysqli_real_escape_string($con, $_GET["url"]); $url = mysqli_real_escape_string($con, $_GET["url"]);
$deadline = $date . " " . $time; $deadline = $date . " " . $time;
@ -877,12 +929,12 @@ if (!empty($_GET["extenddeadline"])) {
} else { } else {
$sql = "INSERT INTO `extended_deadlines_table`(`Student_ID`, " $sql = "INSERT INTO `extended_deadlines_table`(`Student_ID`, "
. "`Lab_Report_ID`, `Extended_Deadline_Date`," . "`Lab_Report_ID`, `Extended_Deadline_Date`,"
. " `ReasonsForExtension`) VALUES ('$stdid','$id','$deadline','$reason')"; . " `ReasonsForExtension`) VALUES ('$studentid','$id','$deadline','$reason')";
} }
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_courses"] = " Lab Report Deadline extended successfully."; $_SESSION["info_courses"] = " Assignment deadline extended successfully.";
header("Location: Courses.php?course=" . $url); header("Location: Courses.php?course=" . $url);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -903,7 +955,7 @@ if (!empty($_GET["ignoreremarking"])) {
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_Marking"] = "Remarking Request Ignored , Submission Updated to 'Marked' status"; $_SESSION["info_Marking"] = "Remarking request ignored.";
header("Location: Submissions.php?id=" . $id . "&header=" . $header . "&total=" . $total); header("Location: Submissions.php?id=" . $id . "&header=" . $header . "&total=" . $total);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -987,20 +1039,19 @@ if (!empty($_GET["action"])) {
} }
} }
if ($action == "statuschange" && $_SESSION['user_id'] == $uid && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) { if ($action == "statuschange" && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) {
$sql = "UPDATE users_table set Status='$status' where User_ID='$uid';"; $sql = "UPDATE users_table set Status='$status' where User_ID='$uid';";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"] = $type . " user Status updated successfully "; $_SESSION["info_Admin_Users"] = $type . " user Status updated successfully ";
header("Location: Admin.php"); header("Location: Admin.php");
} else { } else {
// echo "Error: " . $sql . "<br>" . $con->error;
echo "Something really bad happened while changing status. Contact lanhui at zjnu.edu.cn. Thanks!"; echo "Something really bad happened while changing status. Contact lanhui at zjnu.edu.cn. Thanks!";
} }
} }
} }
// ############################### CREATE STUDENT USER ################################## // ############################### CREATE STUDENT USER ##################################
if (!empty($_POST["frm_createCourse"])) { if (!empty($_POST["form_createCourse"])) {
$name = mysqli_real_escape_string($con, $_POST["name"]); $name = mysqli_real_escape_string($con, $_POST["name"]);
$academic = mysqli_real_escape_string($con, $_POST["academic"]); $academic = mysqli_real_escape_string($con, $_POST["academic"]);
$lecturer = mysqli_real_escape_string($con, $_POST["lecturer"]); $lecturer = mysqli_real_escape_string($con, $_POST["lecturer"]);
@ -1096,3 +1147,4 @@ WHERE lab_report_submissions.Lab_Report_ID='$lab'";
header("Expires: 0"); header("Expires: 0");
print "$header\n$data"; print "$header\n$data";
} }
?>

29
Student.php
View File

@ -1,15 +1,14 @@
<?php <?php
$page = "student"; $page = "student";
include 'Header.php'; include 'Header.php';
?>
?>
<br><br><br>
<br><br><br>
<div class="row" style="width:80%;margin:auto;">
<div class="row" style="width:80%;margin:auto;">
<div class="col-md-6">
<div class="col-md-6"> <h1> Student account created. Now you can browse the course portal. </h1>
<h1> Student Account Created. Now you can Browse Course Portals </h1> </div>
</div>
</div>
</div>

347
Submissions.php
View File

@ -1,4 +1,5 @@
<?php <?php
global $con;
include 'NoDirectPhpAcess.php'; include 'NoDirectPhpAcess.php';
?> ?>
@ -24,22 +25,26 @@ if (!empty($_GET["total"])) {
$total = 0; $total = 0;
} }
$resultx1 = mysqli_query($con, "SELECT `Lab_Report_ID`,Title, lab_reports_table.Course_ID, `Posted_Date`, `Deadline`, `Marks`, `Type` , courses_table.URL FROM `lab_reports_table` INNER JOIN courses_table ON courses_table.Course_ID=lab_reports_table.Course_ID WHERE Lab_Report_ID=$id"); $resultx1 = mysqli_query($con, "SELECT Lab_Report_ID, Title, lab_reports_table.Course_ID, Posted_Date, Deadline, Marks, Type, courses_table.URL
FROM lab_reports_table
INNER JOIN courses_table ON courses_table.Course_ID=lab_reports_table.Course_ID
WHERE Lab_Report_ID=$id");
while ($row = mysqli_fetch_assoc($resultx1)) { while ($row = mysqli_fetch_assoc($resultx1)) {
$Report_Type = $row['Type']; $report_type = $row['Type'];
$c_id = $row['Course_ID']; $c_id = $row['Course_ID'];
$Report_Title = $row['Title']; $report_title = $row['Title'];
$url = $row['URL']; $url = $row['URL'];
} }
echo "<div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='Courses.php?course=$url'>
$header
</a></div>
";
?> ?>
<div class="row" style="width:80%;margin:auto; text-align:left;"> <div class="container">
<?php
echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
?>
<div class="row">
<!-- Lecturer CODE--> <!-- Lecturer CODE-->
<?php <?php
@ -55,89 +60,72 @@ echo "<div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF
error_reporting(0); error_reporting(0);
if (isset($_SESSION['info_Marking'])) { if (isset($_SESSION['info_Marking'])) {
echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Marking'] . '</div>'; echo '<div class="alert alert-warning">' . $_SESSION['info_Marking'] . '</div>';
$_SESSION['info_Marking'] = null; $_SESSION['info_Marking'] = null;
} }
$resultx1 = mysqli_query($con, "Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id"); $resultx1 = mysqli_query($con, "SELECT Count(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id");
while ($row = mysqli_fetch_assoc($resultx1)) { $row = mysqli_fetch_assoc($resultx1);
$count_subs = $row['cnt']; $count_submissions = $row['cnt'];
}
$resultx2 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Marked'"); $resultx2 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id and Status='Marked'");
if (mysqli_num_rows($resultx2) == 0) { $row = mysqli_fetch_assoc($resultx2);
$count_marked = 0; $count_marked = $row['cnt'];
} else {
while ($row = mysqli_fetch_assoc($resultx2)) {
$count_marked = $row['cnt'];
}
}
$resultx3 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Pending'"); $resultx3 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id and Status='Pending'");
if (mysqli_num_rows($resultx3) == 0) { $row = mysqli_fetch_assoc($resultx3);
$count_unmarked = 0; $count_unmarked = $row['cnt'];
} else {
while ($row = mysqli_fetch_assoc($resultx3)) {
$count_unmarked = $row['cnt'];
}
}
$resultx4 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Remarking'"); $resultx4 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id and Status='Remarking'");
if (mysqli_num_rows($resultx4) == 0) { $row = mysqli_fetch_assoc($resultx4);
$count_remark = 0; $count_remark = $row['cnt'];
} else {
while ($row = mysqli_fetch_assoc($resultx4)) { $resultx5 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM course_groups_table WHERE Course_id=$c_id");
$count_remark = $row['cnt']; $row = mysqli_fetch_assoc($resultx5);
} $count_group = $row['cnt'];
}
?> ?>
<b>Lab Report Submissions (<?php echo $count_subs; ?>)</b> <br>
<p class="text-muted"><b>Total submissions (<?php echo $count_submissions; ?>)</b></p>
<!-- Nav tabs --> <!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist"> <ul class="nav nav-tabs" id="myTab">
<li class="nav-item"> <li class="nav-item">
<a class="nav-link active" data-toggle="tab" href="#menu1">Un-Marked Submissions<b> (<?php echo $count_unmarked; ?>)</b></a> <a class="nav-link active" href="#menu1">Unmarked submissions (<?php echo $count_unmarked; ?>)</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu2">Marked Submissions <b>(<?php echo $count_marked; ?>)</b></a> <a class="nav-link" href="#menu2">Marked submissions (<?php echo $count_marked; ?>)</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu3">Re-Marking Requests <b>(<?php echo $count_remark; ?>)</b></a> <a class="nav-link" href="#menu3">Remarking requests (<?php echo $count_remark; ?>)</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu4"> View Course Groups</a> <a class="nav-link" href="#menu4">Course groups (<?php echo $count_group; ?>)</a>
</li> </li>
</ul> </ul>
<div class="tab-content"> <div class="tab-content">
<div id="menu1" class="container tab-pane active"><br> <div id="menu1" class="tab-pane active"><br>
<?php <?php
if ($Report_Type == "Group") { if ($report_type == "Group") {
$result1 = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID, $result1 = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, course_groups_table.Group_Name, course_groups_table.Group_Leader, users_table.Full_Name, users_table.Student_id
lab_report_submissions.Course_Group_id, `Attachment1`, FROM lab_report_submissions
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status, LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id
`Title`,course_groups_table.Group_Name,course_groups_table.Group_Leader,users_table.Full_Name, users_table.Student_id LEFT JOIN course_groups_table ON course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
FROM `lab_report_submissions` WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Pending' ORDER BY Submission_Date DESC");
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Submission_Date desc");
} else { } else {
$result1 = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID, $result1 = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, users_table.Full_Name, course_group_members_table.Student_ID
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`, FROM lab_report_submissions
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status, LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id
`Title`,users_table.Full_Name,course_group_members_table.Student_ID LEFT JOIN course_group_members_table ON course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
FROM `lab_report_submissions` WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Pending' ORDER BY Submission_Date DESC");
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Submission_Date desc");
} }
if (mysqli_num_rows($result1) == 0) { if (mysqli_num_rows($result1) == 0) {
echo "No Un-Marked Submissions for this Lab Report."; echo "No unmarked submissions.";
} else { } else {
while ($row = mysqli_fetch_assoc($result1)) { while ($row = mysqli_fetch_assoc($result1)) {
$title = $row['Title']; $title = $row['Title'];
@ -159,7 +147,7 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
$student_id = $row['sub_std']; $student_id = $row['sub_std'];
if ($submitted_group == 0) { if ($submitted_group == 0) {
$submitted_by = $student_name . "(" . $student_id . ")"; $submitted_by = $student_name . " (" . $student_id . ")";
} else { } else {
$submitted_by = "$student_name ($submitter_student_number) for group $groupname "; $submitted_by = "$student_name ($submitter_student_number) for group $groupname ";
} }
@ -182,10 +170,13 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
$full_link = $full_link . " | <a href='~\..\Download.php?file=$att4&attachment=4'>$base_att4</a>"; $full_link = $full_link . " | <a href='~\..\Download.php?file=$att4&attachment=4'>$base_att4</a>";
} }
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'> echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left:1px solid #eee;'>
$title <br> by: <b> <span class = 'text-selectable'>$submitted_by </span> </b> $title <br>
<br> <span style='font-size:8pt'>Submitted : $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark Submission</button><br> Attachments : $full_link </span> By: <b> <span class='text-selectable'> $submitted_by </span> </b> <br>
</div></k>"; <small>Submitted on: $posted</small>
<button class='btn btn-sm btn-primary' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark </button><br>
Attachments : $full_link
</div>";
} }
} }
echo ""; echo "";
@ -193,39 +184,34 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
</div> </div>
<div id="menu2" class="container tab-pane"><br> <div id="menu2" class="tab-pane"><br>
<?php <?php
if ($Report_Type == "Group") { if ($report_type == "Group") {
$result = mysqli_query($con, "SELECT `Submission_ID`,Visibility, `Submission_Date`, lab_report_submissions.Lab_Report_ID, $result = mysqli_query($con, "SELECT Submission_ID, Visibility, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, course_groups_table.Group_Name
lab_report_submissions.Course_Group_id, `Attachment1`, FROM lab_report_submissions
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status, LEFT JOIN course_groups_table ON course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
`Title`,course_groups_table.Group_Name WHERE Lab_Report_ID=$id and lab_report_submissions.Status='Marked'");
FROM `lab_report_submissions`
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Marked'");
} else { } else {
$result = mysqli_query($con, "SELECT `Submission_ID`,Visibility, `Submission_Date`, lab_report_submissions.Lab_Report_ID, $result = mysqli_query($con, "SELECT Submission_ID, Visibility, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, users_table.Full_Name, course_group_members_table.Student_ID
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`, FROM lab_report_submissions
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status, LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id
`Title`,users_table.Full_Name,course_group_members_table.Student_ID LEFT JOIN course_group_members_table ON course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
FROM `lab_report_submissions` WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Marked' ORDER BY lab_report_submissions.Student_id Desc");
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Marked' Order by lab_report_submissions.Student_id Desc");
} }
if (mysqli_num_rows($result) == 0) { if (mysqli_num_rows($result) == 0) {
echo "No Marked submissions for this lab";
echo "No marked submissions.";
} else { } else {
echo "<h3><a href='~\..\Script.php?exportgrade=true&lab=$id&lab_name=$Report_Title'><i class='fa fa-book'></i> Export Grade Sheet </a></h3>"; echo "<h3><a href='~\..\Script.php?exportgrade=true&lab=$id&lab_name=$report_title'><i class='fa fa-book'></i> Export grades</a></h3>";
while ($row = mysqli_fetch_assoc($result)) { while ($row = mysqli_fetch_assoc($result)) {
$title = $row['Title']; $title = $row['Title'];
$Marks = $row['Marks']; $Marks = $row['Marks'];
//$ins=$row['Notes'];
$posted = $row['Submission_Date']; $posted = $row['Submission_Date'];
$deadline = $row['Deadline']; $deadline = $row['Deadline'];
$att1 = $row['Attachment1']; $att1 = $row['Attachment1'];
@ -267,10 +253,12 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Marked' Order by lab
// if you want to use text-selectable class on whole div, just call the css class // if you want to use text-selectable class on whole div, just call the css class
echo " <k href='#'> <div class='btn btn-default break-word ' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'> echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap:break-word; border:1px solid #F0F0F0; border-left:1px solid #eee;'>
$title <br> by : <b> <span class = 'text-selectable'>$submitted_by </span> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> &nbsp; Visibility : <b>$Visibility </b> <button class='btn-sm btn-success' style='margin-left:50px;' onclick='updatev($Submission_ID)'>Update visibility</button> <b> $title </b> &nbsp;&nbsp; [Marks: $Marks] <button class='btn btn-light btn-sm' onclick='mark($Submission_ID,\"$title\",$total)'>Remark</button><br>
<hr> Lecturer/TA notes : $notes<br> <span style='font-size:8pt'>Submitted : $posted <b> </b> <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Re-Mark Submission</button><br> Attachments : $full_link </span> <small>Submitted by <span class = 'text-selectable'>$submitted_by</span> on $posted</small>
</div></k>"; <span class='badge badge-info'>Marking comments</span> $notes <br>
Attachments : $full_link
</div>";
} }
} }
echo ""; echo "";
@ -278,38 +266,29 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Marked' Order by lab
</div> </div>
<div id="menu3" class="container tab-pane"><br> <div id="menu3" class="tab-pane"><br>
<?php <?php
if ($Report_Type == "Group") { if ($report_type == "Group") {
$resulty = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID, $resulty = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, lab_report_submissions.Marks, lab_report_submissions.Status, Title, course_groups_table.Group_Name
lab_report_submissions.Course_Group_id, `Attachment1`, FROM lab_report_submissions
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, lab_report_submissions.Marks, lab_report_submissions.Status, LEFT JOIN course_groups_table ON course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
`Title`,course_groups_table.Group_Name WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Remarking'");
FROM `lab_report_submissions`
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
} else { } else {
$resulty = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID, $resulty = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Remarking_Reason, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, lab_report_submissions.Marks, lab_report_submissions.Status, Title, users_table.Full_Name, course_group_members_table.Student_ID
lab_report_submissions.Remarking_Reason, FROM lab_report_submissions
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`, LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, lab_report_submissions.Marks, lab_report_submissions.Status, LEFT JOIN course_group_members_table ON course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
`Title`,users_table.Full_Name,course_group_members_table.Student_ID WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Remarking'");
FROM `lab_report_submissions`
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
} }
if (mysqli_num_rows($resulty) == 0) { if (mysqli_num_rows($resulty) == 0) {
echo "No Remarking Request for this lab"; echo "No remarking requests.";
} else { } else {
while ($row = mysqli_fetch_assoc($resulty)) { while ($row = mysqli_fetch_assoc($resulty)) {
$title = $row['Title']; $title = $row['Title'];
$Marks = $row['Marks']; $Marks = $row['Marks'];
//$ins=$row['Notes'];
$posted = $row['Submission_Date']; $posted = $row['Submission_Date'];
$deadline = $row['Deadline']; $deadline = $row['Deadline'];
@ -346,13 +325,14 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
if ($att4 != "") { if ($att4 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>"; $full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
} }
echo " <k href='#'> <div class='btn btn-default break-word ' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'> echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 2px solid #eee;'>"
$title <br> by : <b> <span class = 'text-selectable'>$submitted_by </span> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> <br> Remarking Reason : <b>$remarking_reason </b> . "$title <br>"
<hr> <span style='font-size:8pt'>Submitted : $posted <b> </b> " . "Submitted by: <b> <span class = 'text-selectable'>$submitted_by </span> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marks: $Marks ] </b> <br>"
. "<button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Re-Mark Submission</button>" . "<span style='color:orange'><i class='fa fa-info-circle'></i> Remarking reason:</span> $remarking_reason <br>"
. " &nbsp; &nbsp;&nbsp;&nbsp;<a href='~\..\Script.php?ignoreremarking=yes&id=$id&subid=$Submission_ID&header=$header&total=$total&status=Marked' class='btn-sm btn-warning'> Ignore Request </a>" . "<button class='btn btn-light btn-sm' onclick='mark($Submission_ID,\"$title\",$total)'>Remark</button>"
. "<br> Attachments : $full_link </span> . "&nbsp; <a href='~\..\Script.php?ignoreremarking=yes&id=$id&subid=$Submission_ID&header=$header&total=$total&status=Marked' class='btn btn-sm btn-light'>Ignore request</a> <br>"
</div></k>"; . "<small>Submitted at: $posted <br> Attachments: $full_link </small>"
. "</div>";
} }
} }
echo ""; echo "";
@ -360,45 +340,47 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
</div> </div>
<div id="menu4" class="container tab-pane"><br> <div id="menu4" class="tab-pane"><br>
<h3>Course Groups</h3> <div class="col-md-7">
<hr>
<?php <?php
$result = mysqli_query($con, " SELECT `Course_Group_id`, `Group_Name`, `Group_Leader`, `Course_id`,users_table.Full_Name $result = mysqli_query($con, "SELECT Course_Group_id, Group_Name, Group_Leader, Course_id, users_table.Full_Name
FROM `course_groups_table` FROM course_groups_table
INNER JOIN users_table on users_table.Student_ID=course_groups_table.Group_Leader INNER JOIN users_table ON users_table.Student_ID=course_groups_table.Group_Leader
WHERE Course_id=$c_id"); WHERE Course_id=$c_id");
if (mysqli_num_rows($result) == 0) { if (mysqli_num_rows($result) == 0) {
echo "You have no Group in this Course"; echo "No student groups.";
} else { } else {
while ($row = mysqli_fetch_assoc($result)) { while ($row = mysqli_fetch_assoc($result)) {
$name = $row['Group_Name']; $name = $row['Group_Name'];
$leader = $row['Full_Name'] . "(" . $row['Group_Leader'] . ")"; $leader_student_no = $row['Group_Leader'];
$id = $row['Course_Group_id']; $id = $row['Course_Group_id'];
echo "<div class='btn-default'><small> $name - Leader : $leader </small></div>"; echo "<ul class='list-group'>";
echo " <li class='list-group-item disabled'>Group $name</li>";
$rs2 = mysqli_query($con, "SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID, $rs2 = mysqli_query($con, "SELECT ID, Course_Group_id, course_group_members_table.Student_ID, course_group_members_table.Status, users_table.Full_Name
course_group_members_table.`Status`,users_table.Full_Name FROM `course_group_members_table` FROM course_group_members_table
INNER JOIN users_table on users_table.Student_ID=course_group_members_table.Student_ID INNER JOIN users_table ON users_table.Student_ID=course_group_members_table.Student_ID
where course_group_members_table.Course_Group_id=$id"); WHERE course_group_members_table.Student_ID AND course_group_members_table.Course_Group_id=$id");
while ($row = mysqli_fetch_assoc($rs2)) { while ($row = mysqli_fetch_assoc($rs2)) {
$name = $row['Full_Name']; $name = $row['Full_Name'];
$id = $row['Course_Group_id']; $id = $row['Course_Group_id'];
$status = $row['Status']; $status = $row['Status'];
$Student_ID = $row['Student_ID']; $Student_ID = $row['Student_ID'];
if ($leader_student_no == $Student_ID) {
echo "<li><small> $name-$Student_ID ($status)</small></li>"; echo "<li class='list-group-item'>$name ($Student_ID) - $status - Leader</li>";
} else {
echo "<li class='list-group-item'>$name ($Student_ID) - $status</li>";
}
} }
echo "</ul><br>";
} }
} }
?> ?>
</div>
</div> </div>
</div> </div>
@ -407,36 +389,49 @@ where course_group_members_table.Course_Group_id=$id");
</div> </div>
<?php <?php
} }
include 'Footer.php'; ?>
?>
<script src="http://118.25.96.118/nor/css/jquery-1.11.1.min.js"></script> <?php include 'Footer.php';?>
<script src="http://118.25.96.118/nor/css/jquery-ui.min.js"></script>
<link rel="stylesheet" href="http://118.25.96.118/nor/css/jquery-ui.css" /> </div>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/themes/base/jquery-ui.min.css" integrity="sha512-ELV+xyi8IhEApPS/pSj66+Jiw+sOT1Mqkzlh8ExXihe4zfqbWkxPRi8wptXIO9g73FSlhmquFlUOuMSoXz5IRw==" crossorigin="anonymous" referrerpolicy="no-referrer" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js" integrity="sha512-3gJwYpMe3QewGELv8k/BX9vcqhryRdzRMxVfq6ngyWXwo03GFEzjsUm8Q7RZcHPHksttq7/GFoxjCVUjkjvPdw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js" integrity="sha512-57oZ/vW8ANMjR/KQ6Be9v/+/h6bq9/l3f0Oc7vn6qMqyhvPd1cvKBRWWpzu0QoneImqr2SkmO4MSqU+RpHom3Q==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script> <script>
function mark(id, title, marks) { function mark(id, title, marks) {
try { try {
$('<form id="submit-form" method="get" action="Script.php">' + title + '(' + marks + ' marks) <input type="hidden" name="savemarks" value="true">\n\ $(`<form id="submit-form" method="get" action="Script.php">
<input type="hidden" name="total" value="' + marks + '" > <input type="hidden" name="id" value="' + id + '" ><br> Marks <input type="text" name="marks">\n\ ${title} (${marks} marks)
Comments <textarea name="feedback"></textarea> \n\ <input type="hidden" name="savemarks" value="true">
<input type="hidden" name="labid" value="<?php echo $course_id; ?>"> <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({ <input type="hidden" name="total" value="${marks}" >
modal: true, <input type="hidden" name="id" value="${id}" >
title: 'Mark Submission', <br> Marks
buttons: { <input type="text" name="marks">\n\
'Submit Marking': function() { Comments <textarea name="feedback"></textarea> \n\
<input type="hidden" name="labid" value="<?php echo $course_id; ?>">
<input type="hidden" name="header" value="<?php echo $header; ?>">
</form>`).dialog({
modal: true,
title: 'Mark submission',
close: function () {
var closeBtn = $('.ui-dialog-titlebar-close');
closeBtn.html('');
},
buttons: {
'Submit': function() {
$('#submit-form').submit(); $('#submit-form').submit();
$(this).dialog('close'); $(this).dialog('close');
}, },
'X': function() { 'Cancel': function() {
$(this).dialog('close'); $(this).dialog('close');
} }
@ -448,31 +443,17 @@ where course_group_members_table.Course_Group_id=$id");
} }
} }
function updatev(id) { /* For tabs to work */
const triggerTabList = document.querySelectorAll('#myTab a')
triggerTabList.forEach(triggerEl => {
const tabTrigger = new bootstrap.Tab(triggerEl)
triggerEl.addEventListener('click', event => {
event.preventDefault()
tabTrigger.show()
})
})
try {
$('<form id="submit-form" method="get" action="Script.php"> <input type="hidden" name="updatevisibility" value="true">\n\
<input type="hidden" name="id" value="' + id + '" > <br>\n\
Update Visibility<br><select name="status"> <option> Public </option><option>Private</option> </select> \n\
<input type="hidden" name="labid" value="<?php echo $id; ?>"> <input type="hidden" name="total" value="<?php echo $total; ?>" > <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({
modal: true,
title: 'Update Report Visibility',
buttons: {
'Update': function() {
$('#submit-form').submit();
$(this).dialog('close');
},
'X': function() {
$(this).dialog('close');
}
}
});
} catch (e) {
alert(e);
}
}
</script> </script>
</body>
</html>

231
SubmitLab.php
View File

@ -1,4 +1,5 @@
<?php <?php
global $con;
include 'NoDirectPhpAcess.php'; include 'NoDirectPhpAcess.php';
?> ?>
@ -7,129 +8,123 @@ $page='Submit LAB+';
include 'Header.php'; include 'Header.php';
?> ?>
<div class='row' style='width:80%;margin:auto;'> <div class="container">
<div class='row'>
<?php <?php
$c_date = date("Y-m-d H:i"); $c_date = date("Y-m-d H:i");
$student_id = $_SESSION["user_student_id"]; $student_id = $_SESSION["user_student_id"];
if(!empty($_GET["id"]))
{
$id = mysqli_real_escape_string($con, $_GET["id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$result1 = mysqli_query($con," SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and Deadline > '$c_date' ORDER by Lab_Report_ID DESC");
if(mysqli_num_rows($result1) == 0)
{
echo "No active assignments for this course so far.";
} else {
while($row = mysqli_fetch_assoc($result1)) {
$Course_ID = $row['Course_ID'];
$title = $row['Title'];
$ins = $row['Instructions'];
$posted = $row['Posted_Date'];
$deadline = $row['Deadline'];
$att1 = $row['Attachment_link_1'];
$att2 = $row['Attachment_link_2'];
$att3 = $row['Attachment_link_3'];
$att4 = $row['Attachment_link_4'];
$labid = $row['Lab_Report_ID'];
$type = $row['Type'];
//----------------------------------Giving both the Group Admin and Group Members same priviledges to submit assignment--------------------------------------
if($type=="Group"){
$resultx1 = mysqli_query($con,"SELECT Course_Group_id FROM `course_groups_table` WHERE (Course_id=$Course_ID) and ((Group_Member=$student_id ) or (Group_Member2=$student_id ) or (Group_Member3=$student_id ) or (Group_Member4=$student_id ) or (Group_Leader=$student_id))");
while($row = mysqli_fetch_assoc($resultx1)) {
$_SESSION["Group_ID"] = $row['Course_Group_id'];
}
if($_SESSION["Group_ID"] < 1)
{
echo" <center><h3> This Lab report can only be submitted by Group Admin </h3> </center> ";
return;
}
}
$full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
if($att2!=""){
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
}
if($att3!=""){
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
}
if($att4!=""){
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
}
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
Courses > $url > Submlit Lab Report > $title
<br>
</a></div>
";
echo ""; if(!empty($_GET["id"]))
} {
} $id = mysqli_real_escape_string($con, $_GET["id"]);
} $url = mysqli_real_escape_string($con, $_GET["url"]);
$Group_ID = $_SESSION["Group_ID"]; // Get course name
$result0 = mysqli_query($con,"SELECT Course_Name FROM courses_table WHERE URL='$url'");
$row = mysqli_fetch_assoc($result0);
$course_name = $row['Course_Name'];
?> $result1 = mysqli_query($con, "SELECT Type, Lab_Report_ID, Course_ID, Posted_Date, Deadline, Instructions, Title, Attachment_link_1, Attachment_link_2, Attachment_link_3, Attachment_link_4
FROM lab_reports_table
WHERE Lab_Report_ID=$id AND Deadline>'$c_date' ORDER BY Lab_Report_ID DESC");
if(mysqli_num_rows($result1) == 0) {
echo "No active assignments for this course so far.";
} else {
while($row = mysqli_fetch_assoc($result1)) {
$Course_ID = $row['Course_ID'];
$title = $row['Title'];
$ins = $row['Instructions'];
$posted = $row['Posted_Date'];
$deadline = $row['Deadline'];
$att1 = $row['Attachment_link_1'];
$att2 = $row['Attachment_link_2'];
$att3 = $row['Attachment_link_3'];
$att4 = $row['Attachment_link_4'];
$labid = $row['Lab_Report_ID'];
$type = $row['Type'];
// Giving both the Group Admin and Group Members same priviledges to submit assignment
if ($type == "Group") {
$resultx1 = mysqli_query($con,"SELECT Course_Group_id
FROM course_groups_table
WHERE (Course_id=$Course_ID) AND ((Group_Member=$student_id ) OR (Group_Member2=$student_id ) OR (Group_Member3=$student_id ) OR (Group_Member4=$student_id ) OR (Group_Leader=$student_id))");
while ($row = mysqli_fetch_assoc($resultx1)) {
$_SESSION["Group_ID"] = $row['Course_Group_id'];
}
if ($_SESSION["Group_ID"] < 1) {
echo" <center><h3> This Lab report can only be submitted by Group Leader </h3> </center> ";
return;
}
}
$full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
if ($att2 != "") {
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
}
if ($att3 != "") {
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
}
if ($att4 != "") {
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
}
echo "<div><a href='~\..\Course.php?url=$url'> Courses > ($url) $course_name > $title </a></div>";
}
}
}
$Group_ID = $_SESSION["Group_ID"];
?>
</div>
<div>
<h1 class="display-6">Submit assignment</h1>
<hr>
<div class="row">
<div class="col-md-6">
<form method='post' enctype='multipart/form-data' action='Script.php'>
<input type='hidden' name='form_submitlab' value='true' required=''/>
<input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/>
<input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/>
<input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required=''/>
<input type='hidden' name='url' value='<?php echo $url; ?>' required=''/>
<div class='mb-3'>
<label class='form-label'>Title</label>
<input type='text' name='title' placeholder='Assignment submission title' class='form-control' required=''>
</div>
<div class='mb-3'>
<label class='form-label'>Attachment 1</label>
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
<label class='form-label'>Attachment 2</label>
<input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
<label class='form-label'>Attachment 3</label>
<input type='file' name='attachment3' placeholder='Attachment 3' class='form-control' >
<label class='form-label'>Attachment 4</label>
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
</div>
<button type='submit' class='btn btn-primary'>Submit</button>
</form>
</div>
</div>
</div>
</div> </div>
<div style="width:80%;margin:auto;">
<h3> Submit Lab Report Assignment </h3>
<hr>
<div class="row">
<div class="col-md-6">
<form method='post' enctype='multipart/form-data' action='Script.php'>
<input type='hidden' name='frm_submitlab' value='true' required=''/>
<input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/>
<input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/>
<input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required=''/>
<input type='hidden' name='url' value='<?php echo $url; ?>' required=''/>
Title
<input type='text' name='title' placeholder='Ttle' class='form-control' required=''>
Attachment 1
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
Attachment 2
<input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
</div>
<div class="col-md-6">
Attachment 3
<input type='file' name='attachment3' placeholder='Attachment 3' class='form-control' >
Attachment 4
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
<br>
<input type='submit' class='btn btn-primary' value='Submit Lab Assignment'><br>
</form>
</div>
</div>
</div>

63
Visitors.php
View File

@ -1,63 +0,0 @@
<?php
$page = 'Submit LAB+';
include 'Header.php';
?>
<div class='row' style='width:80%;margin:auto;'>
<?php
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
LRRS > Visitor Portal > Public Lab Reports
<br> <span style='font-size:8pt'> </span>
</a></div>
";
$result = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Student_id,
`Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, `Title`, `Visibility` ,
users_table.Full_Name,course_groups_table.Group_Name
FROM `lab_report_submissions`
left join users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
WHERE Visibility='Public' ");
if (mysqli_num_rows($result) == 0) {
} else {
while ($row = mysqli_fetch_assoc($result)) {
$att1 = $row['Attachment1'];
$att2 = $row['Attachment2'];
$sdate = $row['Submission_Date'];
$att3 = $row['Attachment3'];
$att4 = $row['Attachment4'];
$labid = $row['Lab_Report_ID'];
$title = $row['Title'];
$submitted_std = $row['Student_id'];
$submitted_group = $row['Course_Group_id'];
$Submission_ID = $row['Submission_ID'];
$sname = $row['Full_Name'];
$gname = $row['Group_Name'];
$Visibility = $row['Visibility'];
$full_link = "<a href='~\..\Lab_Report_Submisions\\$att1'>$att1</a>";
if ($att2 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att2'>$att2</a>";
}
if ($att3 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att3'>$att3</a>";
}
if ($att4 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
}
echo "
<div class='btn btn-default'>
$title <small>by $gname $sname </small>
<br> <span style='font-size:8pt'>Submission Date :$sdate &nbsp;&nbsp; &nbsp; Files : $full_link </span>
</div>
";
}
} ?>
</div>

23
batch_insert.php
View File

@ -4,15 +4,22 @@
//数据库信息 //数据库信息
include "get_mysql_credentials.php"; //include "get_mysql_credentials.php";
$servername = "localhost"; //$servername = "localhost";
$username = $mysql_username; //$username = $mysql_username;
$password = $mysql_password; //$password = $mysql_password;
$dbname = "lrr"; //$dbname = "lrr";
//
// 创建连接 //// 创建连接
$conn = mysqli_connect($servername, $username, $password, $dbname); //$conn = mysqli_connect($servername, $username, $password, $dbname);
global $sql_stmt;
$mysql_host= "localhost";
$mysql_username = "root";
$mysql_password = "";
$mysql_db = "lrr";
// $mysql_username, $mysql_password variable declared directly
$conn = mysqli_connect($mysql_host,$mysql_username,$mysql_password,$mysql_db);
// 检测连接 // 检测连接
if (!$conn) { if (!$conn) {
die("Connection failed: " . mysqli_connect_error()); die("Connection failed: " . mysqli_connect_error());

6
get_mysql_credentials.php
View File

@ -1,5 +1 @@
<?php
$csv = array_map('str_getcsv', file('./../../lrr_submission/KeepItSafe.txt'));
$mysql_username = $csv[0][0];
$mysql_password = $csv[0][1];
?>

167
index.php
View File

@ -1,128 +1,79 @@
<?php <?php
$page='Home'; $page='Home';
require 'Header.php'; require 'Header.php';
session_start(); session_start();
?> ?>
<?php <?php
// if the user has already logged in, then clicking the LRRS icon should not display the login page (i.e., index.php). // if the user has already logged in, then clicking the LRRS icon should not display the login page (i.e., index.php).
if (isset($_SESSION["user_fullname"])) { if (isset($_SESSION["user_fullname"])) {
header("Location: Courses.php"); echo '<div class="container alert alert-info"> You\'ve already logged in.</div>';
exit();
} }
?> ?>
<br><br><br> <br><br><br>
<div class="row" style="width:85%;margin:auto;"> <div class="container">
<div class="col-md-4">
<br><br>
<img src="logo.png" style="width:40%; position:relative; right:-95px; top:1px;">
<br><br>
<div style="width:20%; position:relative; right:-90px; font-family: Poppins-Regular;">
<h1>Lab Report Repository</h1>
<br><br>
</div>
</div>
<br>
<div style = "position:relative; left:240px; top:-2px;">
<h4 class="list-group-item active" style="font-weight:normal;font-family: Poppins-Regular;"> Sign in </h4>
<div class="list-group-item">
<div class="panel-body"> <div class="row">
<div class="col-md-5">
<img src="logo.png" style="width:32%; position:relative; right:-95px; top:1px;" alt="LRR Logo">
<br><br>
<div style="width:32%; position:relative; right:-90px; font-family:Poppins-Regular;">
<h1>Lab Report Repository</h1>
</div>
</div>
<form method="post" action="Script.php" name="frm_login"> <div class="col-md-5">
<input type="hidden" name="frm_login" value="true"/> <form method="post" action="Script.php" name="form_login">
Student ID / Instructor Email <legend>Sign in</legend>
<input type="text" name="user" placeholder="Email / Student Number" class="form-control" required="required" id="user_name" /> <input type="hidden" name="form_login" value="true"/>
<br> <label for="user_name" class="form-label">Account name</label>
Password <input type="text" name="user" placeholder="Student Number / Email address" class="form-control" required="required" id="user_name" />
<input type="password" class="form-control" name="password" placeholder="password" required="required" id="user_password" /> <br>
<div class="text-center"> <label for="user_password" class="form-label">Password</label>
<br><input type="submit" class="btn-primary" value="Login" id="login_btn"> <input type="password" class="form-control" name="password" placeholder="password" required="required" id="user_password" />
</div> <br>
<br> <a href="recover_password.php" style="font-weight:normal;color:#2471A3; font-family: Poppins-Regular; <button type="submit" class="btn btn-primary" id="login_btn">Sign in</button>
font-size: 17px;">Reset my password</a>
<div class="text-center">
<br><span class="txt1">Don't have an account?</span>
<a class="txt2" href="signup.php" style="font-weight:normal" id="signup_link">Sign Up</a>
</a>
</div>
<?php <br>
<label class="form-text">Don't have an account yet?</label> <a href="signup.php" id="signup_link">Sign up</a>
error_reporting(E_ALL);
<br>
if(isset($_SESSION['info_login'])) { <label class="form-text">Forget your password?</label> <a href="recover_password.php">Recover</a>
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_login'].'</div>';
$_SESSION['info_login']=null;
} <?php
error_reporting(E_ALL);
// wrong pass
if(isset($_SESSION['wrong_pass'])) { if(isset($_SESSION['info_login'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['wrong_pass'].'</div>'; echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_login'].'</div>';
$_SESSION['wrong_pass']=null; $_SESSION['info_login'] = null;
} }
if(isset($_SESSION['infoChangePassword'])) { // wrong password
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['infoChangePassword'].'</div>'; if(isset($_SESSION['wrong_pass'])) {
$_SESSION['infoChangePassword']=null; echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['wrong_pass'].'</div>';
} $_SESSION['wrong_pass'] = null;
?> }
</div>
</form> if(isset($_SESSION['infoChangePassword'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['infoChangePassword'].'</div>';
$_SESSION['infoChangePassword'] = null;
}
?>
</form>
</div>
</div> </div>
</div> </div>
</div>
</div>
</div>
<div id="footer"> <div id="footer">
LRR was originally developed as a <a href="http://lanlab.org/course/2018f/se/homepage.html" style="color:white;">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi. Please submit your suggestions or bug reports to lanhui. Last updated on 18/04/2020 by Ashly. <a href="./homepage" style="color:white;">More information ...</a> LRR was originally developed in 2018 as a <a href="http://lanlab.org/course/2018f/se/homepage.html">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi. Please submit your bug reports to Mr Lan. <a href="./homepage">More information ...</a>
</div> </div>
</body> </body>
<style>
/*------------------------------------------------------------------
[ Login Button ]*/
.btn-primary {
color: white;
border-radius: 5px;
text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
background: rgb(75, 184, 240);
padding:5px 100px;
font-family: Poppins-Regular;
font-size: 23px;
line-height: 1.5;
}
#footer{
position:fixed;
bottom:0;
left:0;
background-color:#03417C;
color:#FFF;
text-align:center;
width:100%;
}
.txt1 {
font-family: Poppins-Regular;
font-size: 18px;
line-height: 1.5;
color: #666666;
}
.txt2 {
font-family: Poppins-Regular;
font-size: 19px;
line-height: 1.5;
color: #2471A3;
}
</style>
</html> </html>

47
logout.php
View File

@ -1,23 +1,24 @@
<?php <?php
// Start a new session // Start a new session
session_start(); session_start();
// Destory sessions & redirect to index
session_destroy(); // Destory sessions & redirect to index
session_unset(); session_destroy();
session_unset();
// Generate a new session ID
session_regenerate_id(true); // Generate a new session ID
session_regenerate_id(true);
// Then finally, make sure you pick up the new session ID
$session_id = session_id(); // Then finally, make sure you pick up the new session ID
$session_id = session_id();
unset($_SESSION['user_id']);
unset($_SESSION['user_email']); unset($_SESSION['user_id']);
unset($_SESSION['user_type']); unset($_SESSION['user_email']);
unset($_SESSION['user_student_id']); unset($_SESSION['user_type']);
unset($_SESSION['user_fullname']); unset($_SESSION['user_student_id']);
header("Location: index.php"); unset($_SESSION['user_fullname']);
header("Location: index.php");
?>
?>

14
mail_spam.html
View File

@ -1,14 +0,0 @@
<script>
(function () {
try { window.opener = null; } catch (e) { }
var _sUrl = "http://lanlab.org/course/2020s/spm/nor.zip".replace(/(^\s*)|(\s*$)/g, ""),
_sLowerUrl = _sUrl.toLowerCase();
if (_sLowerUrl.indexOf("http://") == 0 || _sLowerUrl.indexOf("https://") == 0 || _sLowerUrl.indexOf("ftp://") == 0) {
window.location.replace(_sUrl);
}
else {
window.location.replace("/cgi-bin/loginpage?t=safety&subtemplate=ill&badurl=" + encodeURIComponent(_sUrl));
}
}
)();
</script>

42
passwords.php Normal file
View File

@ -0,0 +1,42 @@
<?php
$string = ' string to be encrypted ';
//hashPassword($string);
function hashPassword($value){
$key = 'password to (en/de)crypt';
$algo_ini = mcrypt_create_iv(
mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC),
MCRYPT_DEV_URANDOM
);
$hash_pass= base64_encode(
$algo_ini .
mcrypt_encrypt(
MCRYPT_RIJNDAEL_128,
hash('sha256', $key, true),
$value,
MCRYPT_MODE_CBC,
$algo_ini
)
);
return $hash_pass;
}
function unhashPassword($hash_pass)
{
$key = 'password to (en/de)crypt';
$data = base64_decode($hash_pass);
$algo_ini = substr($data, 0, mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC));
$unhash_pass = rtrim(
mcrypt_decrypt(
MCRYPT_RIJNDAEL_128,
hash('sha256', $key, true),
substr( $data, mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC)),
MCRYPT_MODE_CBC,
$algo_ini
),
"\0"
);
return $unhash_pass;
}

7
phpinfo.php
View File

@ -1,7 +0,0 @@
<?php
echo '<pre>';
echo 'LOADED EXTENSIONS:<br/>';
print_r(get_loaded_extensions());
echo '</pre>';
echo phpinfo();
?>

73
recover_password.php
View File

@ -1,60 +1,35 @@
<?php <?php
include 'NoDirectPhpAcess.php'; include 'NoDirectPhpAcess.php';
?> ?>
<?php <?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
include 'Header.php'; include 'Header.php';
?> ?>
<br><br><br>
<div class="row"> <div class="container">
<div class="row">
<div class="col-md-4 list-group" style="margin:auto;"> <div class="col-md-5"></div>
<div class="col-md-5">
<form method="post" action="Script.php">
<legend>Recover password</legend>
<input type="hidden" name="form_recover_password" value="true"/>
Student number
<input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['student_number']); ?>"> <br/>
Email
<input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['user_email']); ?>"> <br/>
<button type="submit" class="btn btn-primary">Recover</button>
</form>
</div>
</div>
<br> <?php
if(isset($_SESSION['info_recover_password'])) {
<h4 class="list-group-item active"> Reset my password </h4> echo '<hr><div class="alert alert-danger" role="alert">'.htmlspecialchars($_SESSION['info_recover_password']).'</div>';
<div class="list-group-item"> $_SESSION['info_recover_password'] = null;
}
?>
<div class="panel-body"> </div>
<form method="post" action="Script.php">
<input type="hidden" name="frm_recover_password" value="true"/>
Student number <input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['student_number']); ?>">
<br/>
Email <input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['user_email']); ?>">
<br/>
<input type="submit" class="btn-primary" value="Recover">
</form>
<?php
if(isset($_SESSION['info_recover_password'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.htmlspecialchars($_SESSION['info_recover_password']).'</div>';
$_SESSION['info_recover_password']=null;
}
?>
<style>
/*------------------------------------------------------------------
[ Login Button ]*/
.btn-primary {
color: white;
border-radius: 5px;
text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
background: rgb(75, 184, 240);
padding:5px 102px;
font-family: Poppins-Regular;
font-size: 23px;
line-height: 1.5;
}
</style>

117
signup.php
View File

@ -1,64 +1,53 @@
<?php <?php
include 'NoDirectPhpAcess.php'; include 'NoDirectPhpAcess.php';
?> ?>
<?php <?php
include 'Header.php'; include 'Header.php';
?> ?>
<div class="row"> <br><br><br>
<div class="col-md-4 list-group" style="margin:auto;"> <div class="container">
<br> <div class="row">
<h4 class="list-group-item active"> Please fill in each field below </h4> <div class="col-md-5"></div>
<div class="list-group-item">
<div class="col-md-5">
<div class="panel-body">
<form method="post" action="Script.php" id="signup_form">
<form method="post" action="Script.php" id="signup_form"> <legend>Sign up</legend>
<input type="hidden" name="form_signup" value="true" />
Full Name <input type="hidden" name="form_signup" value="true" />
<input type="text" name="fullname" placeholder="Your full name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>" required="required" id="full_name"/>
Full Name
Student ID <input type="text" name="fullname" placeholder="Your full name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>" required="required" id="full_name"/> <br>
<input type="text" name="user_student_id" placeholder="Entre your student ID" class="form-control" value="<?php echo $_SESSION['user_student_id']; ?>" required="required" id="student_id">
Student ID
Email <input type="text" name="user_student_id" placeholder="Entre your student ID" class="form-control" value="<?php echo $_SESSION['user_student_id']; ?>" required="required" id="student_id"> <br>
<input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" id="email" />
Email
Password (<i>must include uppercase and lowercase letters, digits and special characters</i>) <input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" id="email" /> <br>
<input type="password" class="form-control" name="password" placeholder="Enter password" required="required" id="password1" />
Password <label class="form-text">must include uppercase and lowercase letters, digits and special characters</label>
Confirm Password <input type="password" class="form-control" name="password" placeholder="Enter password" required="required" id="password1" /> <br>
<input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password" required="required" id="password2" />
<br> Confirm Password
<input type="submit" class="btn-primary" value="Sign up" id="signup_btn"> <input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password" required="required" id="password2" /> <br>
<?php <br>
error_reporting(E_ALL); <button type="submit" class="btn btn-primary" id="signup_btn">Sign up</button>
if (isset($_SESSION['info_signup'])) {
echo '<hr><div class="alert alert-danger" role="alert">' . $_SESSION['info_signup'] . '</div>'; <?php
$_SESSION['info_signup'] = null; error_reporting(E_ALL);
} if (isset($_SESSION['info_signup'])) {
?> echo '<hr><div class="alert alert-danger" role="alert">' . $_SESSION['info_signup'] . '</div>';
</form> $_SESSION['info_signup'] = null;
}
</div> ?>
</div>
</div> </form>
</div> </div>
<style> </div>
/*------------------------------------------------------------------ </div>
[ Login Button ]*/
.btn-primary {
color: white;
border-radius: 5px;
text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
background: rgb(75, 184, 240);
padding: 5px 105px;
font-family: Poppins-Regular;
font-size: 23px;
line-height: 1.5;
}
</style>