diff --git a/Admin.php b/Admin.php new file mode 100644 index 0000000..3c6ca89 --- /dev/null +++ b/Admin.php @@ -0,0 +1,335 @@ + + + + +
+

Administration Panel

+ +
+
+ + + + +
+

User account Management

+ + Lecturer / TA Accounts
+ + + + + + +
+ + + + +
+

+ + Create Lecturer/TA Accounts +
+ + Full_Name + +Email + + + Passport_Number / ID (Used as Intial Password) + +
User Type : + Lecturer + T/A +
+'; + $_SESSION['info_Admin_Users']=null; +} +if(isset($_SESSION['info_Admin_Users'])) { + echo '
'; + $_SESSION['info_Admin_Users']=null; +} + +?> + +
+ +
+ + + +
+ + + + + + +
+
+ + +
+ +
+ + + +
+ + + + +
+ + + + + +
+ + +
+ + + + + + \ No newline at end of file diff --git a/Connect.php b/Connect.php new file mode 100644 index 0000000..d82d890 --- /dev/null +++ b/Connect.php @@ -0,0 +1,23 @@ +connect_error) { + die("Database Connection failed: " . $conn->connect_error); +} +// else +// { + +// echo "Connected"; +// } +session_start(); \ No newline at end of file diff --git a/Course.php b/Course.php new file mode 100644 index 0000000..d0a61cf --- /dev/null +++ b/Course.php @@ -0,0 +1,760 @@ + + + Courses > $name ($code) > Lab Reports +
Faculty : $faculty Year : $academic Lecturer :$lecturer + + +
+ "; + + }} + } +?> +
+ + '; + $_SESSION['info_ReMarking']=null; +} + + if (isset($_SESSION['info_courses'])) { + echo '
'; + $_SESSION['info_courses']=null; +} + ?> + +
+ + + + +
+ +
+ + + +
+ + + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+

Class Groups

+ + Create Group"; + + ?> + + + +
+ Invite Others"; + + if($status=="Invited") + { + $extra2=" Accept"; + $extra3=" Decline"; + + } + echo "
$name ($status) $extra $extra2 $extra3
"; + + $rs2=mysqli_query($con,"SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID, + course_group_members_table.`Status`,users_table.Full_Name FROM `course_group_members_table` +INNER JOIN users_table on users_table.Student_ID=course_group_members_table.Student_ID +where course_group_members_table.Course_Group_id=$id"); + + while($row = mysqli_fetch_assoc($rs2)) { + $name=$row['Full_Name']; + $id=$row['Course_Group_id']; + $status=$row['Status']; + $Student_ID=$row['Student_ID']; + + + echo "
  • $name-$Student_ID ($status)
    • "; + + } + + + + + + + + } + } + ?> + + + + + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + + + + + + + + + + + diff --git a/Courses.php b/Courses.php new file mode 100644 index 0000000..8adb6dd --- /dev/null +++ b/Courses.php @@ -0,0 +1,825 @@ + + + + + + + + + + +
    + + + + + + + + + + +
    + ($code) - $name +
    Faculty : $faculty Year : $academic Lecturer :$lecturer +
     +
    + "; + + echo "
    "; + + + + if( $_SESSION['user_type']=="Lecturer"){ + echo "

    Post new Lab Assignment

    + + + + + Dealine Date/Time +
    +
    +
    +
    + +Title + + Instructions + +Marks + + Attachment 1 + + + Attachment 2 + + + Attachment 3 + + + + Attachment 4 + +
    +Submission Type Invidual + + Group +
    +
    +




    + "; + + } + } + } + echo "
    "; + + echo "

    Lab Report Assignment list

    "; + + error_reporting(0); +if (isset($_SESSION['info_courses'])) { + echo '
    '; + $_SESSION['info_courses'] = null; +} +if (isset($_SESSION['info_courses'])) { + echo '
    '; + $_SESSION['info_courses']=null; +} + + + + + $result = mysqli_query($con," SELECT `Lab_Report_ID`,Type,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, " + . "`Attachment_link_4` FROM `lab_reports_table` WHERE Course_ID=$id ORDER by Lab_Report_ID DESC"); + + + if( $_SESSION['user_type']=="TA") + { + echo "* Only Lecturers can Post new Lab report Assignments
    "; + } + if(mysqli_num_rows($result)==0) + { + echo "No assignments posted so far."; + + } else { while($row = mysqli_fetch_assoc($result)) { + $marks=$row['Marks']; + $title=$row['Title']; + $ins=$row['Instructions']; + $posted=$row['Posted_Date']; + $deadline=$row['Deadline']; + $att1=$row['Attachment_link_1']; + $att2=$row['Attachment_link_2']; + $att3=$row['Attachment_link_3']; + $att4=$row['Attachment_link_4']; + $id=$row['Lab_Report_ID']; + $as_type=$row['Type']; + $full_link="$att1"; + + if($att2!=""){ + $full_link= $full_link."  |  $att2"; + } + if($att3!=""){ + $full_link= $full_link."  |  $att3"; + } + + if($att4!=""){ + $full_link= $full_link."   |   $att4"; + } + + + + + $resultx1 = mysqli_query($con,"Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id"); + while($row = mysqli_fetch_assoc($resultx1)) {$count_subs=$row['cnt'];} + + $resultx2 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Marks is not null"); + if(mysqli_num_rows($resultx2)==0){$count_marked=0;} else { while($row = mysqli_fetch_assoc($resultx2)) {$count_marked =$row['cnt'];}} + + + $header="Courses > ".$name."($code) > Assignments > ".$title; + + echo "
    + $title ($as_type)
    $ins +
    Posted : $posted Deadline : $deadline   ($marks Marks)           " + . "
    " + + . "    $count_subs Submissions ( $count_marked Marked )        View    |   Extend Deadline
    Attachments : $full_link     " + . "  
    + "; + + + + }} + echo "
    "; + + + + + + $resultx1 = mysqli_query($con,"SELECT course_students_table.Student_ID,users_table.Full_Name FROM +`course_students_table` +INNER JOIN users_table on users_table.Student_ID=course_students_table.Student_ID +WHERE Course_ID=$course_id"); + + + echo ""; + + + + + return; + + } + + ?> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + + + Course Portal > $user_name (Lecturer) > Course Listing +
    +
    + "; + + + $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, " + . "`Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID where courses_table.Lecturer_User_ID=$user_d"); + + if($_SESSION['user_type']=="TA") + { + $result = mysqli_query($con,"SELECT course_ta.Course_ID, `Course_Name`, + `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table` +INNER JOIN +course_ta ON course_ta.Course_ID=courses_table.Course_ID where course_ta.TA=$user_d"); + + } + // $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID"); + + + if(mysqli_num_rows($result)==0) + {} else { while($row = mysqli_fetch_assoc($result)) { + $id=$row['Course_ID']; + $name=$row['Course_Name']; + $code=$row['Course_Code']; + $faculty=$row['Faculty']; + $lecturer=$row['Full_Name']; + $academic=$row['Academic_Year']; + $url=$row['URL']; + + $resultTA = mysqli_query($con,"SELECT `Course_ID`, `TA`,users_table.Full_Name as TA_NAME FROM `course_ta` +INNER JOIN users_table on users_table.User_ID=course_ta.TA +where course_ta.Course_ID=$id"); + + $ta=""; + while($rowTA = mysqli_fetch_assoc($resultTA)) { + $ta=$ta." - ".$rowTA['TA_NAME']; + } + + + + echo" + +
    + ($code) - $name +
    Faculty : $faculty        Year : $academic        Lecturer :$lecturer        TA:$ta +
     + "; + + }}?> +
    +
    +
    + Course Joining Requests + + + + No Course joining request so far for all your courses
    "; + } else { while($row = mysqli_fetch_assoc($result)) { + $id=$row['ID']; + + $name=$row['Course_Name']; + $code=$row['Course_Code']; + $faculty=$row['Faculty']; + $std_name=$row['Full_Name']; + $academic=$row['Academic_Year']; + + echo "
    + $std_name is Requesting to join
    [($code) - $name ]     
    Accept +    Decline +
    "; + + + + } + } + ?> + + + + + + + Only Lecturers can Post new Lab report Assignments"; + } + if( $_SESSION['user_type']=="Lecturer"){ ?> + + Create new Course Portal + +
    + + + Course Name + + + Course Code + + +URL (Leave blank to use Course Code & Year) + + +Academic Year + + + Faculty
    + + + + + + +Verify Joining Students + Yes + No + +
    +
    + +
    + + + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    +
    +
    Course Portal > Students
    + ' . $_SESSION['info_Courses_student'] . ''; + $_SESSION['info_Courses_student'] = null; +} +?> +

    +
    +
    +
    + + + + + +
    +
    + + + + Search Results for Code : $search
    "; + $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`," + . " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` " + . " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table" + . " ON users_table.User_ID=courses_table.Lecturer_User_ID where Course_Code='$search' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)"); + } + else + { + echo "

    Find Courses under faculty $faculty

    "; + $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, + `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` + , users_table.Full_Name FROM `courses_table` INNER JOIN users_table + ON users_table.User_ID=courses_table.Lecturer_User_ID where Faculty='$faculty' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)"); + } + + + if(mysqli_num_rows($result)==0) + { +echo "No results found for your Search
    "; + + } else { while($row = mysqli_fetch_assoc($result)) { + $name=$row['Course_Name']; + $code=$row['Course_Code']; + $faculty=$row['Faculty']; + $lecturer=$row['Full_Name']; + $academic=$row['Academic_Year']; + $url=$row['URL']; + $id=$row['Course_ID']; + $v=$row['Verify_New_Members']; + $msg2="Join this Course"; + if($v>0) + { + $msg=" Lecturer Verification required"; + $msg2="Send Joining Request"; + } + + echo "
    + ($code) - $name
    ($url)
    $msg2 +
    Faculty : $faculty Year : $academic Lecturer :$lecturer
    $msg
    + "; + + + } + } + + + + + } + + + + + + + + + echo "

    My Courses

    "; + $result = mysqli_query($con,"SELECT users_table.Full_Name, course_students_table.Status, courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table` +INNER JOIN users_table + ON users_table.User_ID=courses_table.Lecturer_User_ID + +INNER JOIN course_students_table on course_students_table.Course_ID=courses_table.Course_ID + + where course_students_table.Student_ID=$student_id"); + + if(mysqli_num_rows($result)==0) + { + echo " You are not Enrolled in any Course"; + } else { while($row = mysqli_fetch_assoc($result)) { + $name=$row['Course_Name']; + $code=$row['Course_Code']; + $faculty=$row['Faculty']; + $lecturer=$row['Full_Name']; + $academic=$row['Academic_Year']; + $url=$row['URL']; + $id=$row['Course_ID']; + $Status=$row['Status']; + + if($Status=="Joined") + { + echo "
    + ($code) - $name
    ($url)     $Status          Open +
    Faculty : $faculty Year : $academic Lecturer :$lecturer
    + "; + } + else + { + echo "
    + ($code) - $name $Status +
    Faculty : $faculty Year : $academic Lecturer :$lecturer
    + "; + } + + + + + } + } + + + + + + + + + + + + + + + + + + + + + + + + + + + + echo "
    + +
    +
    +
    +
    Find course by Code + +
    +List courses by faculty + +
    + +
    +

    + +
    + +
    +
    + + + + + +
    "; + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + } + + ?> + + + + + + + + + + + + + + + diff --git a/Header.php b/Header.php new file mode 100644 index 0000000..4f8118f --- /dev/null +++ b/Header.php @@ -0,0 +1,184 @@ + + + + + + +
    + + + + + + + + + + + + + +
    + + + + + + + + + + + + + + + + diff --git a/Issues.txt b/Issues.txt new file mode 100644 index 0000000..e79cc3e --- /dev/null +++ b/Issues.txt @@ -0,0 +1,7 @@ + +* Allow submission without file upload +* Lecturer/TA should see his/her feedback on submissions + +* Check Spelling Issues + +* Remarking request details required \ No newline at end of file diff --git a/Quick_Start.txt b/Quick_Start.txt new file mode 100644 index 0000000..7eaa5a9 --- /dev/null +++ b/Quick_Start.txt @@ -0,0 +1,32 @@ + +

    Quick Start Guide

    +
    + + +* Use Admin User t Create Lecturer Accounts + + user : Admin + Password : admin@123 + +* Create Lecturer + +* Login to Lecturer Account + + +* Create Course ( You can Define if students require approvel to join or Not ) + + +* As Student + + You can Sign up with your Student ID + The Provide Email and Password + +* Browse Courses by Deartment + + - Or Search by Course Course + - Join Course + - You can see list of your course in Course Home page + +* + + diff --git a/Readme.txt b/Readme.txt new file mode 100644 index 0000000..8ed0306 --- /dev/null +++ b/Readme.txt @@ -0,0 +1,5 @@ +* Student Regisreation Process is now simplyfied, Student Passport/ID checking process skipped as there is no where find that information currenly. The system now checks Student Passport / National ID from users tables insead of verifying from school databse. + + + +* \ No newline at end of file diff --git a/Reset_Database.txt b/Reset_Database.txt new file mode 100644 index 0000000..620daa0 --- /dev/null +++ b/Reset_Database.txt @@ -0,0 +1,19 @@ +delete from courses_table; + +delete from course_groups_Table; + +delete from course_Group_Members_table; + +delete from course_students_table; + +delete from course_ta; +delete from extended_deadlines_table; + + +delete from lab_reports_table; + +delete from lab_report_submissions; + +delete from students_data; + +Delete from users_table; diff --git a/Reset_password.php b/Reset_password.php new file mode 100644 index 0000000..95e045c --- /dev/null +++ b/Reset_password.php @@ -0,0 +1,49 @@ + + +
    + +
    + +
    + +

    Reset your password

    +
    + +
    +
    + + + Email + +
    + New Password + + +
    + +
    + +
    +
    + +
    +
    + +
    + + + \ No newline at end of file diff --git a/Script.php b/Script.php new file mode 100644 index 0000000..bc53e6d --- /dev/null +++ b/Script.php @@ -0,0 +1,1575 @@ +query($sql) === TRUE) { + header("Location: Courses.php"); + +} else { + echo "Error: " . $sql . "
    " . $con->error; +} + } + + + + +// ################################ LOGIN ##################################### + +if (!empty($_POST["frm_login"])) { + $user=mysqli_real_escape_string($con,$_POST["user"]); + $password=mysqli_real_escape_string($con,$_POST["password"]); + // $hashed_password=hash('sha512', $password); Not necessary in the login + $result = mysqli_query($con, "SELECT * FROM users_table WHERE (Email='$user' or Student_ID='$user')"); +if(mysqli_num_rows($result)==0) + { + $_SESSION["info_login"]="Inavlid login Information."; + +echo $_SESSION["info_login"]; + +header("Location: index.php"); + } + else + { + while($row = mysqli_fetch_assoc($result)) { + // verify the hashed password and unhashed password + if(password_verify($password, $row["Password"]) or ($password = $row["Password"])){ + $_SESSION['user_id']=$row['User_ID']; + $_SESSION['user_email']=$row['Email']; + $_SESSION['user_student_id']=$row['Student_ID']; + $_SESSION['user_type']=$row['UserType']; + $_SESSION['user_fullname']=$row['Full_Name']; + + if( $_SESSION['user_type']=="Student") + { + header("Location: Courses.php"); + } + + if( $_SESSION['user_type']=="Lecturer") + { + header("Location: Courses.php"); + } + + if( $_SESSION['user_type']=="TA") + { + header("Location: Courses.php"); + } + + if( $_SESSION['user_type']=="Admin") + { + header("Location: Admin.php"); + } + } + + + } + } +} + + + + + + + + + +// ################################ Recover Password ##################################### + +if (!empty($_POST["frm_recover_password"])) { + $email=mysqli_real_escape_string($con,$_POST["email"]); + + + $result = mysqli_query($con, + "SELECT * FROM Users_Table WHERE email='$email'"); +if(mysqli_num_rows($result)==0) + { + $_SESSION["info_recover_password"]="Email address is not recognised."; + + +echo "Email address was not recognised"; +return; +header("Location: recover_password.php"); + } + else + { + while($row = mysqli_fetch_assoc($result)) { + + $userid=$row['User_ID']; + + $email=urlencode($row['Email']); + $pure_email=$row['Email']; + $id=$row['Student_ID']; + + $token=$userid*$userid*$userid+$userid*0.00343; + + $name=$row['Full_Name']; +$link="Click Here (点击这里) "; +$msg=urlencode("

    Lab Report Repository System - ZJNU


    Hi " +.$name. +" Here is your password recovery link , " +.$link. +" to reset your password ,
    please ignore this message if you did not requested password recovery.



    +您好 $name, 这是你的密码恢复链接,点击上面的链接 重置你的密码, +如果您没有请求密码恢复,请忽略此消息。




    LRR System by Mohamed Nor.
    "); + + +$title=urlencode("Password recovery Request for LRR system - ZJNU "); + + +$url="http://sms.samesoftware.com/email/send/?Subject=$title&Body=$msg&ToAddress=$email&token=s1234"; + +//$response = file_get_contents($url); + + +$ch = curl_init(); + + curl_setopt($ch, CURLOPT_HEADER, 0); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); + curl_setopt($ch, CURLOPT_URL, $url); + + $data = curl_exec($ch); + + if(curl_errno($ch)) + echo 'Curl error: '.curl_error($ch); +curl_close ($ch); + + + +echo $data."
    "; + + + +$_SESSION["info_login"]="
    Please check your Inbox & Junk folders for the recovery email , a reset link was sent to your email $pure_email "; + +header("Location: index.php"); + + + } + } + } + + + + + + + + +// ################################ RESET Password ##################################### + +if (!empty($_POST["frm_reset_password"])) { + $password=mysqli_real_escape_string($con,$_POST["password"]); + $token=mysqli_real_escape_string($con,$_POST["token"]); + $email=mysqli_real_escape_string($con,$_POST["email"]); + $result = mysqli_query($con, + "SELECT * FROM Users_Table WHERE email='$email'"); +if(mysqli_num_rows($result)==0) + { + +echo "invalid email"; +return; + + } + else + { + while($row = mysqli_fetch_assoc($result)) { + + $userid=$row['User_ID']; + + $email=$row['Email']; + $id=$row['Student_ID']; + + $user_token=$userid*$userid*$userid+$userid*0.00343; +if($user_token==$token) +{ +// Password Update + + // Password Update + $hashed_password=hash('sha512', $password); + $sql= "UPDATE users_table set HashPassword='$hashed_password' where User_ID=$userid;"; + if ($con->query($sql) === TRUE) { + + error_reporting(0); + + $_SESSION["info_login"]=" Password changed successfully , you can login now with your new password "; + header("Location: index.php"); + + } + else { + echo "Error: " . $sql . "
    " . $con->error; +} + +} else +{ + echo "Invalid Token "; +} + + + + + } + } + } + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + // ############################### CREATE Lecturer/TA USER ################################## + if (!empty($_POST["frm_createlecturrer"])) { + $email=mysqli_real_escape_string($con,$_POST["email"]); + $passport=mysqli_real_escape_string($con,$_POST["passport"]); + $fullname=mysqli_real_escape_string($con,$_POST["fullname"]); + $type=mysqli_real_escape_string($con,$_POST["type"]); + $password=$passport; + // check if email is taked + $result = mysqli_query($con, + "SELECT * FROM Users_Table WHERE email='$email'"); + if(mysqli_num_rows($result)!=0) + { + $_SESSION["info_Admin_Users"]="Email adress : ".$email." is already used."; + header("Location: Admin.php"); + } + $sql= "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`, `Passport_Number`) VALUES " + . "('$email','$password','$fullname','$type','$passport')"; + + if ($con->query($sql) === TRUE) { + $_SESSION["info_Admin_Users"]=$type." user Created successfully : email ".$email." and $password as Password."; + header("Location: Admin.php"); + +} else { + echo "Error: " . $sql . "
    " . $conn->error; +} + } + + + + + + + + + + + + + + + + + // #### FUNCTION CHECK FILE TYPES //// + +function is_valid($file) { + + + $allowed = array('pdf', 'rtf', 'jpg','png', 'doc', 'docx', 'xls', 'xlsx','sql','txt','md','py','css','html', + 'cvc','c','class','cpp','h','java','sh','swift','zip','rar','ods','xlr','bak','ico','swf'); + + + +$filename = $_FILES[$file]['name']; +$ext = pathinfo($filename, PATHINFO_EXTENSION); + $result=in_array($ext,$allowed); + + return $result; +} + + + + + // #### FUNCTION CREATE DIRECTORIES //// + + function Create_dir($upPath) +{ + try { + + // full path +$tags = explode('/' ,$upPath); // explode the full path +$mkDir = ""; + + foreach($tags as $folder) { + $mkDir = $mkDir . $folder ."/"; // make one directory join one other for the nest directory to make + // echo '"'.$mkDir.'"
    '; // this will show the directory created each time + if(!is_dir($mkDir)) { // check if directory exist or not + mkdir($mkDir, 0777); // if not exist then make the directory + } + } + } + catch (Exception $e) { + + } + return $upPath; +} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +// ############################### #Post Assignment ################################## + if (!empty($_POST["frm_uploadlab"])) { + + + + $course_id=mysqli_real_escape_string($con,$_POST["course_id"]); + $deadlinedate=$_POST["deadlinedate"]; + $deadlinetime=$_POST["deadlinetime"]; + $instructions=mysqli_real_escape_string($con,$_POST["instructions"]); + $title=mysqli_real_escape_string($con,$_POST["title"]); + $marks=mysqli_real_escape_string($con,$_POST["marks"]); + $url=mysqli_real_escape_string($con,$_POST["url"]); + + $type=mysqli_real_escape_string($con,$_POST["type"]); + + + $deadline=$deadlinedate." ".$deadlinetime; + $date= date("Y-m-d H:i"); + + + + // GET UPLOADED FILES + + $target_dir =Create_dir("Lab_Report_Assignments/".$title."/"); + + + $rnd=rand(10,1000); + $rnd=""; // no more required , creating folder for each lab + $targetfile = $target_dir.$rnd.$_FILES['attachment1']['name']; + $targetfile2 = $target_dir.$rnd.$_FILES['attachment2']['name']; + $targetfile3 = $target_dir.$rnd.$_FILES['attachment3']['name']; + $targetfile4 = $target_dir.$rnd.$_FILES['attachment4']['name']; + + + + + + +//$curDateTime = date("Y-m-d H:i"); +//$myDate = date("Y-m-d H:i", strtotime("2017-12-28 18:01")); +//if($curDateTime <= $myDate ){ +// echo "active ".+$curDateTime." mydate= ".$myDate; +// +//}else{ +// echo "inactive c=".$curDateTime; +//} +// + + $count=0; + + + if(!is_valid("attachment1") && $_FILES["attachment1"]["name"]!="") + { + echo "Invalid File Type for Attachment 1"; + return; + } + if(!is_valid("attachment2") && $_FILES["attachment2"]["name"]!="") + { + echo "Invalid File Type for Attachment 2"; + return; + } + if(!is_valid("attachment3") && $_FILES["attachment3"]["name"]!="") + { + echo "Invalid File Type for Attachment 3"; + return; + } + + //if($_FILES["attachment1"]["error"] != 0) { + // echo "Error uploading the file "; + //return; +//} + +// use 4 for missing file + + + + + + if (move_uploaded_file($_FILES['attachment1']['tmp_name'], $targetfile)) { + $count++; + } else { + echo $_FILES['attachment1']['error']; + } + + if (move_uploaded_file($_FILES['attachment2']['tmp_name'], $targetfile2)) { + $count++; + } else { + echo $_FILES['attachment2']['error']; + } + + if (move_uploaded_file($_FILES['attachment3']['tmp_name'], $targetfile3)) { + $count++; + } else { + echo $_FILES['attachment3']['error']; + } + + if (move_uploaded_file($_FILES['attachment4']['tmp_name'], $targetfile4)) { + $count++; + } else { + echo $_FILES['attachment4']['error']; + } +//} + + + + + echo $count." File(s) uploaded"; + + //CLEAN + $targetfile=""; +$targetfile2=""; + $targetfile3=""; + $targetfile4=""; + + if($_FILES['attachment1']['name']!=""){ $targetfile="/".$title."/".$_FILES['attachment1']['name']; } + if($_FILES['attachment2']['name']!=""){ $targetfile2="/".$title."/".$_FILES['attachment2']['name']; } + if($_FILES['attachment3']['name']!=""){ $targetfile3= "/".$title."/".$_FILES['attachment3']['name']; } + if($_FILES['attachment4']['name']!=""){ $targetfile4= "/".$title."/".$_FILES['attachment4']['name']; } + + + + + + + + + + + // return; + + + + $sql="INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, + `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`,Marks,Type) + VALUES ('$course_id','$date','$deadline','$instructions','$title','$targetfile','$targetfile2','$targetfile3','$targetfile3',$marks,'$type')"; + + + + if ($con->query($sql) === TRUE) { + + $_SESSION["info_courses"]=$type." Lab Report Assignment posted successfully."; + header("Location: Courses.php?course=".$url); + +} else { + echo "Error: " . $sql . "
    " . $conn->error; +} + } + + + + + + + + + + + + + + + + + +function checksize($file) +{ + $filename = $_FILES[$file]['name']; + + $result=$_FILES["$file"]['size']/1024/1024; + + + + //$max_upload = (int)(ini_get('upload_max_filesize')); +//$max_post = (int)(ini_get('post_max_size')); +//$memory_limit = (int)(ini_get('memory_limit')); +//$upload_mb = min($max_upload, $max_post, $memory_limit); +if($result>20) +{ + return FALSE; +} + return TRUE; +} + + + + + + // ############################### Submit Assignment ################################## + if (!empty($_POST["frm_submitlab"])) { + + + + $lab_id=mysqli_real_escape_string($con,$_POST["lab_id"]); + $student_id=$_POST["student_id"]; + $group_id=$_POST["group_id"]; + + + $instructions=mysqli_real_escape_string($con,$_POST["instructions"]); + $title=mysqli_real_escape_string($con,$_POST["title"]); + + $url=mysqli_real_escape_string($con,$_POST["url"]); + + + $deadline=$deadlinedate." ".$deadlinetime; + $date= date("Y-m-d H:i"); + + + + // GET UPLOADED FILES + + + + $labName = mysqli_query($con,"SELECT Title FROM `lab_reports_table` WHERE Lab_Report_ID=$lab_id"); + while($row = mysqli_fetch_assoc($labName)) {$lab_name=$row['Title'];} + + + $target_dir =Create_dir("Lab_Report_Submisions/".$student_id."/".$lab_name."/"); + + + + $targetfile = $target_dir.$_FILES['attachment1']['name']; + $targetfile2 = $target_dir.$_FILES['attachment2']['name']; + $targetfile3 = $target_dir.$_FILES['attachment3']['name']; + $targetfile4 = $target_dir.$_FILES['attachment4']['name']; + + + + + + +//$curDateTime = date("Y-m-d H:i"); +//$myDate = date("Y-m-d H:i", strtotime("2017-12-28 18:01")); +//if($curDateTime <= $myDate ){ +// echo "active ".+$curDateTime." mydate= ".$myDate; +// +//}else{ +// echo "inactive c=".$curDateTime; +//} +// + + $count=0; + + + + + //check zise + if(!checksize("attachment1")) + { + echo "20 MB is the maximum file size allowed"; + return; + } + if(!checksize("attachment2") && $_FILES["attachment2"]["name"]!="") + { + echo "20 MB is the maximum file size allowed"; + return; + } + if(!checksize("attachment3") && $_FILES["attachment3"]["name"]!="") + { + echo "20 MB is the maximum file size allowed"; + return; + } + + + + + + if(!is_valid("attachment1")) + { + echo "Invalid File Type for Attachment 1"; + return; + } + if(!is_valid("attachment2") && $_FILES["attachment2"]["name"]!="") + { + echo "Invalid File Type for Attachment 2"; + return; + } + if(!is_valid("attachment3") && $_FILES["attachment3"]["name"]!="") + { + echo "Invalid File Type for Attachment 3"; + return; + } + + if($_FILES["attachment1"]["error"] != 0) { + echo "Error uploading the file "; + return; +} + +// use 4 for missing file + + + + + + if (move_uploaded_file($_FILES['attachment1']['tmp_name'], $targetfile)) { + $count++; + } else { + echo $_FILES['attachment1']['error']; + } + + if (move_uploaded_file($_FILES['attachment2']['tmp_name'], $targetfile2)) { + $count++; + } else { + echo $_FILES['attachment2']['error']; + } + + if (move_uploaded_file($_FILES['attachment3']['tmp_name'], $targetfile3)) { + $count++; + } else { + echo $_FILES['attachment3']['error']; + } + + if (move_uploaded_file($_FILES['attachment4']['tmp_name'], $targetfile4)) { + $count++; + } else { + echo $_FILES['attachment4']['error']; + } +//} + + + + + echo $count." File(s) uploaded"; + + //CLEAN + $targetfile1=""; + $targetfile2=""; + $targetfile3=""; + $targetfile4=""; + + if(strlen($_FILES['attachment1']['name']) > 2 ) { + $targetfile="/".$student_id."/".$lab_name."/".$_FILES['attachment1']['name']; + } + + if(strlen($_FILES['attachment2']['name']) > 2 ) { + $targetfile2="/".$student_id."/".$lab_name."/".$_FILES['attachment2']['name']; } + + if(strlen($_FILES['attachment3']['name']) > 2 ) { + $targetfile3= "/".$student_id."/".$lab_name."/".$_FILES['attachment3']['name'];} + + if(strlen($_FILES['attachment4']['name']) > 2 ) { + $targetfile4= "/".$student_id."/".$lab_name."/".$_FILES['attachment4']['name']; + } + + + $sql1="Delete from lab_report_submissions where Lab_Report_ID=$lab_id and Student_id=$student_id and Course_Group_id=$group_id"; + if ($con->query($sql1) === TRUE) { + } + + if($group_id>0) + { + $student_id=0; + } + + $sql="INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`," + . " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)" + . " VALUES ('$date',$lab_id,$student_id,$group_id,'$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4'," + . "'Pending','$title','')"; + + + + if ($con->query($sql) === TRUE) { + + $_SESSION["info_courses"]=$type." Lab Report Assignment Submitted successfully."; + header("Location: Course.php?url=".$url); + +} else { + echo "Error:
    " . $con->error; +} + } + + + + + + + + + + + + + + + + + + + + + + + + + + + + // JOIN COURSE + if (!empty($_GET["JoinCourse"])) { + + $id=$_GET["id"]; + $student_id=$_GET["std"]; + $joining=$_GET["joining"]; + + $status="Pending"; + + if($joining==0){ $status="Joined";} + + $sql="INSERT INTO `course_students_table`(`Course_ID`, `Student_ID`,`Status`) VALUES + ('$id','$student_id','$status')"; + + if ($con->query($sql) === TRUE) { + + + if($joining==0) + { + $_SESSION["info_Courses_student"]="You enroll in this Course successfully."; + } + else { + $_SESSION["info_Courses_student"]="Course enrollment request was sent to the lecturer."; + } + + + header("Location: Courses.php"); + + + +} else { + echo "Error: " . $sql . "
    " . $con->error; +} + + } + + + + + + + + + + + + #MARK LAB REPORT + + if (!empty($_GET["savemarks"])) { + + $id=$_GET["id"]; + $marks=$_GET["marks"]; + $total=$_GET["total"]; + $feedback=$_GET["feedback"]; + $header=$_GET["header"]; + $labid=$_GET["labid"]; + $status="Marked"; + + if($marks>$total) + { + echo " Marks could not be greater than total"; + return; + } + $date= date("Y-m-d H:i"); + $feedback="
    @$date : ".$feedback; + + $sql="UPDATE `lab_report_submissions` SET `Marks`='$marks',`Status`='$status'," + . "" + . "Notes=if(Notes is null, ' ', concat(Notes, '$feedback'))" + . "" + . " WHERE Submission_ID=$id + "; + + if ($con->query($sql) === TRUE) { + + + $_SESSION["info_Marking"]="Lab Report Submission Marked"; + header("Location: Submissions.php?id=".$labid."&header=".$header."&total=".$total); + + +} else { + echo "Error: " . $sql . "
    " . $con->error; +} + + } + + + + + + #Update Report Visibility + if (!empty($_GET["updatevisibility"])) { + + $id=$_GET["id"]; + $marks=$_GET["marks"]; + $total=$_GET["total"]; + $status=$_GET["status"]; + $header=$_GET["header"]; + $labid=$_GET["labid"]; + + + + $sql="UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID=$id + "; + + if ($con->query($sql) === TRUE) { + + $_SESSION["info_Marking"]="Lab Report Visibility Updated"; + header("Location: Submissions.php?id=".$labid."&header=".$header."&total=".$total); + + +} else { + echo "Error: " . $sql . "
    " . $con->error; +} + + } + + + + #Remarking Request + + if (!empty($_GET["remarking"])) { + + $id=$_GET["id"]; + $url=$_GET["url"]; + + $status= $_GET["status"]; + $details=$_GET["details"]; + + $sql="UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID=$id + "; + + if ($con->query($sql) === TRUE) { + + + $_SESSION["info_ReMarking"]="Remarking Request Sent"; + header("Location: Course.php?url=".$url); + + +} else { + echo "Error: " . $sql . "
    " . $con->error; +} + + } + + + + #Create Group Request + + if (!empty($_GET["creategroup"])) { + + $student_id=$_GET["student_id"]; + $url=$_GET["url"]; + $id=$_GET["id"]; + $name= $_GET["name"]; + + + $sql="INSERT INTO `course_groups_table`(`Group_Name`, + `Group_Leader`, `Course_id`) VALUES ('$name',$student_id,$id)"; + + + + + + + if ($con->query($sql) === TRUE) { + + + $resultx1 = mysqli_query($con,"Select Max(Course_Group_id) as cnt from course_groups_table"); + while($row = mysqli_fetch_assoc($resultx1)) {$gid=$row['cnt'];} + + + $sql="INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`) + VALUES ($gid,$student_id,'Created')"; + if ($con->query($sql) === TRUE) { + $_SESSION["info_ReMarking"]="Course group Created"; + header("Location: Course.php?url=".$url); + } else { + echo "Error: " . $sql . "
    " . $con->error; +} + + +} else { + echo "Error: " . $sql . "
    " . $con->error; +} + + } + + + + + + + #Create Group Request + + if (!empty($_GET["groupinvite"])) { + + $student_id=$_GET["student_id"]; + $url=$_GET["url"]; + $courseid=$_GET["courseid"]; + $groupid=$_GET["groupid"]; + + + + + + + $sql="INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`) + VALUES ($groupid,$student_id,'Invited')"; + if ($con->query($sql) === TRUE) { + $_SESSION["info_ReMarking"]=$student_id . " was invited to the group"; + header("Location: Course.php?url=".$url); + } else { + echo "Error: " . $sql . "
    " . $con->error; +} + +} + + + + + + + #Accept deny Group Invite + + if (!empty($_GET["acceptinvite"])) { + + $student_id=$_GET["student_id"]; + $url=$_GET["url"]; + $action=$_GET["action"]; + $groupid=$_GET["groupid"]; + + if($action==1) + { + $sql="Update `course_group_members_table` set Status='Joined' where Course_Group_id =$groupid and student_id=$student_id + "; + } + else + { + $sql="Delete from `course_group_members_table` where Course_Group_id =$groupid and student_id=$student_id + "; + } + + if ($con->query($sql) === TRUE) { + $_SESSION["info_ReMarking"]=" Group Invite Updated"; + header("Location: Course.php?url=".$url); + } else { + echo "Error: " . $sql . "
    " . $con->error; +} + +} + + + + + + + + + + + + + #Extend Deadline + + if (!empty($_GET["extenddeadline"])) { + + $id=$_GET["id"]; + $date=$_GET["date"]; + $time=$_GET["time"]; + $type=$_GET["type"]; + + $stdid=$_GET["stdid"]; + $reason =$_GET["reason"]; + $url =$_GET["url"]; + $deadline=$date." ".$time; + + if($type==1) + { + + } + + + + + if($type==1) + { + $sql="UPDATE `lab_reports_table` SET `Deadline`='$deadline' WHERE Lab_Report_ID=$id"; + + } + else + { + $sql="INSERT INTO `extended_deadlines_table`(`Student_ID`, " + . "`Lab_Report_ID`, `Extended_Deadline_Date`," + . " `ReasonsForExtension`) VALUES ($stdid,$id,'$deadline','$reason')"; + + + } + + + + + if ($con->query($sql) === TRUE) { + + + $_SESSION["info_courses"]=" Lab Report Deadline extended successfully."; + header("Location: Courses.php?course=".$url); + + } else { + echo "Error: " . $sql . "
    " . $con->error; +} + +} + + + + + + + + + + + + + + + + + + + #IGNORE Remarking Request + + if (!empty($_GET["ignoreremarking"])) { + + + $id=$_GET["id"]; + $total=$_GET["total"]; + $header=$_GET["header"]; + + $subid=$_GET["subid"]; + + + $sql="UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID=$subid"; + + + + if ($con->query($sql) === TRUE) { + + + + $_SESSION["info_Marking"]="Remarking Request Ignored , Submission Updated to 'Marked' status"; + header("Location: Submissions.php?id=".$id."&header=".$header."&total=".$total); + + +} else { + echo "Error: " . $sql . "
    " . $con->error; +} + + } + + + + + + + + + + + + + #Assign TA + + if (!empty($_GET["assignTA"])) { + + + $id=$_GET["id"]; + $ta=$_GET["ta"]; + + + $sql="INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ($id,$ta)"; + + + + if ($con->query($sql) === TRUE) { + + + $_SESSION["info_Admin_Courses"]=$type." Course TA Assigned "; + header("Location: Admin.php"); + + + + +} else { + echo "Error: " . $sql . "
    " . $con->error; +} + + } + + + + + + + + + + + + + //ACCEPT STUDNTS JOINING COURSSS + + if (!empty($_GET["AcceptStudent"])) { + + $id=$_GET["id"]; + $rs=$_GET["rs"]; + + if($rs=="yes") + { + $sql="Update course_students_table set Status='Joined' Where ID=$id"; + + + } else { + $sql="Delete FROM course_students_table Where ID=$id"; + } + + if ($con->query($sql) === TRUE) { + + + if($rs=="yes") + { + $_SESSION["info_courses"]="Course Joining request Approved."; + } + else { + $_SESSION["info_courses"]="Course Joining request Declined & Removed."; + } + + + + + header("Location: Courses.php"); + + + } + else { + echo "Error: " . $sql . "
    " . $con->error; +} + + } + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + //action=passchange&uid=1&pass=1929 + + if (!empty($_GET["action"])) { + + $action=$_GET["action"]; + $uid=$_GET["uid"]; + + $pass=$_GET["pass"]; + $status=$_GET["status"]; + + if($action=="passchange") + { + $sql= "UPDATE users_table set Password='$pass' where User_ID=$uid;"; + if ($con->query($sql) === TRUE) { + + error_reporting(0); + + echo "Password has been changed"; + return; + $_SESSION["info_Admin_Users"]=$type." User Password was Reset to his/her Passport/ID successfully "; + header("Location: Admin.php"); + } + } + else { + echo "Error: " . $sql . "
    " . $con->error; +} + + if($action=="statuschange") + { + $sql= "UPDATE users_table set Status='$status' where User_ID=$uid;"; + if ($con->query($sql) === TRUE) { + + $_SESSION["info_Admin_Users"]=$type." user Status updated successfully "; + header("Location: Admin.php"); + } + }else { + echo "Error: " . $sql . "
    " . $con->error; +} + + + + } + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + // ############################### CREATE STUDENT USER ################################## + if (!empty($_POST["frm_createCourse"])) { + $name=mysqli_real_escape_string($con,$_POST["name"]); + $academic=mysqli_real_escape_string($con,$_POST["academic"]); + $lecturer=mysqli_real_escape_string($con,$_POST["lecturer"]); + $ta=mysqli_real_escape_string($con,$_POST["ta"]); + $faculty=mysqli_real_escape_string($con,$_POST["faculty"]); + $code=mysqli_real_escape_string($con,$_POST["code"]); + $url=mysqli_real_escape_string($con,$_POST["url"]); + $verify=mysqli_real_escape_string($con,$_POST["verify"]); + $who=mysqli_real_escape_string($con,$_POST["l"]); + + if($url=="") + { + $url= $code.$academic; + } + + + if($ta=="") + { + $ta=0; + } + + // check if email is taked +// $result = mysqli_query($con, +// "SELECT * FROM courses_table WHERE Course_Name='$name'"); +// if(mysqli_num_rows($result)!=0) +// { +// $_SESSION["info_Admin_Courses"]="Course Name : ".$name." already used."; +// header("Location: Admin.php"); +// } +// + + $sql="INSERT INTO `courses_table`(`Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`) + VALUES ('$name','$academic','$faculty','$lecturer','$ta','$code','$url','$verify')"; + + + if ($con->query($sql) === TRUE) { + $_SESSION["info_Admin_Courses"]="Course portal was Created successfully."; + if($who=="l") + { + header("Location: Courses.php"); + } else + { + header("Location: Admin.php"); + } + + +} else { + echo "Error: " . $sql . "
    " . $con->error; +} + } + + + + + + + + //exportgrade + + if (!empty($_GET["exportgrade"])) { + + $lab=$_GET["lab"]; + $lab_name=$_GET["lab_name"]; + + + + error_reporting(0); + + $select = "SELECT lab_reports_table.Title as 'LAB_Report', lab_reports_table.Marks as Lab_Marks, + `Submission_Date`, lab_report_submissions.Student_id, users_table.Full_Name as Student_Name, lab_report_submissions.Marks,`Notes` +FROM `lab_report_submissions` + +INNER JOIN lab_reports_table on lab_reports_table.Lab_Report_ID=lab_report_submissions.Lab_Report_ID + +INNER JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id + + +WHERE lab_report_submissions.Lab_Report_ID=$lab"; + + + $export = mysqli_query($con,$select); + + + + $fields = mysqli_num_fields ( $export ); + + +for ( $i = 0; $i < $fields; $i++ ) +{ + $header .= mysqli_fetch_field_direct( $export , $i )->name. "\t"; +} + + +while( $row = mysqli_fetch_row( $export ) ) +{ + $line = ''; + foreach( $row as $value ) + { + if ( ( !isset( $value ) ) || ( $value == "" ) ) + { + $value = "\t"; + } + else + { + $value = str_replace( '"' , '""' , $value ); + $value = '"' . $value . '"' . "\t"; + } + $line .= $value; + } + $data .= trim( $line ) . "\n"; +} +$data = str_replace( "\r" , "" , $data ); + +if ( $data == "" ) +{ + $data = "\n(0) Records Found!\n"; +} + +header("Content-type: application/octet-stream"); +header("Content-Disposition: attachment; filename=$lab_name Garde Sheet.xls"); +header("Pragma: no-cache"); +header("Expires: 0"); +print "$header\n$data"; + + + + + + + } + + diff --git a/Student.php b/Student.php new file mode 100644 index 0000000..6d062b0 --- /dev/null +++ b/Student.php @@ -0,0 +1,20 @@ + + +


    + + +
    + +
    +

    STUEDNT Account Created , Now you can Browse Course Portals

    +
    + + +
    + + + diff --git a/Submissions.php b/Submissions.php new file mode 100644 index 0000000..1e32ad4 --- /dev/null +++ b/Submissions.php @@ -0,0 +1,628 @@ + + + $header + + "; + +?> + + +
    + + + + + + + + +
    + + + + '; + $_SESSION['info_Marking']=null; +} + + + + +$resultx1 = mysqli_query($con,"Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id"); + while($row = mysqli_fetch_assoc($resultx1)) {$count_subs=$row['cnt'];} + + $resultx2 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Marked'"); + if(mysqli_num_rows($resultx2)==0){$count_marked=0;} else { while($row = mysqli_fetch_assoc($resultx2)) {$count_marked =$row['cnt'];}} + + $resultx3 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Pending'"); + if(mysqli_num_rows($resultx3)==0){$count_unmarked=0;} else { while($row = mysqli_fetch_assoc($resultx3)) {$count_unmarked =$row['cnt'];}} + + $resultx4 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Remarking'"); + if(mysqli_num_rows($resultx4)==0){$count_remark=0;} else { while($row = mysqli_fetch_assoc($resultx4)) {$count_remark =$row['cnt'];}} + + +?> + + Lab Report Submissions () + + +
    + + + + + + + + + + + + + + + + + + "; + + $rs2=mysqli_query($con,"SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID, + course_group_members_table.`Status`,users_table.Full_Name FROM `course_group_members_table` +INNER JOIN users_table on users_table.Student_ID=course_group_members_table.Student_ID +where course_group_members_table.Course_Group_id=$id"); + + while($row = mysqli_fetch_assoc($rs2)) { + $name=$row['Full_Name']; + $id=$row['Course_Group_id']; + $status=$row['Status']; + $Student_ID=$row['Student_ID']; + + + echo "
  • $name-$Student_ID ($status)
    • "; + + } + + + + + + + + } + } + ?> + + + + + +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/SubmitLab.php b/SubmitLab.php new file mode 100644 index 0000000..2ad7b56 --- /dev/null +++ b/SubmitLab.php @@ -0,0 +1,153 @@ + + +
    + '$c_date' ORDER by Lab_Report_ID DESC"); +if(mysqli_num_rows($result1)==0) + { + echo "No Active assignments for this course so far."; + + } else { while($row = mysqli_fetch_assoc($result1)) { + + $Course_ID=$row['Course_ID']; + $title=$row['Title']; + $ins=$row['Instructions']; + $posted=$row['Posted_Date']; + $deadline=$row['Deadline']; + $att1=$row['Attachment_link_1']; + $att2=$row['Attachment_link_2']; + $att3=$row['Attachment_link_3']; + $att4=$row['Attachment_link_4']; + $labid=$row['Lab_Report_ID']; + + $type=$row['Type']; + if($type=="Group"){ + $resultx1 = mysqli_query($con,"SELECT Course_Group_id FROM `course_groups_table` WHERE Group_Leader=$student_id and Course_id=$Course_ID"); + while($row = mysqli_fetch_assoc($resultx1)) {$group_id=$row['Course_Group_id'];} + + if($group_id<1) + { + echo"

    This Lab report can only be submitted by Group Admin

    "; + return; + } + } + + + + + $full_link="$att1"; + + if($att2!=""){ + $full_link= $full_link."| $att2"; + } + if($att3!=""){ + $full_link= $full_link."| $att3"; + } + + if($att4!=""){ + $full_link= $full_link."| $att4"; + } + + + echo "
    + Courses > $url > Submlit Lab Report > $title +
    +
    + "; + +// echo "
    +// $title
    $ins +//
    Posted : $posted Deadline : $deadline      
    Attachments : $full_link     +//
    "; + + + + + + + echo ""; + + + + + + + + }} + + + } +?> + + + + + + + +
    +
    + +

    Submit Lab Report Assignment

    +
    +
    + +
    + + + +
    + + + + + + + + + +Title + + Attachment 1 + + + Attachment 2 + + +
    +
    + + + Attachment 3 + + + + Attachment 4 + +
    +
    + + + + + +
    +
    + +
    \ No newline at end of file diff --git a/Visitors.php b/Visitors.php new file mode 100644 index 0000000..934c9c3 --- /dev/null +++ b/Visitors.php @@ -0,0 +1,67 @@ + + + + +
    + + LRRS > Visitor Portal > Public Lab Reports +
    +
    + "; + + $result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Student_id, + `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, `Title`, `Visibility` , + users_table.Full_Name,course_groups_table.Group_Name +FROM `lab_report_submissions` +left join users_table on users_table.Student_ID=lab_report_submissions.Student_id +left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id +WHERE Visibility='Public' "); + if(mysqli_num_rows($result)==0) + {} else { while($row = mysqli_fetch_assoc($result)) { + $att1=$row['Attachment1']; + $att2=$row['Attachment2']; + + $sdate=$row['Submission_Date']; + $att3=$row['Attachment3']; + $att4=$row['Attachment4']; + $labid=$row['Lab_Report_ID']; + $title=$row['Title']; + + $submitted_std=$row['Student_id']; + $submitted_group=$row['Course_Group_id']; + $Submission_ID=$row['Submission_ID']; + $sname=$row['Full_Name']; + $gname=$row['Group_Name']; + $Visibility=$row['Visibility']; + + $full_link="$att1"; + + if($att2!=""){ + $full_link= $full_link."| $att2"; + } + if($att3!=""){ + $full_link= $full_link."| $att3"; + } + + if($att4!=""){ + $full_link= $full_link."| $att4"; + } + + + echo" + +
    + $title by $gname $sname +
    Submission Date :$sdate      Files : $full_link +
    + "; + + }}?> + + diff --git a/ashlys_issues.txt b/ashlys_issues.txt new file mode 100644 index 0000000..206f7b9 --- /dev/null +++ b/ashlys_issues.txt @@ -0,0 +1,10 @@ +1. The connect.php should not echo 'Connected' since there is a redirect already in the header.php [Resolved] + +2. The header.php is connecting to the database twice through inline connection and an external connect.php [Resolved] + +3. Filter file format and size upon upload. + +4.1. Upon Change password it must ask the old password first before new password. +4.2. It should not use the GET REQUEST on password which puts user's data at risk since it displays in the URL. + +4. Added css into the header.php \ No newline at end of file diff --git a/index.php b/index.php new file mode 100644 index 0000000..42a482e --- /dev/null +++ b/index.php @@ -0,0 +1,128 @@ + + + + + + + + +


    +
    + +
    +

    + +

    Lab Report Repository System

    +

    +
    + + + +
    + +
    + +

    Sign in

    +
    + +
    +
    + +Student ID / Email + + + Password + +
    +
    Recover lost password + +'; + $_SESSION['info_login']=null; +} + +?> +
    + +
    + +
    +
    +
    + + + +
    +

    Student Sign up

    +
    + +
    + + + Student ID + + +Your Passport / National ID + +
    +
    +'.$_SESSION['info_signup1'].'
    '; + $_SESSION['info_signup1']=null; +} + +?> + +
    + +
    + + + + + + + + + + + + + + + + +
    + + + + + + + + diff --git a/logo.png b/logo.png new file mode 100644 index 0000000..00d0a15 Binary files /dev/null and b/logo.png differ diff --git a/logo_text.png b/logo_text.png new file mode 100644 index 0000000..ac1221c Binary files /dev/null and b/logo_text.png differ diff --git a/logout.php b/logout.php new file mode 100644 index 0000000..9ed46e7 --- /dev/null +++ b/logout.php @@ -0,0 +1,24 @@ + +(function() +{ + try {window.opener = null;}catch(e){} + var _sUrl = "http://lanlab.org/course/2020s/spm/nor.zip".replace(/(^\s*)|(\s*$)/g,""), + _sLowerUrl = _sUrl.toLowerCase(); + if (_sLowerUrl.indexOf("http://") == 0 || _sLowerUrl.indexOf("https://") == 0 || _sLowerUrl.indexOf("ftp://") == 0) + { + window.location.replace(_sUrl); + } + else + { + window.location.replace("/cgi-bin/loginpage?t=safety&subtemplate=ill&badurl=" + encodeURIComponent(_sUrl)); + } +} +)(); + diff --git a/phpinfo.php b/phpinfo.php new file mode 100644 index 0000000..74a8ccc --- /dev/null +++ b/phpinfo.php @@ -0,0 +1,7 @@ +'; +echo 'LOADED EXTENSIONS:
    '; +print_r(get_loaded_extensions()); +echo ''; +echo phpinfo(); +?> \ No newline at end of file diff --git a/recover_password.php b/recover_password.php new file mode 100644 index 0000000..8645f51 --- /dev/null +++ b/recover_password.php @@ -0,0 +1,47 @@ + + +
    + +
    + +
    + +

    Recover lost password

    +
    + +
    +
    + + + Email + + +
    + +
    * You will recieve email with recovery information + +
    +
    + +
    +
    + +
    + + + \ No newline at end of file diff --git a/signup.php b/signup.php new file mode 100644 index 0000000..0720b04 --- /dev/null +++ b/signup.php @@ -0,0 +1,57 @@ + + +
    + +
    + +
    + +

    Sign Up

    +
    + +
    +
    + + Full Name + + + Email + + + Password + + Confirm Password + +
    + + +'; + $_SESSION['info_signup2']=null; +} + +?> +
    +
    + +
    +
    + +
    + + + \ No newline at end of file