mrlan
/
LRR
3
0
Fork 2
Code Issues Pull Requests 7 Projects Releases Wiki Activity

Several fixes (sign up/sign in, recover password, etc).

SIMPLICITY_link
Hui Lan 2020-09-26 20:08:39 +08:00
parent f8995eec6f
commit df3b48553a
17 changed files with 914 additions and 771 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

695
Admin.php
View File

@ -1,335 +1,362 @@
<?php <?php
$page="admin"; $page="admin";
include 'Header.php'; include 'Header.php';
?>
?>
<?php
<style> if ($_SESSION['user_type'] != "Lecturer") {
.col-md-4{ $_SESSION["info_login"]="You must log in first.";
border-right: 1px solid skyblue; echo $_SESSION["info_login"];
} header("Location: index.php");
</style> }
?>
<br>
<div style="width: 80%;margin: auto;"> <h2> Administration Panel </h2> </div> <style>
.col-md-4{
<hr> border-right: 1px solid skyblue;
<div class="row" style="width: 80%;margin: auto;"> }
</style>
<br>
<!--<h4>General system Settings</h4><hr> <div style="width: 80%;margin: auto;"> <h2> Administration Panel </h2> </div>
<a href="" class="btn btn-lg btn-primary">View System Log </a>
<hr> <hr>
Lab Privacy Mode: (STUDENT VERIFICATION) <div class="row" style="width: 80%;margin: auto;">
<hr>
-->
<div class="col-md-6">
<h4> User account Management </h4><hr> <!--<h4>General system Settings</h4><hr>
<a href="" class="btn btn-lg btn-primary">View System Log </a>
<b>Lecturer / TA Accounts </b><br> <hr>
Lab Privacy Mode: (STUDENT VERIFICATION)
<hr>
-->
<div class="col-md-6">
<h4> User account Management </h4><hr>
<div class="container"> <b>Lecturer / TA Accounts </b><br>
<!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist">
<li class="nav-item">
<a class="nav-link active" data-toggle="tab" href="#home">Create New Account</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu1">Existing Accounts</a> <div class="container">
</li>
</ul>
<!-- Nav tabs -->
<!-- Tab panes --> <ul class="nav nav-tabs" role="tablist">
<div class="tab-content">
<div id="home" class="container tab-pane active"><br> <li class="nav-item">
<a class="nav-link active" data-toggle="tab" href="#home">Create New Account</a>
<b>Create Lecturer/TA Accounts </b> </li>
<form method="post" action="Script.php">
<input type="hidden" name="frm_createlecturrer" value="true" required=""/> <li class="nav-item">
Full_Name <a class="nav-link" data-toggle="tab" href="#menu2">Batch Create New Student Accounts</a>
<input type="text" name="fullname" placeholder="Full Name" class="form-control" required=""> </li>
Email
<input type="text" name="email" placeholder="Email / Student Number" class="form-control" required=""> <li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu1">Existing Accounts</a>
Passport_Number / ID (Used as Intial Password) </li>
<input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required="">
<br> User Type : </ul>
<input type="radio" name="type" value="Lecturer" required=""> Lecturer
<input type="radio" name="type" value="TA" required=""> T/A <!-- Tab panes -->
<input type="submit" class="btn btn-primary" value="Create"><br> <div class="tab-content">
<?php
<div id="home" class="container tab-pane active"><br>
error_reporting(E_ALL);
if(isset($_SESSION['info_Admin_Users'])) { <b>Create Lecturer/TA Accounts </b>
echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Admin_Users'].'</div>'; <form method="post" action="Script.php">
$_SESSION['info_Admin_Users']=null; <input type="hidden" name="frm_createlecturrer" value="true" required=""/>
} Full_Name
if(isset($_SESSION['info_Admin_Users'])) { <input type="text" name="fullname" placeholder="Full Name" class="form-control" required="">
echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Admin_Users'].'</div>'; Email
$_SESSION['info_Admin_Users']=null; <input type="text" name="email" placeholder="Email / Student Number" class="form-control" required="">
}
Passport_Number / ID (Used as Intial Password)
?> <input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required="">
<br> User Type :
</form> <input type="radio" name="type" value="Lecturer" required=""> Lecturer
<input type="radio" name="type" value="TA" required=""> T/A
<hr> <input type="submit" class="btn btn-primary" value="Create"><br>
<?php
error_reporting(E_ALL);
</div> if(isset($_SESSION['info_Admin_Users'])) {
echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Admin_Users'].'</div>';
$_SESSION['info_Admin_Users']=null;
<div id="menu1" class="container tab-pane fade"><br> }
if(isset($_SESSION['info_Admin_Users'])) {
echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Admin_Users'].'</div>';
$_SESSION['info_Admin_Users']=null;
<table class="table-bordered" style="font-size: 10pt;"> }
<tr style="font-size:10pt;">
<th>ID</th> ?>
<th>Name</th>
<th>Email</th> </form>
<th>Passport / ID </th>
<th>Reset Password </th> <hr>
<th>Block/Activate </th>
</tr>
<?php
</div>
$result = mysqli_query($con,
"SELECT * FROM Users_Table WHERE UserType in ('Lecturer','TA')");
while($row = mysqli_fetch_assoc($result)) { <div id="menu1" class="container tab-pane fade"><br>
$pass=$row['Passport_Number'];
$btn="<button class='btn-primary' onclick=\"updatePass(".$row['User_ID'].",'$pass')\">Reset</button>"; <table class="table-bordered" style="font-size: 10pt;">
if($row['Status']=="Active") <tr style="font-size:10pt;">
{ $newstatus="Blocked"; <th>ID</th>
$btnBlock="<button class='btn-danger' onclick=\"blockUser(".$row['User_ID'].",'$newstatus')\">Block</button>"; <th>Name</th>
}else{ <th>Email</th>
$newstatus="Active"; <th>Passport / ID </th>
$btnBlock="<button class='btn-success' onclick=\"blockUser(".$row['User_ID'].",'$newstatus')\">Activate</button>"; <th>Reset Password </th>
} <th>Block/Activate </th>
</tr>
echo "<tr><td>".$row['User_ID']."</td><td>".$row['Full_Name']."</td><td>".$row['Email']."</td> <td>".$row['Passport_Number']."</td><td>$btn</td><td>$btnBlock</td></tr>"; <?php
}
?></table> $result = mysqli_query($con,
"SELECT * FROM Users_Table WHERE UserType in ('Lecturer','TA')");
while($row = mysqli_fetch_assoc($result)) {
</div> $pass=$row['Passport_Number'];
$btn="<button class='btn-primary' onclick=\"updatePass(".$row['User_ID'].",'$pass')\">Reset</button>";
if($row['Status']=="Active")
{ $newstatus="Blocked";
</div> $btnBlock="<button class='btn-danger' onclick=\"blockUser(".$row['User_ID'].",'$newstatus')\">Block</button>";
</div> }else{
$newstatus="Active";
$btnBlock="<button class='btn-success' onclick=\"blockUser(".$row['User_ID'].",'$newstatus')\">Activate</button>";
</div> }
<div class="col-md-6"> echo "<tr><td>".$row['User_ID']."</td><td>".$row['Full_Name']."</td><td>".$row['Email']."</td> <td>".$row['Passport_Number']."</td><td>$btn</td><td>$btnBlock</td></tr>";
}
?></table>
<div class="container">
<!-- Nav tabs --> </div>
<ul class="nav nav-tabs" role="tablist">
<li class="nav-item">
<a class="nav-link active" data-toggle="tab" href="#menua"> Course Portal </a> <!-- code contributed by Xu Xiaopeng (https://github.com/xxp1999) -->
</li>
<li class="nav-item"> <div id="menu2" class="container tab-pane fade" style="margin-top:10px" >
<a class="nav-link" data-toggle="tab" href="#menub">Existing Courses</a> <b>Please separate student numbers with spaces.</b><br>
</li> <form action="batch_insert.php" method="post">
<p>
</ul> <textarea cols="80" rows="16" name="users" required=""></textarea>
</p>
<!-- Tab panes --> <input type="submit" class="btn btn-primary" value="Create All"><br>
<div class="tab-content"> </form>
<div id="menua" class="container tab-pane active"><br> </div>
</div>
</div>
<hr>
<b>Create new Portal </b> </div>
<div class="col-md-6">
<form method="post" action="Script.php">
<input type="hidden" name="frm_createCourse" value="true" required=""/>
Course Name <div class="container">
<input type="text" name="name" placeholder="Course Name" class="form-control" required=""> <!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist">
Course Code <li class="nav-item">
<input type="text" name="code" placeholder="Course Code" class="form-control" required=""> <a class="nav-link active" data-toggle="tab" href="#menua"> Course Portal </a>
</li>
URL (Leave blank to use Course Name) <li class="nav-item">
<input type="text" name="url" placeholder="Choose Custom URL " class="form-control" required=""> <a class="nav-link" data-toggle="tab" href="#menub">Existing Courses</a>
</li>
Academic Year
<input type="text" name="academic" placeholder="Academic Year" class="form-control" required=""> </ul>
Faculty <br> <!-- Tab panes -->
<input type="text" name="faculty" placeholder="Faculty" class="form-control" required=""> <div class="tab-content">
<div id="menua" class="container tab-pane active"><br>
Assign Lecturer
<br>
<select name="lecturer" class="form-control">
<?php
$result = mysqli_query($con,"SELECT * FROM Users_Table WHERE UserType='Lecturer'"); <hr>
if(mysqli_num_rows($result)==0) <b>Create new Portal </b>
{} else { while($row = mysqli_fetch_assoc($result)) {
$id=$row['User_ID'];
$name=$row['Full_Name'];
echo "<option value='$id'> $name </option>"; <form method="post" action="Script.php">
}}?> <input type="hidden" name="frm_createCourse" value="true" required=""/>
Course Name
</select> <input type="text" name="name" placeholder="Course Name" class="form-control" required="">
Course Code
<input type="text" name="code" placeholder="Course Code" class="form-control" required="">
URL (Leave blank to use Course Name)
<input type="text" name="url" placeholder="Choose Custom URL " class="form-control" required="">
Academic Year
<input type="text" name="academic" placeholder="Academic Year" class="form-control" required="">
Assigned T/A <br> Faculty <br>
<select name="ta" class="form-control"> <input type="text" name="faculty" placeholder="Faculty" class="form-control" required="">
<?php
$result = mysqli_query($con,"SELECT * FROM Users_Table WHERE UserType='TA'"); Assign Lecturer
if(mysqli_num_rows($result)==0) <br>
{} else { while($row = mysqli_fetch_assoc($result)) {
$id=$row['User_ID']; <select name="lecturer" class="form-control">
$name=$row['Full_Name']; <?php
echo "<option value='$id'> $name </option>"; $result = mysqli_query($con,"SELECT * FROM Users_Table WHERE UserType='Lecturer'");
}}?> if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) {
</select> $id=$row['User_ID'];
$name=$row['Full_Name'];
Verify Joining Students echo "<option value='$id'> $name </option>";
<input type="radio" name="verify" value="1"> Yes }}?>
<input type="radio" name="verify" value="0" checked=""> No
</select>
<br>
<input type="submit" class="btn btn-primary" value="Create Portal"><br>
</form>
<?php
error_reporting(E_ALL);
if(isset($_SESSION['info_Admin_Courses'])) { Assigned T/A <br>
echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Admin_Courses'].'</div>'; <select name="ta" class="form-control">
$_SESSION['info_Admin_Courses']=null; <?php
} $result = mysqli_query($con,"SELECT * FROM Users_Table WHERE UserType='TA'");
if(isset($_SESSION['info_Admin_Courses'])) { if(mysqli_num_rows($result)==0)
echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Admin_Courses'].'</div>'; {} else { while($row = mysqli_fetch_assoc($result)) {
$_SESSION['info_Admin_Courses']=null; $id=$row['User_ID'];
} $name=$row['Full_Name'];
echo "<option value='$id'> $name </option>";
?> }}?>
</select>
Verify Joining Students
<input type="radio" name="verify" value="1"> Yes
</div> <input type="radio" name="verify" value="0" checked=""> No
<br>
<div id="menub" class="container tab-pane fade"><br> <input type="submit" class="btn btn-primary" value="Create Portal"><br>
</form>
<b> Existing Course Portals </b>
<hr>
<table class="table-bordered" style="font-size: 10pt;"> <?php
<tr> <th>Course Name </th> <th> Faculty </th> <th>Lecturer </th> <th>TAs</th> <th>Assign new TA </th> </tr>
<?php error_reporting(E_ALL);
$result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID"); if(isset($_SESSION['info_Admin_Courses'])) {
if(mysqli_num_rows($result)==0) echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Admin_Courses'].'</div>';
{} else { while($row = mysqli_fetch_assoc($result)) { $_SESSION['info_Admin_Courses']=null;
$name=$row['Course_Name']; }
$code=$row['Course_Code']; if(isset($_SESSION['info_Admin_Courses'])) {
$faculty=$row['Faculty']; echo '<hr><div class="alert alert-info" role="alert">'.$_SESSION['info_Admin_Courses'].'</div>';
$lecturer=$row['Full_Name']; $_SESSION['info_Admin_Courses']=null;
$academic=$row['Academic_Year']; }
$c_id=$row['Course_ID'];
?>
$resultTA = mysqli_query($con,"SELECT `Course_ID`, `TA`,users_table.Full_Name as TA_NAME FROM `course_ta`
INNER JOIN users_table on users_table.User_ID=course_ta.TA
where course_ta.Course_ID=$c_id");
</div>
$ta="";
while($rowTA = mysqli_fetch_assoc($resultTA)) {
$ta=$ta." - ".$rowTA['TA_NAME']; <div id="menub" class="container tab-pane fade"><br>
}
<b> Existing Course Portals </b>
<hr>
<table class="table-bordered" style="font-size: 10pt;">
echo" <tr> <th>Course Name </th> <th> Faculty </th> <th>Lecturer </th> <th>TAs</th> <th>Assign new TA </th> </tr>
<tr> <td>$code - $name</td> <td>$faculty </td> <td>$lecturer</td><td>$ta</td> <td><form method='get' action='Script.php'> <select name='ta' class=''>"; <?php
$result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID");
if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) {
$resultx = mysqli_query($con,"SELECT * FROM Users_Table WHERE UserType='TA'"); $name=$row['Course_Name'];
if(mysqli_num_rows($resultx)==0) $code=$row['Course_Code'];
{} else { while($row = mysqli_fetch_assoc($resultx)) { $faculty=$row['Faculty'];
$id=$row['User_ID']; $lecturer=$row['Full_Name'];
$name=$row['Full_Name']; $academic=$row['Academic_Year'];
echo "<option value='$id'> $name </option>"; $c_id=$row['Course_ID'];
}}
echo "</select> <input type='hidden' name='assignTA' value='true'> <input type='hidden' name='id' value='$c_id'> <input type='submit' value='assign'></form> </td></tr> $resultTA = mysqli_query($con,"SELECT `Course_ID`, `TA`,users_table.Full_Name as TA_NAME FROM `course_ta`
"; INNER JOIN users_table on users_table.User_ID=course_ta.TA
where course_ta.Course_ID=$c_id");
$ta="";
}}?> while($rowTA = mysqli_fetch_assoc($resultTA)) {
$ta=$ta." - ".$rowTA['TA_NAME'];
</table> }
</div>
</div>
echo"
</div> <tr> <td>$code - $name</td> <td>$faculty </td> <td>$lecturer</td><td>$ta</td> <td><form method='get' action='Script.php'> <select name='ta' class=''>";
$resultx = mysqli_query($con,"SELECT * FROM Users_Table WHERE UserType='TA'");
if(mysqli_num_rows($resultx)==0)
<script> {} else { while($row = mysqli_fetch_assoc($resultx)) {
function updatePass(id,pass) $id=$row['User_ID'];
{ $name=$row['Full_Name'];
if(!confirm('Are you to Reset User Password')) echo "<option value='$id'> $name </option>";
{ }}
return;
}
echo "</select> <input type='hidden' name='assignTA' value='true'> <input type='hidden' name='id' value='$c_id'> <input type='submit' value='assign'></form> </td></tr>
window.location.href="\Script.php\?action=passchange&uid="+id+"&pass="+pass; ";
}
function blockUser(id,status)
{ }}?>
if(!confirm('Are you to change User Status'))
{ </table>
return;
} </div>
window.location.href="\Script.php\?action=statuschange&uid="+id+"&status="+status;
} </div>
</div>
<script>
function updatePass(id,pass)
{
if(!confirm('Are you to Reset User Password'))
{
return;
}
window.location.href="\Script.php\?action=passchange&uid="+id+"&pass="+pass;
}
function blockUser(id,status)
{
if(!confirm('Are you to change User Status'))
{
return;
}
window.location.href="\Script.php\?action=statuschange&uid="+id+"&status="+status;
}
</script> </script>

39
Connect.php
View File

@ -1,23 +1,16 @@
<?php <?php
session_start();
$servername = "localhost";
$username = "root";
$password = "";
$con=mysqli_connect("localhost","username","password","lrr");
// Check connection
// $servername = "sql202.epizy.com"; if (mysqli_connect_errno())
// $username = "epiz_23626301"; {
// $password = "wtn2rmj3"; echo "Failed to connect to MySQL: " . mysqli_connect_error();
// Create connection }
$con = new mysqli($servername, $username, $password,'lrr'); else
{
// Check connection echo "Connected";
if ($con->connect_error) { }
die("Database Connection failed: " . $conn->connect_error);
}
// else
// {
// echo "Connected";
// }
session_start();

29
Course.php
View File

@ -15,7 +15,9 @@ include 'Header.php';
. " ON users_table.User_ID=courses_table.Lecturer_User_ID where URL='$course_url' "); . " ON users_table.User_ID=courses_table.Lecturer_User_ID where URL='$course_url' ");
if(mysqli_num_rows($result)==0) if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) { {echo "should not be here";} else {
while($row = mysqli_fetch_assoc($result)) {
$name=$row['Course_Name']; $name=$row['Course_Name'];
$code=$row['Course_Code']; $code=$row['Course_Code'];
$faculty=$row['Faculty']; $faculty=$row['Faculty'];
@ -27,7 +29,7 @@ include 'Header.php';
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'> echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
Courses > $name ($code) > Lab Reports Courses > $name ($code) > Lab Reports
<br> <span style='font-size:8pt'>Faculty : $faculty Year : $academic Lecturer :$lecturer </span> <br> <span style='font-size:8pt'>Faculty: $faculty | Year: $academic | Lecturer: $lecturer </span>
</a></div> </a></div>
@ -75,7 +77,7 @@ if( $_SESSION['user_type']=="Student")
<!-- Nav tabs --> <!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist"> <ul class="nav nav-tabs" role="tablist">
<li class="nav-item"> <li class="nav-item">
<a class="nav-link active" data-toggle="tab" href="#menu1">New Labs Reports</a> <a class="nav-link active" data-toggle="tab" href="#menu1">New Lab Reports</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu2">Missed Lab Reports </a> <a class="nav-link" data-toggle="tab" href="#menu2">Missed Lab Reports </a>
@ -100,20 +102,18 @@ course_groups_table on course_group_members_table.Course_Group_id = course_grou
WHERE course_group_members_table.Student_ID=$student_id and course_groups_table.Course_id=$course_id"; WHERE course_group_members_table.Student_ID=$student_id and course_groups_table.Course_id=$course_id";
$resultx1 = mysqli_query($con,$sql);
$resultx1 = mysqli_query($con,$sql);
while($row = mysqli_fetch_assoc($resultx1)) {$_SESSION['group_id']=$row['Course_Group_id'];} while($row = mysqli_fetch_assoc($resultx1)) {$_SESSION['group_id']=$row['Course_Group_id'];}
$group_id=$_SESSION['group_id'];
if($group_id==""){$group_id=-1;} if($group_id==""){$group_id=-1;}
$group_id=$_SESSION['group_id'];
$var="SELECT Type,Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` $var="SELECT Type,Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
FROM `lab_reports_table` WHERE Course_ID=$course_id " FROM `lab_reports_table` WHERE Course_ID=$course_id "
. "" . ""
. "and (deadline > '$c_date' or Lab_Report_ID in (SELECT `Lab_Report_ID` FROM `extended_deadlines_table`" . "and (Deadline > '$c_date' or Lab_Report_ID in (SELECT `Lab_Report_ID` FROM `extended_deadlines_table`"
. " WHERE Lab_Report_ID in (select Lab_Report_ID from lab_reports_table where Course_ID=$course_id) and Student_ID=$student_id and Extended_Deadline_Date > '$c_date') ) " . " WHERE Lab_Report_ID in (select Lab_Report_ID from lab_reports_table where Course_ID=$course_id) and Student_ID=$student_id and Extended_Deadline_Date > '$c_date') ) "
. "" . ""
. "" . ""
@ -124,9 +124,7 @@ $var="SELECT Type,Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `
. "" . ""
. " ORDER by Lab_Report_ID DESC"; . " ORDER by Lab_Report_ID DESC";
$result1 = mysqli_query($con,$var);
$result1 = mysqli_query($con,$var);
if(mysqli_num_rows($result1)==0) if(mysqli_num_rows($result1)==0)
{ {
@ -652,11 +650,10 @@ where course_group_members_table.Course_Group_id=$id");
?> ?>
<script src="css/jquery-1.11.1.min.js"></script> <script src="./css/jquery-1.11.1.min.js"></script>
<script src="./css/jquery-ui.min.js"></script>
<script src="css/jquery-ui.min.js"></script> <link rel="stylesheet" href="./css/jquery-ui.css" />
<link rel="stylesheet" href="css/jquery-ui.css" />
<script> <script>
function CreateGroup() { function CreateGroup() {

18
Courses.php
View File

@ -29,12 +29,12 @@ $user_d=$_SESSION['user_id'];
<div class="row" style="width:80%;margin:auto; text-align:left;"> <div class="row" style="width:80%;margin:auto; text-align:left;">
<script src="css/jquery-1.11.1.min.js"></script>
<script src="css/jquery-ui.min.js"></script>
<link rel="stylesheet" href="css/jquery-ui.css" /> <script src="./css/jquery-1.11.1.min.js"></script>
<script src="./css/jquery-ui.min.js"></script>
<link rel="stylesheet" href="./css/jquery-ui.css" />
<script> <script>
@ -139,7 +139,7 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
$sql = "UPDATE `lab_reports_table` SET `Deadline` = ('" . $Deadline . "'), `Instructions` = ('" . $instructions . "'), `Title` = ('" . $title . "'), `Marks` = ('" . $marks . "') WHERE `lab_reports_table`.`Lab_Report_ID` = '$getid'"; $sql = "UPDATE `lab_reports_table` SET `Deadline` = ('" . $Deadline . "'), `Instructions` = ('" . $instructions . "'), `Title` = ('" . $title . "'), `Marks` = ('" . $marks . "') WHERE `lab_reports_table`.`Lab_Report_ID` = '$getid'";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_updated"]="Assignment information updated successfully."; $_SESSION["info_Updated"]="Information Updated Successfull";
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -253,9 +253,9 @@ Submission Type <input type='radio' name='type' value='Individual' required=''>
echo "<div class='col-md-7'> <h3> Lab Report Assignment list </h3>"; echo "<div class='col-md-7'> <h3> Lab Report Assignment list </h3>";
error_reporting(0); error_reporting(0);
if(isset($_SESSION["info_updated"])){ if(isset($_SESSION["info_Updated"])){
echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_updated'] . '</div>'; echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Updated'] . '</div>';
$_SESSION['info_updated'] = null; $_SESSION['info_Updated'] = null;
} }
if (isset($_SESSION['info_courses'])) { if (isset($_SESSION['info_courses'])) {
echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_courses'] . '</div>'; echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_courses'] . '</div>';

44
Footer.php
View File

@ -1,23 +1,23 @@
<br><br><br><br><br><br><br><br><br> <br><br><br><br><br><br><br><br><br>
<div style="background-color:;width:100%di"> <div style="background-color:;width:100%di">
</div> </div>

37
Header.php
View File

@ -5,7 +5,7 @@ error_reporting(0);
date_default_timezone_set('Asia/Shanghai'); date_default_timezone_set('Asia/Shanghai');
$con=mysqli_connect("localhost","root","","lrr"); $con=mysqli_connect("localhost","username","password","lrr");
// Check connection // Check connection
if (mysqli_connect_errno()) if (mysqli_connect_errno())
{ {
@ -25,15 +25,14 @@ else
<html> <html>
<header> <header>
<title>Lab Report Repository System</title>
<link href="css/bootstrap.min.css" rel="stylesheet" type="text/css"/> <link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css"/>
<link href="font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css"/> <link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css"/>
<script src="http://118.25.96.118/nor/css/jquery.min.js" type="text/javascript"></script> <script src="./css/jquery.min.js" type="text/javascript"></script>
<script src="http://118.25.96.118/nor/css/bootsrap.min.js" type="text/javascript"></script> <script src="./css/bootsrap.min.js" type="text/javascript"></script>
<link href="http://118.25.96.118/nor/css/bootstrap.min.css" rel="stylesheet" type="text/css"/> <link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css"/>
<script src="http://118.25.96.118/nor/css/jquery.datetimepicker.min.js" type="text/javascript"></script> <script src="./css/jquery.datetimepicker.min.js" type="text/javascript"></script>
<link rel = "shortcut icon" href = "logo_text.png">
@ -60,7 +59,7 @@ else
<li class="nav-item active"> <li class="nav-item active">
<li class="nav-item active"> <li class="nav-item active">
<a class='nav-link' href='~\..\Visitors.php'> <i class='fa fa-globe'></i> Visitor Portal <span class='sr-only'>(current)</span></a> <!-- <a class='nav-link' href='~\..\Visitors.php'> <i class='fa fa-globe'></i> Visitor Portal <span class='sr-only'>(current)</span></a> -->
</li> </li>
<?php <?php
if(isset($_SESSION["user_fullname"])) if(isset($_SESSION["user_fullname"]))
@ -83,12 +82,18 @@ else
?> ?>
<?php
if ($_SESSION['user_type'] == "Lecturer") {
echo "&nbsp;&nbsp;&nbsp; <i class=\"fa fa-cog\" style=\"color:#fff;\"> </i> &nbsp;<a style='color:#fff !important' href=\"~\..\Admin.php\">Admin </a>";
}
?>
&nbsp;&nbsp;&nbsp; <i class="fa fa-user" style="color:#fff;"> </i>
&nbsp;<a href="#" style='color:#fff !important' onclick="updatePass(<?php echo $_SESSION['user_id'];?>)">Update password</a>
&nbsp;&nbsp;&nbsp; <i class="fa fa-lock" style="color:#fff;"> </i> &nbsp;<a style='color:#fff !important' href="~\..\logout.php">Logout </a> &nbsp;&nbsp;&nbsp; <i class="fa fa-lock" style="color:#fff;"> </i> &nbsp;<a style='color:#fff !important' href="~\..\logout.php">Logout </a>
&nbsp; | &nbsp;<a href="#" style='color:#fff !important' onclick="updatePass(<?php echo $_SESSION['user_id'];?>)">Update Password</a>
<?php <?php
} }
?> ?>
@ -162,9 +167,9 @@ else
function updatePass(id) function updatePass(id)
{ {
var pass= prompt("Enter your New Password : ", "..."); var pass= prompt("Enter your new password : ", "...");
if(!confirm('Are you sure to Reset your Password?')) if(!confirm('Are you sure to reset your password?'))
{ {
return; return;
} }

2
Reset_password.php
View File

@ -46,4 +46,4 @@ $email=$_GET['email'];
</div> </div>
</form> </form>
</div> </div>
</div> </div>

293
Script.php
View File

@ -10,7 +10,7 @@
session_start(); session_start();
date_default_timezone_set('Asia/Shanghai'); date_default_timezone_set('Asia/Shanghai');
// CONNeCTION // CONNeCTION
$con=mysqli_connect("localhost","Teecloudy","5q7Ol2e!#!","lrr"); $con=mysqli_connect("localhost","username","password","lrr");
// Check connection // Check connection
if (mysqli_connect_errno()) if (mysqli_connect_errno())
{ {
@ -30,17 +30,30 @@ if (mysqli_connect_errno())
error_reporting(0); error_reporting(0);
if (!empty($_POST["frm_signup_1"])) { if (!empty($_POST["frm_signup_1"])) {
$student_id=mysqli_real_escape_string($con,$_POST["student_id"]); $student_id = mysqli_real_escape_string($con,$_POST["student_id"]);
$passport=mysqli_real_escape_string($con,$_POST["passport"]); $passport = mysqli_real_escape_string($con,$_POST["passport"]);
echo $student_id.' and '.$passport; // validate student number
if (strlen($student_id) != 12 || is_numeric($student_id) == FALSE) {
$_SESSION["info_signup1"] = "Invalid student number.";
header("Location: index.php");
return;
}
// passport should be empty (not used)
if (strcmp(trim($passport), '') != 0) {
$_SESSION["info_signup1"] = "Passport is disused. Please leave it empty.";
header("Location: index.php");
return;
}
$result = mysqli_query($con, $result = mysqli_query($con,
"SELECT * FROM `students_data` WHERE Student_ID='$student_id'"); "SELECT * FROM `students_data` WHERE Student_ID='$student_id'");
// Just removed this condition from the above command and (Passport_Number='$passport' or Passport_Number = '') // Just removed this condition from the above command and (Passport_Number='$passport' or Passport_Number = '')
if(mysqli_num_rows($result)==0) if(mysqli_num_rows($result)==0)
{ {
$_SESSION["info_signup1"]="Student Information could not be verified ! Please contact Student Management Office."; $_SESSION["info_signup1"]="Student number could not be verified! Please contact Student Management Office (lanhui at zjnu.edu.cn). Thanks.";
header("Location: index.php"); header("Location: index.php");
return; return;
} }
@ -61,7 +74,7 @@ if (!empty($_POST["frm_signup_1"])) {
} }
else else
{ {
$_SESSION["info_signup1"]="Student ID already in use ! Please contact Student Management Office if you failed to login to your account."; $_SESSION["info_signup1"]="Student ID already in use! Please contact Student Management Office (lanhui at zjnu.edu.cn).";
header("Location: index.php"); header("Location: index.php");
return; return;
} }
@ -83,35 +96,40 @@ if (!empty($_POST["frm_signup_1"])) {
// ############################### CREATE STUDENT USER ################################## // ############################### CREATE STUDENT USER ##################################
if (!empty($_POST["frm_signup_2"])) { if (!empty($_POST["frm_signup_2"])) {
$email=mysqli_real_escape_string($con,$_POST["email"]); $email = mysqli_real_escape_string($con,$_POST["email"]);
$password=mysqli_real_escape_string($con,$_POST["password"]); $password = mysqli_real_escape_string($con,$_POST["password"]);
$confirmpassword=mysqli_real_escape_string($con,$_POST["confirmpassword"]); $confirmpassword = mysqli_real_escape_string($con,$_POST["confirmpassword"]);
$fullname=mysqli_real_escape_string($con,$_POST["fullname"]); $fullname = mysqli_real_escape_string($con,$_POST["fullname"]);
$student_id=$_SESSION['user_student_id']; $student_id = $_SESSION['user_student_id'];
$passport= $_SESSION['user_passport']; $passport = $_SESSION['user_passport'];
$_SESSION['user_fullname']=$fullname; $_SESSION['user_fullname'] = $fullname;
$_SESSION['user_type']="Student"; $_SESSION['user_type'] = "Student";
$_SESSION['user_email']=$email; $_SESSION['user_email'] = $email;
// check confirmed password // check confirmed password
if ( strcasecmp( $password, $confirmpassword ) != 0 ){ if ( strcasecmp( $password, $confirmpassword ) != 0 ){
$_SESSION['info_signup2']="Incorrect Password confirmation"; $_SESSION['info_signup2']="Password confirmation failed.";
header("Location: signup.php"); header("Location: signup.php");
return; return;
} }
// $containsLetter = preg_match('/[a-zA-Z]/', $password);
// $containsDigit = preg_match('/\d/', $password); // validate email
// $containsSpecial = preg_match('/[^a-zA-Z\d]/', $password); if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$upperLetter = preg_match('@[A-Z]@', $password); $_SESSION['info_signup2']="Invalid email address.";
$smallLetter = preg_match('@[a-z]@', $password); header("Location: signup.php");
$containsDigit = preg_match('@[0-9]@', $password); return;
$containsSpecial = preg_match('@[^\w]@', $password); }
$upperLetter = preg_match('@[A-Z]@', $password);
$smallLetter = preg_match('@[a-z]@', $password);
$containsDigit = preg_match('@[0-9]@', $password);
$containsSpecial = preg_match('@[^\w]@', $password);
$containsAll = $upperLetter && $smallLetter && $containsDigit && $containsSpecial; $containsAll = $upperLetter && $smallLetter && $containsDigit && $containsSpecial;
// check for strong password
if($containsAll < 8) // check for strong password
{ if($containsAll < 8) {
$_SESSION['info_signup2']="Password should contain Letters , Numbers and sepcial characters"; $_SESSION['info_signup2']="Password must have at least characters that include letters, numbers and sepcial characters.";
header("Location: signup.php"); header("Location: signup.php");
return; return;
} }
// check if email is taked // check if email is taked
$result = mysqli_query($con, $result = mysqli_query($con,
@ -128,12 +146,12 @@ if (!empty($_POST["frm_signup_1"])) {
. "('$email','$password_hash','$fullname','Student','$student_id','$passport')"; . "('$email','$password_hash','$fullname','Student','$student_id','$passport')";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
header("Location: Courses.php"); header("Location: Courses.php");
} else {
} else { // echo "Error: " . $sql . "<br>" . $con->error;
echo "Error: " . $sql . "<br>" . $con->error; echo "Something really bad happend during sign up.";
}
} }
}
@ -142,6 +160,24 @@ if (!empty($_POST["frm_signup_1"])) {
if (!empty($_POST["frm_login"])) { if (!empty($_POST["frm_login"])) {
$user=mysqli_real_escape_string($con,$_POST["user"]); $user=mysqli_real_escape_string($con,$_POST["user"]);
$is_student_number = 0;
// Validate student number
if (is_numeric($user) && strlen($user) != 12) {
$_SESSION["info_login"] = "Invalid student number:"."$user";
header("Location: index.php");
return;
} else {
$is_student_number = 1;
}
if ($is_student_number == 0 && !filter_var($user, FILTER_VALIDATE_EMAIL)) {
$_SESSION["info_login"] = "Invalid email address: "."$user";
header("Location: index.php");
return;
}
$password=mysqli_real_escape_string($con,$_POST["password"]); $password=mysqli_real_escape_string($con,$_POST["password"]);
// $hashed_password=hash('sha512', $password); Not necessary in the login // $hashed_password=hash('sha512', $password); Not necessary in the login
$result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')"); $result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')");
@ -149,16 +185,16 @@ if(mysqli_num_rows($result)==0)
{ {
$_SESSION["info_login"]="Inavlid login information."; $_SESSION["info_login"]="Inavlid login information.";
echo $_SESSION["info_login"]; echo $_SESSION["info_login"];
header("Location: index.php"); header("Location: index.php");
} }
else else
{ {
while($row = mysqli_fetch_assoc($result)) { while($row = mysqli_fetch_assoc($result)) {
// verify the hashed password and unhashed password // verify the hashed password and unhashed password
$sha512pass = hash('sha512', $password); // for backward compatibility. Old passwords were hashed using SHA512 algorithm. $sha512pass = hash('sha512', $password); // for backward compatibility. Old passwords were hashed using SHA512 algorithm.
if(password_verify($password, $row["Password"]) or $sha512pass == $row["HashPassword"] or $password == $row["Password"]){ if(password_verify($password, $row["Password"]) or $sha512pass == $row["HashPassword"]) {
$_SESSION['user_id']=$row['User_ID']; $_SESSION['user_id']=$row['User_ID'];
$_SESSION['user_email']=$row['Email']; $_SESSION['user_email']=$row['Email'];
$_SESSION['user_student_id']=$row['Student_ID']; $_SESSION['user_student_id']=$row['Student_ID'];
@ -205,85 +241,39 @@ header("Location: index.php");
// ################################ Recover Password ##################################### // ################################ Recover Password #####################################
if (!empty($_POST["frm_recover_password"])) { if (!empty($_POST["frm_recover_password"])) {
$email=mysqli_real_escape_string($con,$_POST["email"]);
$result = mysqli_query($con, $student_id = mysqli_real_escape_string($con,$_POST["sno"]);
"SELECT * FROM Users_Table WHERE email='$email'"); $email = mysqli_real_escape_string($con,$_POST["email"]);
if(mysqli_num_rows($result)==0)
{
$_SESSION["info_recover_password"]="Email address is not recognised.";
echo "Email address was not recognised"; // validate student number
return; if (strlen($student_id) != 12 || is_numeric($student_id) == FALSE) {
header("Location: recover_password.php"); echo "Invalid student number.";
} return;
else }
{
while($row = mysqli_fetch_assoc($result)) {
$userid=$row['User_ID']; // validate email
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$email=urlencode($row['Email']); echo "Invalid email address.";
$pure_email=$row['Email']; return;
$id=$row['Student_ID'];
$token=$userid*$userid*$userid+$userid*0.00343;
$name=$row['Full_Name'];
$link="<a href='http://118.25.96.118/nor/Reset_password.php?token=$token&email=$email'>Click Here (点击这里) </a>";
$msg=urlencode(" <h3>Lab Report Repository System - ZJNU</h3> <br> Hi <b>"
.$name.
" </b> Here is your password recovery link , "
.$link.
" to reset your password , <br> please ignore this message if you did not request password recovery.<br><br> <hr><br><br>
您好 $name, 这是你的密码恢复链接,点击上面的链接 重置你的密码,
如果您没有请求密码恢复,请忽略此消息。 <br><br><br><br><br> <small>LRR System by Mohamed Nor. </small><hr>");
$title=urlencode("Password recovery Request for LRR system - ZJNU ");
$url="http://sms.samesoftware.com/email/send/?Subject=$title&Body=$msg&ToAddress=$email&token=s1234";
//$response = file_get_contents($url);
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
$data = curl_exec($ch);
if(curl_errno($ch))
echo 'Curl error: '.curl_error($ch);
curl_close ($ch);
echo $data."<hr>";
$_SESSION["info_login"]="<br> Please check your Inbox & Junk folders for the recovery email , a reset link was sent to your email <b> $pure_email </b>";
header("Location: index.php");
}
}
} }
$result = mysqli_query($con, "SELECT * FROM users_table WHERE Email='$email' and Student_ID='$student_id'");
if(mysqli_num_rows($result)==0)
{
$_SESSION["info_recover_password"]="Email address is not recognised.";
$_SESSION["info_recover_password"] = "Identity not recognized. Try again or send an inquiry email message to lanhui at zjnu.edu.cn.";
header("Location: recover_password.php");
} else
{
$result = mysqli_query($con, "DELETE FROM users_table WHERE Email='$email' and Student_ID='$student_id'");
$_SESSION["info_recover_password"] = "<b>Reset done. Please go to the sign up page and sign up again</b>.";
header("Location: recover_password.php");
}
}
@ -1399,47 +1389,54 @@ header("Location: Course.php?url=".$url);
//action=passchange&uid=1&pass=1929 //action=passchange&uid=1&pass=1929
if (!empty($_GET["action"])) { if (!empty($_GET["action"])) {
$action=$_GET["action"]; $action=$_GET["action"];
$uid=$_GET["uid"]; $uid=$_GET["uid"];
$pass=$_GET["pass"];
$status=$_GET["status"]; $pass = $_GET["pass"];
$pass = password_hash($pass, PASSWORD_DEFAULT);
$status=$_GET["status"];
// validate uid
if (intval($uid) < 0) {
header("Location: index.php");
return;
}
if($action=="passchange") if($action=="passchange")
{ {
$sql= "UPDATE users_table set Password='$pass' where User_ID=$uid;"; $sql= "UPDATE users_table set Password='$pass' where User_ID=$uid;";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
error_reporting(0);
error_reporting(0); echo "Password has been changed";
// return;
echo "Password has been changed"; $_SESSION["infoChangePassword"]=$type." User password was changed successfully.";
return; header("Location: index.php");
$_SESSION["info_Admin_Users"]=$type." User Password was Reset to his/her Passport/ID successfully "; } else {
header("Location: Admin.php"); // echo "Error: " . $sql . "<br>" . $con->error;
} echo "Something really bad happened while changing password. Contact lanhui at zjnu.edu.cn. Thanks!";
} }
else { }
echo "Error: " . $sql . "<br>" . $con->error;
}
if($action=="statuschange")
if($action=="statuschange") {
{ $sql= "UPDATE users_table set Status='$status' where User_ID=$uid;";
$sql= "UPDATE users_table set Status='$status' where User_ID=$uid;"; if ($con->query($sql) === TRUE) {
if ($con->query($sql) === TRUE) { $_SESSION["info_Admin_Users"]=$type." user Status updated successfully ";
header("Location: Admin.php");
$_SESSION["info_Admin_Users"]=$type." user Status updated successfully "; } else {
header("Location: Admin.php"); // echo "Error: " . $sql . "<br>" . $con->error;
echo "Something really bad happened while changing status. Contact lanhui at zjnu.edu.cn. Thanks!";
}
} }
}else { }
echo "Error: " . $sql . "<br>" . $con->error;
}
}

40
Student.php
View File

@ -1,20 +1,20 @@
<?php <?php
$page="student"; $page="student";
include 'Header.php'; include 'Header.php';
?> ?>
<br><br><br> <br><br><br>
<div class="row" style="width:80%;margin:auto;"> <div class="row" style="width:80%;margin:auto;">
<div class="col-md-6"> <div class="col-md-6">
<h1> STUEDNT Account Created , Now you can Browse Course Portals </h1> <h1> STUEDNT Account Created , Now you can Browse Course Portals </h1>
</div> </div>
</div> </div>

7
Submissions.php
View File

@ -556,11 +556,11 @@ where course_group_members_table.Course_Group_id=$id");
<script src="css/jquery-1.11.1.min.js"></script> <script src="https://code.jquery.com/jquery-1.11.1.min.js"></script>
<script src="css/jquery-ui.min.js"></script> <script src="https://code.jquery.com/ui/1.11.1/jquery-ui.min.js"></script>
<link rel="stylesheet" href="css/jquery-ui.css" /> <link rel="stylesheet" href="https://code.jquery.com/ui/1.11.1/themes/smoothness/jquery-ui.css" />
<script> <script>
function mark(id,title,marks) { function mark(id,title,marks) {
@ -626,3 +626,4 @@ Update Visibility<br><select name="status"> <option> Public </option><option>Pri
} }
</script> </script>

134
Visitors.php
View File

@ -1,67 +1,67 @@
<?php <?php
$page='Submit LAB+'; $page='Submit LAB+';
include 'Header.php'; include 'Header.php';
?> ?>
<div class='row' style='width:80%;margin:auto;'> <div class='row' style='width:80%;margin:auto;'>
<?php <?php
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'> echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
LRRS > Visitor Portal > Public Lab Reports LRRS > Visitor Portal > Public Lab Reports
<br> <span style='font-size:8pt'> </span> <br> <span style='font-size:8pt'> </span>
</a></div> </a></div>
"; ";
$result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Student_id, $result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Student_id,
`Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, `Title`, `Visibility` , `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, `Title`, `Visibility` ,
users_table.Full_Name,course_groups_table.Group_Name users_table.Full_Name,course_groups_table.Group_Name
FROM `lab_report_submissions` FROM `lab_report_submissions`
left join users_table on users_table.Student_ID=lab_report_submissions.Student_id left join users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
WHERE Visibility='Public' "); WHERE Visibility='Public' ");
if(mysqli_num_rows($result)==0) if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) { {} else { while($row = mysqli_fetch_assoc($result)) {
$att1=$row['Attachment1']; $att1=$row['Attachment1'];
$att2=$row['Attachment2']; $att2=$row['Attachment2'];
$sdate=$row['Submission_Date']; $sdate=$row['Submission_Date'];
$att3=$row['Attachment3']; $att3=$row['Attachment3'];
$att4=$row['Attachment4']; $att4=$row['Attachment4'];
$labid=$row['Lab_Report_ID']; $labid=$row['Lab_Report_ID'];
$title=$row['Title']; $title=$row['Title'];
$submitted_std=$row['Student_id']; $submitted_std=$row['Student_id'];
$submitted_group=$row['Course_Group_id']; $submitted_group=$row['Course_Group_id'];
$Submission_ID=$row['Submission_ID']; $Submission_ID=$row['Submission_ID'];
$sname=$row['Full_Name']; $sname=$row['Full_Name'];
$gname=$row['Group_Name']; $gname=$row['Group_Name'];
$Visibility=$row['Visibility']; $Visibility=$row['Visibility'];
$full_link="<a href='~\..\Lab_Report_Submisions\\$att1'>$att1</a>"; $full_link="<a href='~\..\Lab_Report_Submisions\\$att1'>$att1</a>";
if($att2!=""){ if($att2!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att2'>$att2</a>"; $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att2'>$att2</a>";
} }
if($att3!=""){ if($att3!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att3'>$att3</a>"; $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att3'>$att3</a>";
} }
if($att4!=""){ if($att4!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>"; $full_link= $full_link."| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
} }
echo" echo"
<div class='btn btn-default'> <div class='btn btn-default'>
$title <small>by $gname $sname </small> $title <small>by $gname $sname </small>
<br> <span style='font-size:8pt'>Submission Date :$sdate &nbsp;&nbsp; &nbsp; Files : $full_link </span> <br> <span style='font-size:8pt'>Submission Date :$sdate &nbsp;&nbsp; &nbsp; Files : $full_link </span>
</div> </div>
"; ";
}}?> }}?>
</div> </div>

55
batch_insert.php Normal file
View File

@ -0,0 +1,55 @@
<?php
// Code contributed by Xu Xiaopeng and his team (https://github.com/lanlab-org/LRR/pull/39/files#diff-b69ba96bf0e469383b373e8c9de257c0)
//数据库信息
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "lrr";
// 创建连接
$conn = mysqli_connect($servername, $username, $password, $dbname);
// 检测连接
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
//获得用户名数据
$source = $_POST['users'];
//如有多个空格,删除剩一个空格
$source1 = preg_replace('/\s\s+/', ' ', $source);
//去除首尾巴的空格
$source2 = trim($source1);
//根据空格拆分
$user = explode(' ', $source2);
//插入数据
for($index=0; $index < count($user); $index++) {
$result = mysqli_query($conn, "SELECT * FROM `students_data` WHERE Student_ID='$user[$index]'");
if (mysqli_num_rows($result) < 1) {
if (! mysqli_query($conn, "REPLACE INTO `students_data`(`Student_ID`, `Passport_Number`) VALUES('$user[$index]', '')" ) ) {
echo "SQL Error: " . $sql_stmt . "<br>" . mysqli_error($conn);
} else {
echo "<p>Student number $user[$index] added.</p>";
}
} else {
echo "<p><b>Student number $user[$index] already exists.</b></p>";
}
}
//返回按钮
echo "</br><input type='button' name='Back' onclick='javascript:history.back(-1);' value=' 返回 '>";
//释放缓存
$result->free();
//中断连接
mysqli_close($conn);
?>

19
index.php
View File

@ -40,21 +40,31 @@ Student ID / Email
Password Password
<input type="password" class="form-control" name="password" placeholder="password"> <input type="password" class="form-control" name="password" placeholder="password">
<br> <br>
<input type="submit" class="btn btn-primary" value="Login"><br> <a href="recover_password.php" style="font-weight:bold;color:orange">Recover lost password</a> <input type="submit" class="btn btn-primary" value="Login"><br> <a href="recover_password.php" style="font-weight:normal;color:orange">Reset my password</a>
<?php <?php
error_reporting(E_ALL); error_reporting(E_ALL);
if(isset($_SESSION['info_login'])) { if(isset($_SESSION['info_login'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_login'].'</div>'; echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_login'].'</div>';
$_SESSION['info_login']=null; $_SESSION['info_login']=null;
} }
// wrong pass // wrong pass
if(isset($_SESSION['wrong_pass'])) { if(isset($_SESSION['wrong_pass'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['wrong_pass'].'</div>'; echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['wrong_pass'].'</div>';
$_SESSION['wrong_pass']=null; $_SESSION['wrong_pass']=null;
} }
if(isset($_SESSION['infoChangePassword'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['infoChangePassword'].'</div>';
$_SESSION['infoChangePassword']=null;
}
?> ?>
</form> </form>
@ -67,7 +77,7 @@ if(isset($_SESSION['wrong_pass'])) {
<br> <br>
<h4 class="list-group-item active"> Student Sign up </h4> <h4 class="list-group-item active"> Student sign up </h4>
<div class="list-group-item"> <div class="list-group-item">
<form method="post" action="Script.php" name="frm_signup_1"> <form method="post" action="Script.php" name="frm_signup_1">
@ -79,7 +89,7 @@ if(isset($_SESSION['wrong_pass'])) {
Your Passport / National ID Your Passport / National ID
<input type="text" class="form-control" name="passport" placeholder="(Optional)"> <input type="text" class="form-control" name="passport" placeholder="(Optional)">
<br> <br>
<input type="submit" name="frm_signup_1" class="btn btn-primary" value="Next"> <br> <input type="submit" name="frm_signup_1" class="btn btn-primary" value="Next"> <br> Click Next to set up password
<?php <?php
error_reporting(E_ALL); error_reporting(E_ALL);
@ -112,8 +122,7 @@ if(isset($_SESSION['info_signup1'])) {
<hr> <hr>
<div style="" id="footer"> <div style="" id="footer">
Developed by : Mohamed Nor (201825800050)-houzi you can submit your suggestions & bug reports to mohamednor@qq.com <small>Last Update : 18/04/2020 by <i>Ashly</i> </small> LRRS was originally developed as a <a href="http://lanlab.org/course/2018f/se/homepage.html" style="color:white;">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi. Please submit your suggestions or bug reports to lanhui _at_ zjnu.edu.cn. Last updated on 18/04/2020 by Ashly. <a href="./homepage" style="color:white;">More information ...</a>
</div> </div>
</body> </body>

46
logout.php
View File

@ -1,24 +1,22 @@
<?php <?php
// Destory sessions & refiret to index
// Destory sessions & refiret to index session_destroy();
session_unset();
session_destroy(); // Start a new session
session_unset(); session_start();
// Start a new session
session_start(); // Generate a new session ID
session_regenerate_id(true);
// Generate a new session ID
session_regenerate_id(true); // Then finally, make sure you pick up the new session ID
$session_id = session_id();
// Then finally, make sure you pick up the new session ID
$session_id = session_id();
unset( $_SESSION['user_id']);
unset( $_SESSION['user_email']);
unset( $_SESSION['user_id']); unset( $_SESSION['user_type']);
unset( $_SESSION['user_email']); unset( $_SESSION['user_student_id']);
unset( $_SESSION['user_type']); unset( $_SESSION['user_fullname']);
unset( $_SESSION['user_student_id']); header("Location: index.php");
unset( $_SESSION['user_fullname']);
header("Location: index.php");

54
recover_password.php
View File

@ -6,42 +6,42 @@
* and open the template in the editor. * and open the template in the editor.
*/ */
include 'Header.php'; include 'Header.php';
?> ?>
<div class="row"> <div class="row">
<div class="col-md-4 list-group" style="margin:auto;"> <div class="col-md-4 list-group" style="margin:auto;">
<br>
<h4 class="list-group-item active"> Recover lost password </h4>
<div class="list-group-item">
<div class="panel-body">
<form method="post" action="Script.php" >
<input type="hidden" name="frm_recover_password" value="true"/>
Email
<input type="text" name="email" placeholder="Enter your Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>">
<br> <br>
<input type="submit" class="btn btn-primary" value="Recover">
<br> * You will recieve email with recovery information <h4 class="list-group-item active"> Reset my password </h4>
<?php <div class="list-group-item">
<div class="panel-body">
<form method="post" action="Script.php" >
<input type="hidden" name="frm_recover_password" value="true"/>
Student number <input type="text" name="sno" placeholder="Enter your student number" class="form-control" value="<?php echo $_SESSION['student_number']; ?>">
<br/>
Email <input type="text" name="email" placeholder="Enter your email address" class="form-control" value="<?php echo $_SESSION['user_email']; ?>">
<br/>
<input type="submit" class="btn btn-primary" value="Recover">
<br> * You will need to sign up again after you click the above button.
</form>
</div>
</div>
</div>
</div>
<?php
if(isset($_SESSION['info_recover_password'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_recover_password'].'</div>';
$_SESSION['info_recover_password']=null;
}
?> ?>
</form>
</div>
</div>
</div>
</div>
</form>
</div>
</div>

112
signup.php
View File

@ -1,57 +1,57 @@
<?php <?php
/* /*
* To change this license header, choose License Headers in Project Properties. * To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates * To change this template file, choose Tools | Templates
* and open the template in the editor. * and open the template in the editor.
*/ */
include 'Header.php'; include 'Header.php';
?> ?>
<div class="row"> <div class="row">
<div class="col-md-4 list-group" style="margin:auto;"> <div class="col-md-4 list-group" style="margin:auto;">
<br> <br>
<h4 class="list-group-item active"> Sign Up </h4> <h4 class="list-group-item active"> Sign Up </h4>
<div class="list-group-item"> <div class="list-group-item">
<div class="panel-body"> <div class="panel-body">
<form method="post" action="Script.php" > <form method="post" action="Script.php" >
<input type="hidden" value="true"/> <input type="hidden" name="frm_signup_2" value="true"/>
Full Name Full Name
<input type="text" name="fullname" placeholder="Your Full Name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>"> <input type="text" name="fullname" placeholder="Your Full Name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>">
Email Email
<input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>"> <input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>">
Password Password
<input type="password" class="form-control" name="password" placeholder="password"> <input type="password" class="form-control" name="password" placeholder="password">
Confirm Password Confirm Password
<input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password"> <input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password">
<br> <br>
<input type="submit" name="frm_signup_2" class="btn btn-primary" value="Sign up"> <input type="submit" class="btn btn-primary" value="Sign up">
<?php <?php
error_reporting(E_ALL); error_reporting(E_ALL);
if(isset($_SESSION['info_signup2'])) { if(isset($_SESSION['info_signup2'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_signup2'].'</div>'; echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_signup2'].'</div>';
$_SESSION['info_signup2']=null; $_SESSION['info_signup2']=null;
} }
?> ?>
</form> </form>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
</form> </form>
</div> </div>
</div> </div>

61
test.php Normal file
View File

@ -0,0 +1,61 @@
<?php
error_reporting(E_ALL);
ini_set('display_errors', 'on');
echo phpversion();
$hashed_password1 = hash('sha512', '123a');
$hashed_password2 = hash('sha512', '123a');
echo "Hash1=".$hashed_password1;
echo "<hr>Hash2=".$hashed_password2;
$con=mysqli_connect("localhost","username","password","lrr");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
else
{
echo "Connected ";
}
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$query = "SELECT * from users_table;";
$result = mysqli_query($con, $query);
if (mysqli_num_rows($result) > 0) {
echo "<table>";
while ($row = mysqli_fetch_assoc($result)) {
$id=$row["User_ID"];
$pass=$row["Password"];
$hash_pass=hash('sha512', $pass);
$inner_query = "update users_table set HashPassword='$hash_pass' where User_ID=$id;";
if ($con->query($inner_query) === TRUE) { echo " User # $id updated<br>"; }
//echo "<tr>";
//echo "<td>{$row['Password']}</td><td>{$row['Email']}</td>";
//echo "</tr>";
}
echo "</table>";
}