mrlan
/
LRR
3
0
Fork 2
Code Issues Pull Requests 7 Projects Releases Wiki Activity

“LiangLigang”

LiangLigang
bmth 2022-05-19 12:35:27 +08:00
parent 5fa0c1e040
commit eb532d10af
6 changed files with 1358 additions and 1160 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

946
Course.php
View File

File diff suppressed because it is too large Load Diff

1047
Courses.php
View File

File diff suppressed because it is too large Load Diff

7
Download.php
View File

@ -7,6 +7,11 @@ session_start();
// 修改这一行设置你的文件下载目录 // 修改这一行设置你的文件下载目录
// IMPORTANT: Do not delete the following conditional test
if (strpos($_GET['file'], "../") != false) { // 检查是否有 ../,防止用户构造路径,访问某个他不应该访问的目录
die("Sorry. Nothing to download.");
}
$file = "./../../lrr_submission".$_GET['file']; $file = "./../../lrr_submission".$_GET['file'];
$filename = basename($file); $filename = basename($file);
@ -20,7 +25,7 @@ $type = filetype($file);
$today = date("F j, Y, g:i a"); $today = date("F j, Y, g:i a");
$time = time(); $time = time();
if ( (isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"])) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA") { if ((isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"]) > 0) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA" ) {
// 发送文件头部 // 发送文件头部
header("Content-type: $type"); header("Content-type: $type");
header('Content-Disposition: attachment;filename="'.urldecode($filename).'"'); header('Content-Disposition: attachment;filename="'.urldecode($filename).'"');

124
Script.php
View File

@ -35,7 +35,6 @@ function is_valid_student_number($student_id)
// ############################### SIGN UP ################################## // ############################### SIGN UP ##################################
if (!empty($_POST["form_signup"])) { if (!empty($_POST["form_signup"])) {
$student_id = trim(mysqli_real_escape_string($con, $_POST["user_student_id"])); $student_id = trim(mysqli_real_escape_string($con, $_POST["user_student_id"]));
// validate student number // validate student number
@ -53,6 +52,7 @@ if (!empty($_POST["form_signup"])) {
return; return;
} }
// Check if the student number isn't already registered // Check if the student number isn't already registered
$student_result = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'"); $student_result = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
@ -270,7 +270,7 @@ if (!empty($_POST["frm_createlecturrer"])) {
$email = mysqli_real_escape_string($con, $_POST["email"]); $email = mysqli_real_escape_string($con, $_POST["email"]);
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]); $fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
$type = mysqli_real_escape_string($con, $_POST["type"]); $type = mysqli_real_escape_string($con, $_POST["type"]);
$password = $passport; $password = mysqli_real_escape_string($con, $_POST["passport"]);
// check if email is taken // check if email is taken
$result = mysqli_query($con, $result = mysqli_query($con,
"SELECT * FROM Users_Table WHERE email='$email'"); "SELECT * FROM Users_Table WHERE email='$email'");
@ -300,7 +300,7 @@ function is_valid_file_format($file)
'cvc', 'c', 'class', 'cpp', 'h', 'java', 'sh', 'swift', 'zip', 'rar', 'ods', 'xlr', 'bak', 'ico', 'swf' 'cvc', 'c', 'class', 'cpp', 'h', 'java', 'sh', 'swift', 'zip', 'rar', 'ods', 'xlr', 'bak', 'ico', 'swf'
); );
utf8_encode($filename = $_FILES[$file]['name']); $filename = $_FILES[$file]['name'];
$ext = pathinfo($filename, PATHINFO_EXTENSION); $ext = pathinfo($filename, PATHINFO_EXTENSION);
$result = in_array($ext, $allowed); $result = in_array($ext, $allowed);
return $result; return $result;
@ -452,10 +452,8 @@ function checksize($file)
} }
// ############################### Submit Assignment ################################## // ############################### Submit Assignment ##################################
if (!empty($_POST["frm_submitlab"])) { if (!empty($_POST["frm_submitlab"])) {
/* Posting values to database */
$lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]); $lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]);
$student_id = $_POST["student_id"]; $student_id = $_POST["student_id"];
$group_id = $_POST["group_id"]; $group_id = $_POST["group_id"];
@ -552,19 +550,19 @@ if (!empty($_POST["frm_submitlab"])) {
$targetfile4 = ""; $targetfile4 = "";
if (strlen($_FILES['attachment1']['name']) > 2) { // why greater than 2??? if (strlen($_FILES['attachment1']['name']) > 2) { // why greater than 2???
$targetfile = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment1']['name']; $targetfile = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment1']['name']);
} }
if (strlen($_FILES['attachment2']['name']) > 2) { if (strlen($_FILES['attachment2']['name']) > 2) {
$targetfile2 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment2']['name']; $targetfile2 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment2']['name']);
} }
if (strlen($_FILES['attachment3']['name']) > 2) { if (strlen($_FILES['attachment3']['name']) > 2) {
$targetfile3 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment3']['name']; $targetfile3 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment3']['name']);
} }
if (strlen($_FILES['attachment4']['name']) > 2) { if (strlen($_FILES['attachment4']['name']) > 2) {
$targetfile4 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment4']['name']; $targetfile4 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment4']['name']);
} }
// When $group_id is not properly initialized, use integer 0 as its value. // When $group_id is not properly initialized, use integer 0 as its value.
@ -597,9 +595,9 @@ if (!empty($_POST["frm_submitlab"])) {
// JOIN COURSE // JOIN COURSE
if (!empty($_GET["JoinCourse"])) { if (!empty($_GET["JoinCourse"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$student_id = $_GET["std"]; $student_id = mysqli_real_escape_string($con, $_GET["std"]);
$joining = $_GET["joining"]; $joining = mysqli_real_escape_string($con, $_GET["joining"]);
$status = "Pending"; $status = "Pending";
if ($joining == 0) { if ($joining == 0) {
@ -626,12 +624,12 @@ if (!empty($_GET["JoinCourse"])) {
if (!empty($_GET["savemarks"])) { if (!empty($_GET["savemarks"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$marks = $_GET["marks"]; $marks = mysqli_real_escape_string($con, $_GET["marks"]);
$total = $_GET["total"]; $total = mysqli_real_escape_string($con, $_GET["total"]);
$feedback = $_GET["feedback"]; $feedback = mysqli_real_escape_string($con, $_GET["feedback"]);
$header = $_GET["header"]; $header = mysqli_real_escape_string($con, $_GET["header"]);
$labid = $_GET["labid"]; $labid = mysqli_real_escape_string($con, $_GET["labid"]);
$status = "Marked"; $status = "Marked";
if ($marks > $total) { if ($marks > $total) {
@ -660,12 +658,12 @@ if (!empty($_GET["savemarks"])) {
#Update Report Visibility #Update Report Visibility
if (!empty($_GET["updatevisibility"])) { if (!empty($_GET["updatevisibility"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$marks = $_GET["marks"]; $marks = mysqli_real_escape_string($con, $_GET["marks"]);
$total = $_GET["total"]; $total = mysqli_real_escape_string($con, $_GET["total"]);
$status = $_GET["status"]; $status = mysqli_real_escape_string($con, $_GET["status"]);
$header = $_GET["header"]; $header = mysqli_real_escape_string($con, $_GET["header"]);
$labid = $_GET["labid"]; $labid = mysqli_real_escape_string($con, $_GET["labid"]);
$sql = "UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID=$id $sql = "UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID=$id
"; ";
@ -683,11 +681,11 @@ if (!empty($_GET["updatevisibility"])) {
if (!empty($_GET["remarking"])) { if (!empty($_GET["remarking"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$url = $_GET["url"]; $url = mysqli_real_escape_string($con, $_GET["url"]);
$status = $_GET["status"]; $status = mysqli_real_escape_string($con, $_GET["status"]);
$details = $_GET["details"]; $details = mysqli_real_escape_string($con, $_GET["details"]);
$sql = "UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID=$id $sql = "UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID=$id
"; ";
@ -705,10 +703,10 @@ if (!empty($_GET["remarking"])) {
if (!empty($_GET["creategroup"])) { if (!empty($_GET["creategroup"])) {
$student_id = $_GET["student_id"]; $student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$url = $_GET["url"]; $url = mysqli_real_escape_string($con, $_GET["url"]);
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$name = $_GET["name"]; $name = mysqli_real_escape_string($con, $_GET["name"]);
$sql = "INSERT INTO `course_groups_table`(`Group_Name`, $sql = "INSERT INTO `course_groups_table`(`Group_Name`,
`Group_Leader`, `Course_id`) VALUES ('$name',$student_id,$id)"; `Group_Leader`, `Course_id`) VALUES ('$name',$student_id,$id)";
@ -737,10 +735,10 @@ if (!empty($_GET["creategroup"])) {
if (!empty($_GET["groupinvite"])) { if (!empty($_GET["groupinvite"])) {
$student_id = $_GET["student_id"]; $student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$url = $_GET["url"]; $url = mysqli_real_escape_string($con, $_GET["url"]);
$courseid = $_GET["courseid"]; $courseid = mysqli_real_escape_string($con, $_GET["courseid"]);
$groupid = $_GET["groupid"]; $groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
$result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'"); $result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
if (mysqli_num_rows($result) > 0) { if (mysqli_num_rows($result) > 0) {
@ -796,10 +794,10 @@ if (!empty($_GET["groupinvite"])) {
if (!empty($_GET["acceptinvite"])) { if (!empty($_GET["acceptinvite"])) {
$student_id = $_GET["student_id"]; $student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$url = $_GET["url"]; $url = mysqli_real_escape_string($con, $_GET["url"]);
$action = $_GET["action"]; $action = mysqli_real_escape_string($con, $_GET["action"]);
$groupid = $_GET["groupid"]; $groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
if ($action == 1) { if ($action == 1) {
$sql = "Update `course_group_members_table` set Status='Joined' where Course_Group_id =$groupid and student_id=$student_id $sql = "Update `course_group_members_table` set Status='Joined' where Course_Group_id =$groupid and student_id=$student_id
@ -821,14 +819,14 @@ if (!empty($_GET["acceptinvite"])) {
if (!empty($_GET["extenddeadline"])) { if (!empty($_GET["extenddeadline"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$date = $_GET["date"]; $date = mysqli_real_escape_string($con, $_GET["date"]);
$time = $_GET["time"]; $time = mysqli_real_escape_string($con, $_GET["time"]);
$type = $_GET["type"]; $type = mysqli_real_escape_string($con, $_GET["type"]);
$stdid = $_GET["stdid"]; $stdid = mysqli_real_escape_string($con, $_GET["stdid"]);
$reason = $_GET["reason"]; $reason = mysqli_real_escape_string($con, $_GET["reason"]);
$url = $_GET["url"]; $url = mysqli_real_escape_string($con, $_GET["url"]);
$deadline = $date . " " . $time; $deadline = $date . " " . $time;
if ($type == 1) { if ($type == 1) {
@ -852,11 +850,11 @@ if (!empty($_GET["extenddeadline"])) {
if (!empty($_GET["ignoreremarking"])) { if (!empty($_GET["ignoreremarking"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$total = $_GET["total"]; $total = mysqli_real_escape_string($con, $_GET["total"]);
$header = $_GET["header"]; $header = mysqli_real_escape_string($con, $_GET["header"]);
$subid = $_GET["subid"]; $subid = mysqli_real_escape_string($con, $_GET["subid"]);
$sql = "UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID=$subid"; $sql = "UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID=$subid";
@ -873,8 +871,8 @@ if (!empty($_GET["ignoreremarking"])) {
if (!empty($_GET["assignTA"])) { if (!empty($_GET["assignTA"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$ta = $_GET["ta"]; $ta = mysqli_real_escape_string($con, $_GET["ta"]);
$sql = "INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ($id,$ta)"; $sql = "INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ($id,$ta)";
@ -891,8 +889,8 @@ if (!empty($_GET["assignTA"])) {
if (!empty($_GET["AcceptStudent"])) { if (!empty($_GET["AcceptStudent"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$rs = $_GET["rs"]; $rs = mysqli_real_escape_string($con, $_GET["rs"]);
if ($rs == "yes") { if ($rs == "yes") {
$sql = "Update course_students_table set Status='Joined' Where ID=$id"; $sql = "Update course_students_table set Status='Joined' Where ID=$id";
@ -919,12 +917,12 @@ if (!empty($_GET["AcceptStudent"])) {
if (!empty($_GET["action"])) { if (!empty($_GET["action"])) {
$action = $_GET["action"]; $action = $_GET["action"];
$uid = $_GET["uid"]; $uid = mysqli_real_escape_string($con, $_GET["uid"]);
$pass = $_GET["pass"]; $pass = mysqli_real_escape_string($con, $_GET["pass"]);
$pass = password_hash($pass, PASSWORD_DEFAULT); $pass = password_hash($pass, PASSWORD_DEFAULT);
$status = $_GET["status"]; $status = mysqli_real_escape_string($con, $_GET["status"]);
// validate uid // validate uid
if (intval($uid) < 0) { if (intval($uid) < 0) {
@ -932,12 +930,12 @@ if (!empty($_GET["action"])) {
return; return;
} }
if ($action == "passchange") { if ($action == "passchange" && $_SESSION['user_id'] == $uid) {
$sql = "UPDATE users_table set Password='$pass' where User_ID=$uid;"; $sql = "UPDATE users_table set Password='$pass' where User_ID=$uid;";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
error_reporting(0); error_reporting(0);
echo "Password has been changed"; echo "Password has been changed";
// return; //return;
$_SESSION["infoChangePassword"] = $type . " User password was changed successfully."; $_SESSION["infoChangePassword"] = $type . " User password was changed successfully.";
header("Location: index.php"); header("Location: index.php");
} else { } else {
@ -946,7 +944,7 @@ if (!empty($_GET["action"])) {
} }
} }
if ($action == "statuschange") { if ($action == "statuschange" && $_SESSION['user_id'] == $uid && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) {
$sql = "UPDATE users_table set Status='$status' where User_ID=$uid;"; $sql = "UPDATE users_table set Status='$status' where User_ID=$uid;";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"] = $type . " user Status updated successfully "; $_SESSION["info_Admin_Users"] = $type . " user Status updated successfully ";
@ -1007,8 +1005,8 @@ if (!empty($_POST["frm_createCourse"])) {
if (!empty($_GET["exportgrade"])) { if (!empty($_GET["exportgrade"])) {
$lab = $_GET["lab"]; $lab = mysqli_real_escape_string($con, $_GET["lab"]);
$lab_name = $_GET["lab_name"]; $lab_name = mysqli_real_escape_string($con, $_GET["lab_name"]);
error_reporting(0); error_reporting(0);

10
Submissions.php
View File

@ -10,7 +10,7 @@ $group_id = $_SESSION["user_group_id"];
$c_date = date("Y-m-d H:i"); $c_date = date("Y-m-d H:i");
if (!empty($_GET["id"])) { if (!empty($_GET["id"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$course_id = $id; $course_id = $id;
} }
@ -139,7 +139,6 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
if (mysqli_num_rows($result1) == 0) { if (mysqli_num_rows($result1) == 0) {
echo "No Un-Marked Submissions for this Lab Report."; echo "No Un-Marked Submissions for this Lab Report.";
} else { } else {
$mark_submission_btn_counter = 0;
while ($row = mysqli_fetch_assoc($result1)) { while ($row = mysqli_fetch_assoc($result1)) {
$title = $row['Title']; $title = $row['Title'];
$Marks = $row['Marks']; $Marks = $row['Marks'];
@ -158,7 +157,6 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
$groupname = $row['Group_Name']; $groupname = $row['Group_Name'];
$groupleader = $row['Group_Leader']; $groupleader = $row['Group_Leader'];
$student_id = $row['sub_std']; $student_id = $row['sub_std'];
$mark_submission_btn_counter += 1;
if ($submitted_group == 0) { if ($submitted_group == 0) {
$submitted_by = $student_name . "(" . $student_id . ")"; $submitted_by = $student_name . "(" . $student_id . ")";
@ -186,7 +184,7 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'> echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> by: <b> $submitted_by </b> $title <br> by: <b> $submitted_by </b>
<br> <span style='font-size:8pt'>Submitted : $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)' id='mark_submission_btn_$mark_submission_btn_counter'> Mark Submission</button><br> Attachments : $full_link </span> <br> <span style='font-size:8pt'>Submitted : $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark Submission</button><br> Attachments : $full_link </span>
</div></k>"; </div></k>";
} }
} }
@ -421,8 +419,8 @@ where course_group_members_table.Course_Group_id=$id");
try { try {
$('<form id="submit-form" method="get" action="Script.php">' + title + '(' + marks + ' marks) <input type="hidden" name="savemarks" value="true">\n\ $('<form id="submit-form" method="get" action="Script.php">' + title + '(' + marks + ' marks) <input type="hidden" name="savemarks" value="true">\n\
<input type="hidden" name="total" value="' + marks + '" > <input type="hidden" name="id" value="' + id + '" ><br> Marks <input type="text" name="marks" id="marks">\n\ <input type="hidden" name="total" value="' + marks + '" > <input type="hidden" name="id" value="' + id + '" ><br> Marks <input type="text" name="marks">\n\
Comments <textarea name="feedback" id="feedback"></textarea> \n\ Comments <textarea name="feedback"></textarea> \n\
<input type="hidden" name="labid" value="<?php echo $course_id; ?>"> <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({ <input type="hidden" name="labid" value="<?php echo $course_id; ?>"> <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({
modal: true, modal: true,
title: 'Mark Submission', title: 'Mark Submission',

158
SubmitLab.php
View File

@ -3,123 +3,133 @@ include 'NoDirectPhpAcess.php';
?> ?>
<?php <?php
$page = 'Submit LAB+'; $page='Submit LAB+';
include 'Header.php'; include 'Header.php';
?> ?>
<div class='row' style='width:80%;margin:auto;'> <div class='row' style='width:80%;margin:auto;'>
<?php
$c_date = date("Y-m-d H:i"); <?php
$student_id = $_SESSION["user_student_id"];
if (!empty($_GET["id"])) { $c_date = date("Y-m-d H:i");
$id = $_GET["id"]; $student_id = $_SESSION["user_student_id"];
$url = $_GET["url"];
$result1 = mysqli_query($con, " SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and Deadline > '$c_date' ORDER by Lab_Report_ID DESC"); if(!empty($_GET["id"]))
if (mysqli_num_rows($result1) == 0) { {
echo "No active assignments for this course so far."; $id = mysqli_real_escape_string($con, $_GET["id"]);
} else { $url = mysqli_real_escape_string($con, $_GET["url"]);
while ($row = mysqli_fetch_assoc($result1)) { $result1 = mysqli_query($con," SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and Deadline > '$c_date' ORDER by Lab_Report_ID DESC");
if(mysqli_num_rows($result1) == 0)
{
echo "No active assignments for this course so far.";
$Course_ID = $row['Course_ID']; } else {
$title = $row['Title'];
$ins = $row['Instructions'];
$posted = $row['Posted_Date'];
$deadline = $row['Deadline'];
$att1 = $row['Attachment_link_1'];
$att2 = $row['Attachment_link_2'];
$att3 = $row['Attachment_link_3'];
$att4 = $row['Attachment_link_4'];
$labid = $row['Lab_Report_ID'];
$type = $row['Type'];
//----------------------------------Giving both the Group Admin and Group Members same priviledges to submit assignment-------------------------------------- while($row = mysqli_fetch_assoc($result1)) {
if ($type == "Group") {
$resultx1 = mysqli_query($con, "SELECT Course_Group_id FROM `course_groups_table` WHERE (Course_id=$Course_ID) and ((Group_Member=$student_id ) or (Group_Member2=$student_id ) or (Group_Member3=$student_id ) or (Group_Member4=$student_id ) or (Group_Leader=$student_id))");
while ($row = mysqli_fetch_assoc($resultx1)) {
$_SESSION["Group_ID"] = $row['Course_Group_id'];
}
if ($_SESSION["Group_ID"] < 1) { $Course_ID = $row['Course_ID'];
echo " <center><h3> This Lab report can only be submitted by Group Admin </h3> </center> "; $title = $row['Title'];
return; $ins = $row['Instructions'];
} $posted = $row['Posted_Date'];
$deadline = $row['Deadline'];
$att1 = $row['Attachment_link_1'];
$att2 = $row['Attachment_link_2'];
$att3 = $row['Attachment_link_3'];
$att4 = $row['Attachment_link_4'];
$labid = $row['Lab_Report_ID'];
$type = $row['Type'];
//----------------------------------Giving both the Group Admin and Group Members same priviledges to submit assignment--------------------------------------
if($type=="Group"){
$resultx1 = mysqli_query($con,"SELECT Course_Group_id FROM `course_groups_table` WHERE (Course_id=$Course_ID) and ((Group_Member=$student_id ) or (Group_Member2=$student_id ) or (Group_Member3=$student_id ) or (Group_Member4=$student_id ) or (Group_Leader=$student_id))");
while($row = mysqli_fetch_assoc($resultx1)) {
$_SESSION["Group_ID"] = $row['Course_Group_id'];
} }
$full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>"; if($_SESSION["Group_ID"] < 1)
{
if ($att2 != "") { echo" <center><h3> This Lab report can only be submitted by Group Admin </h3> </center> ";
$full_link = $full_link . "| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>"; return;
}
if ($att3 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
} }
}
if ($att4 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
}
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'> $full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
if($att2!=""){
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
}
if($att3!=""){
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
}
if($att4!=""){
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
}
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
Courses > $url > Submlit Lab Report > $title Courses > $url > Submlit Lab Report > $title
<br> <br>
</a></div> </a></div>
"; ";
echo ""; echo "";
}
} }
} }
}
$Group_ID = $_SESSION["Group_ID"]; $Group_ID = $_SESSION["Group_ID"];
?> ?>
</div> </div>
<div style="width:80%;margin:auto;"> <div style="width:80%;margin:auto;">
<h3> Submit Lab Report Assignment </h3> <h3> Submit Lab Report Assignment </h3>
<hr> <hr>
<div class="row"> <div class="row">
<div class="col-md-6"> <div class="col-md-6">
<form method='post' enctype='multipart/form-data' action='Script.php' id="submit_lab_report_form">
<input type='hidden' name='frm_submitlab' value='true' required='' />
<input type='hidden' name='lab_id' value='<?php echo $id; ?>' required='' />
<input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required='' />
<input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required='' />
<input type='hidden' name='url' value='<?php echo $url; ?>' required='' />
Title <form method='post' enctype='multipart/form-data' action='Script.php'>
<input type='text' name='title' placeholder='Ttle' class='form-control' required='' id="title"> <input type='hidden' name='frm_submitlab' value='true' required=''/>
<input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/>
<input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/>
<input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required=''/>
<input type='hidden' name='url' value='<?php echo $url; ?>' required=''/>
Attachment 1 Title
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required='' id="attachment1"> <input type='text' name='title' placeholder='Ttle' class='form-control' required=''>
Attachment 2 Attachment 1
<input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'> <input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
</div> Attachment 2
<input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
<div class="col-md-6"> </div>
Attachment 3 <div class="col-md-6">
<input type='file' name='attachment3' placeholder='Attachment 3' class='form-control'>
Attachment 4 Attachment 3
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control'> <input type='file' name='attachment3' placeholder='Attachment 3' class='form-control' >
<br>
<input type='submit' class='btn btn-primary' value='Submit Lab Assignment' id="submit_lab_assignment_btn"><br> Attachment 4
</form> <input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
<br>
</div> <input type='submit' class='btn btn-primary' value='Submit Lab Assignment'><br>
</form>
</div> </div>
</div>
</div> </div>