mrlan
/
LRR
4
0
Fork 2
Code Issues Pull Requests 7 Projects Releases Wiki Activity

Compare commits

base: mrlan:5d0d0d91f7f9485ba1f67317602a1aba7489ad80
Branches Tags
mrlan:master
mrlan:Hui-Organize
mrlan:Bug48-Aya
mrlan:Bug197-Zayid-V2
mrlan:InstallationGuide
mrlan:Bug197-Zayid
mrlan:Bug193-Martha
mrlan:Bug430-Eden
mrlan:Bug486-Nartey
mrlan:Nartey-Testscript
mrlan:Eden-Testscript
mrlan:BUG352-NEIL2
mrlan:Bug352-Neil-Revised
mrlan:Bug418-Yaaqob
mrlan:update-MPIANA-tests
mrlan:Bug418-YAAQOB-MPIANA
mrlan:Bug557-Ayoub
mrlan:BUG352-NEIL
mrlan:Bug430-Eden2
mrlan:nar
mrlan:Hui-improve-README.md
mrlan:Bug469-Hui
mrlan:Bug519-Hui
mrlan:Refactor-Moyo
mrlan:Bug469-kingsley
mrlan:Bug457-YAAQOB
mrlan:Bug510-Abdulai
mrlan:Bug485-Abdulai
mrlan:Xuxuan
mrlan:Bug196-Ward
mrlan:Bug404-Edson
mrlan:niweicong-bug-458-revised
mrlan:Bug34-Lamashevskyi
mrlan:Bug418-Lamashevskyi
mrlan:Bug37-Dmytro
mrlan:Bug_461_Martha
mrlan:niweicong-bug-458&459
mrlan:SPM-Zayid-468
mrlan:Bug23-Haji
mrlan:bug23-Haaji
mrlan:SMP-ZAYID-468-FEATURE
mrlan:LiangLigang
mrlan:Bug256-Umar
mrlan:Bug246-Petros
mrlan:AutoTesting-Golden
mrlan:IDVerificationBug-Golden
mrlan:Bug200-Ward
mrlan:SeleniumIbrahim-Ibrahim
mrlan:SeleniumIbrahimUpdate-Ibrahim
mrlan:bug231-Ibrahim
mrlan:bug312-Golden
mrlan:Bug203-Hui
mrlan:Hui-UserDoc
mrlan:Hui-DeleteUnnecessaryImages
mrlan:ProjectHomePage
mrlan:Hui-Bug330
mrlan:Hui-CodeIndentation
mrlan:Hui-Bug29
mrlan:Hui-Bug337
mrlan:SIMPLICITY_link
mrlan:Hui-IndentCode
mrlan:Mabasa-bugfix-199
mrlan:Mabasa-readmefix
mrlan:Mvondo-bugfix-21
mrlan:Hui-LecturerEmail
mrlan:SIMPLICITY_Bug-189_Course_Delete_btn
mrlan:sunflower
..
compare: mrlan:9f03d380cdca911a5607549a5c4bfc776752dadf
Branches Tags
mrlan:master
mrlan:Hui-Organize
mrlan:Bug48-Aya
mrlan:Bug197-Zayid-V2
mrlan:InstallationGuide
mrlan:Bug197-Zayid
mrlan:Bug193-Martha
mrlan:Bug430-Eden
mrlan:Bug486-Nartey
mrlan:Nartey-Testscript
mrlan:Eden-Testscript
mrlan:BUG352-NEIL2
mrlan:Bug352-Neil-Revised
mrlan:Bug418-Yaaqob
mrlan:update-MPIANA-tests
mrlan:Bug418-YAAQOB-MPIANA
mrlan:Bug557-Ayoub
mrlan:BUG352-NEIL
mrlan:Bug430-Eden2
mrlan:nar
mrlan:Hui-improve-README.md
mrlan:Bug469-Hui
mrlan:Bug519-Hui
mrlan:Refactor-Moyo
mrlan:Bug469-kingsley
mrlan:Bug457-YAAQOB
mrlan:Bug510-Abdulai
mrlan:Bug485-Abdulai
mrlan:Xuxuan
mrlan:Bug196-Ward
mrlan:Bug404-Edson
mrlan:niweicong-bug-458-revised
mrlan:Bug34-Lamashevskyi
mrlan:Bug418-Lamashevskyi
mrlan:Bug37-Dmytro
mrlan:Bug_461_Martha
mrlan:niweicong-bug-458&459
mrlan:SPM-Zayid-468
mrlan:Bug23-Haji
mrlan:bug23-Haaji
mrlan:SMP-ZAYID-468-FEATURE
mrlan:LiangLigang
mrlan:Bug256-Umar
mrlan:Bug246-Petros
mrlan:AutoTesting-Golden
mrlan:IDVerificationBug-Golden
mrlan:Bug200-Ward
mrlan:SeleniumIbrahim-Ibrahim
mrlan:SeleniumIbrahimUpdate-Ibrahim
mrlan:bug231-Ibrahim
mrlan:bug312-Golden
mrlan:Bug203-Hui
mrlan:Hui-UserDoc
mrlan:Hui-DeleteUnnecessaryImages
mrlan:ProjectHomePage
mrlan:Hui-Bug330
mrlan:Hui-CodeIndentation
mrlan:Hui-Bug29
mrlan:Hui-Bug337
mrlan:SIMPLICITY_link
mrlan:Hui-IndentCode
mrlan:Mabasa-bugfix-199
mrlan:Mabasa-readmefix
mrlan:Mvondo-bugfix-21
mrlan:Hui-LecturerEmail
mrlan:SIMPLICITY_Bug-189_Course_Delete_btn
mrlan:sunflower

No commits in common. "5d0d0d91f7f9485ba1f67317602a1aba7489ad80" and "9f03d380cdca911a5607549a5c4bfc776752dadf" have entirely different histories.
5d0d0d91f7 ... 9f03d380cd

42 changed files with 3938 additions and 2935 deletions
Show Stats Expand all files Collapse all files

BIN
.DS_Store vendored Normal file
View File

Binary file not shown.

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
.vscode .vscode
.DS_Store

556
Admin.php
View File

@ -1,263 +1,293 @@
<?php <?php
include 'NoDirectPhpAcess.php'; include 'NoDirectPhpAcess.php';
?> ?>
<?php <?php
$page = "admin"; $page = "admin";
include 'Header.php'; include 'Header.php';
?> ?>
<?php <?php
//Only Lecturer or Admin could access this page // Only Lecturer or Admin could access this page
if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") { if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
die("Sorry. Nothing to see here."); die("Sorry. Nothing to see here.");
} }
?> ?>
<div class="container">
<style>
.col-md-4 {
<br> border-right: 1px solid skyblue;
<h1 class="display-6"> Administration panel </h1> }
</style>
<hr>
<div class="row"> <br>
<div style="width: 80%;margin: auto;">
<div class="col-md-6"> <h2> Administration Panel </h2>
</div>
<!-- Nav tabs -->
<ul class="nav nav-tabs" id="myTab"> <hr>
<div class="row" style="width: 80%;margin: auto;">
<li class="nav-item">
<a class="nav-link active" href="#tab-student-accounts" id="batch_tab">Create student accounts</a> <!--<h4>General system Settings</h4><hr>
</li> <a href="" class="btn btn-lg btn-primary">View System Log </a>
<hr>
<li class="nav-item"> Lab Privacy Mode: (STUDENT VERIFICATION)
<a class="nav-link" href="#tab-ins-accounts" id="tab_ins_accounts">Create instructor account</a> <hr>
</li> -->
<div class="col-md-6">
<li class="nav-item">
<a class="nav-link" href="#tab-existing-accounts" id="existing_accounts_tab">Existing accounts</a> <?php
</li> if ($_SESSION['user_type'] == "Lecturer") {
</ul>
echo " <h4> TA Account Management </h4>
<!-- Tab panes --> <hr> " ;
<div class="tab-content"> echo "<b>TA Accounts </b><br>" ;
}
<!-- code contributed by Xu Xiaopeng (https://github.com/xxp1999) --> else if($_SESSION['user_type'] == "Admin"){
<div id="tab-student-accounts" class="tab-pane active" style="margin-top:5px"> echo " <h4> Lecturer Account Management </h4>
<p class="text-muted">Copy & paste student number to the following box, and separate two student numbers with a space.</p> <hr> ";
<form action="batch_insert.php" method="post" id="batch_form"> echo "<b>Lecturer Accounts </b><br>";
<textarea cols="60" rows="16" name="users" required=""></textarea> }
<button type="submit" class="btn btn-primary" id="register_btn">Register students</button>
</form> ?>
</div>
<div class="container">
<div id="tab-ins-accounts" class="tab-pane"><br>
<!-- Nav tabs -->
<?php <ul class="nav nav-tabs" role="tablist">
if ($_SESSION['user_type'] == "Lecturer") {
echo "<p class=\"text-muted\">Create TA Accounts</p>"; <li class="nav-item">
} <a class="nav-link active" data-toggle="tab" href="#home">Create New Account</a>
else if($_SESSION['user_type'] == "Admin"){ </li>
echo "<p class=\"text-muted\">Create Lecturer Accounts</p>";
} <li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu2" id="batch_tab">Batch Create New Student Accounts</a>
?> </li>
<form method="post" action="Script.php" id="create_account_form">
<input type="hidden" name="form_createlecturrer" value="true" required="" /> <li class="nav-item">
Full name <a class="nav-link" data-toggle="tab" href="#menu1" id="existing_accounts_tab">Existing Accounts</a>
<input type="text" name="fullname" placeholder="Full Name" class="form-control" required=""> <br> </li>
Email
<input type="text" name="email" placeholder="Email / Student Number" class="form-control" > <br> </ul>
Initial password (Enter a strong password or leave it empty to let LRR generate one)
<input type="password" class="form-control" name="password" minlength="8" placeholder="Initial password" > <br> <!-- Tab panes -->
User type: <div class="tab-content">
<?php
<div id="home" class="container tab-pane active"><br>
if ($_SESSION['user_type'] == "Lecturer") {
echo ' <input type="radio" name="type" value="TA" required="" id="role_TA"> TA (Teaching Assistant) '; <?php
} else if ($_SESSION['user_type'] == "Admin"){ if ($_SESSION['user_type'] == "Lecturer") {
echo " <input type='radio' name='type' value='Lecturer' required='' id='role_lecturer'> Lecturer ";
} echo "<b>Create TA Accounts </b>";
?> }
else if($_SESSION['user_type'] == "Admin"){
<br><br> echo "<b>Create Lecturer Accounts </b>";
<button type="submit" class="btn btn-primary" name="create_btn">Create</button> }
<?php ?>
error_reporting(E_ALL); <form method="post" action="Script.php" id="create_account_form">
if (isset($_SESSION['info_Admin_Users'])) { <input type="hidden" name="frm_createlecturrer" value="true" required="" />
echo '<hr><div class="alert alert-warning" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>'; Full Name
$_SESSION['info_Admin_Users'] = null; <input type="text" name="fullname" placeholder="Full Name" class="form-control" required="">
} Email
if (isset($_SESSION['info_Admin_Users'])) { <input type="text" name="email" placeholder="Email / Student Number" class="form-control" required="">
echo '<hr><div class="alert alert-warning" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>';
$_SESSION['info_Admin_Users'] = null; Passport Number / ID (Used as Initial Password)
} <input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required="">
?> <br> User Type :
</form> <?php
</div> if ($_SESSION['user_type'] == "Lecturer") {
echo ' <input type="radio" name="type" value="TA" required="" id="role_TA"> TA (Teaching Assistant) ';
<div id="tab-existing-accounts" class="tab-pane"><br>
}
<table class="table" style="font-size: 10pt;"> else if($_SESSION['user_type'] == "Admin"){
<tr style="font-size:10pt;">
<th>ID</th> echo " <input type='radio' name = 'type' value = 'Lecturer' required = '' id='role_lecturer' > Lecturer ";
<th>Name</th>
<th>Email</th> }
<th>Reset password </th>
<th>Block/Activate </th> ?>
</tr>
<?php <input type="submit" class="btn btn-primary" value="Create" id="create_btn"><br>
if ($_SESSION['user_type'] == "Lecturer") { <?php
$result = mysqli_query( error_reporting(E_ALL);
$con, if (isset($_SESSION['info_Admin_Users'])) {
"SELECT * FROM users_table WHERE UserType in ('TA')" echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>';
); $_SESSION['info_Admin_Users'] = null;
} }
if (isset($_SESSION['info_Admin_Users'])) {
else if ($_SESSION['user_type'] == "Admin"){ echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>';
$result = mysqli_query( $_SESSION['info_Admin_Users'] = null;
$con, }
"SELECT * FROM users_table WHERE UserType in ('Lecturer')"
); ?>
}
</form>
while ($row = mysqli_fetch_assoc($result)) {
$pass = $row['Password']; <hr>
$btn = "<button class='btn btn-warning' onclick=\"updatePassword(" . $row['User_ID'] . ",'$pass')\">Reset</button>";
if ($row['Status'] == "Active") { </div>
$newstatus = "Blocked";
$btnBlock = "<button class='btn btn-danger' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"block_account_1\">Block</button>"; <div id="menu1" class="container tab-pane fade"><br>
} else {
$newstatus = "Active"; <table class="table-bordered" style="font-size: 10pt;">
$btnBlock = "<button class='btn btn-success' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"activate_account_1\">Activate</button>"; <tr style="font-size:10pt;">
} <th>ID</th>
<th>Name</th>
echo "<tr><td>" . $row['User_ID'] . "</td><td>" . $row['Full_Name'] . "</td><td>" . $row['Email'] . "</td><td>$btn</td><td>$btnBlock</td></tr>"; <th>Email</th>
} <th>Passport / ID </th>
?> <th>Reset Password </th>
</table> <th>Block/Activate </th>
</div> </tr>
<?php
</div>
if ($_SESSION['user_type'] == "Lecturer") {
</div>
$result = mysqli_query(
<div class="col-md-6"> $con,
"SELECT * FROM Users_Table WHERE UserType in ('TA')"
<ul class="nav nav-tabs" id="myTab"> );
<li class="nav-item"> }
<a class="nav-link active" href="#tab-existing-courses" id="existing_courses">Existing courses</a>
</li> else if($_SESSION['user_type'] == "Admin"){
</ul> $result = mysqli_query(
$con,
<div id="tab-existing-courses" class="tab-pane active"><br> "SELECT * FROM Users_Table WHERE UserType in ('Lecturer')"
);
<p class="text-muted"> Past courses </p> }
<table class="table" style="font-size: 10pt;"> while ($row = mysqli_fetch_assoc($result)) {
<tr> $pass = $row['Passport_Number'];
<th>Course name</th> $btn = "<button class='btn-primary' onclick=\"updatePass(" . $row['User_ID'] . ",'$pass')\">Reset</button>";
<th>Faculty</th> if ($row['Status'] == "Active") {
<th>Lecturer</th> $newstatus = "Blocked";
<th>TAs</th> $btnBlock = "<button class='btn-danger' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"block_account_1\">Block</button>";
<th>Assign a new TA </th> } else {
</tr> $newstatus = "Active";
$btnBlock = "<button class='btn-success' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"activate_account_1\">Activate</button>";
<?php }
$user_id = $_SESSION['user_id'];
if ($_SESSION['user_type'] == 'Lecturer') { echo "<tr><td>" . $row['User_ID'] . "</td><td>" . $row['Full_Name'] . "</td><td>" . $row['Email'] . "</td> <td>" . $row['Passport_Number'] . "</td><td>$btn</td><td>$btnBlock</td></tr>";
$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `TA_User_ID`, `Course_Code`, `Full_Name` FROM courses_table INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID WHERE User_ID=$user_id ORDER BY Academic_Year DESC;"); }
} else if ($_SESSION['user_type'] == 'Admin') { ?>
$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `TA_User_ID`, `Course_Code`, `Full_Name` FROM courses_table INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID ORDER BY Academic_Year DESC;"); </table>
}
if (mysqli_num_rows($result) != 0) { </div>
$counter = 0;
while ($row = mysqli_fetch_assoc($result)) { <!-- code contributed by Xu Xiaopeng (https://github.com/xxp1999) -->
$name = $row['Course_Name'];
$code = $row['Course_Code']; <div id="menu2" class="container tab-pane fade" style="margin-top:10px">
$faculty = $row['Faculty']; <b>Separate two student numbers with a space.</b><br>
$lecturer = $row['Full_Name']; <form action="batch_insert.php" method="post" id="batch_form">
$academic = $row['Academic_Year']; <p>
$c_id = $row['Course_ID']; <textarea cols="80" rows="16" name="users" required=""></textarea>
$counter += 1; </p>
<input type="submit" class="btn btn-primary" value="Register Students" id="register_btn"><br>
$resultTA = mysqli_query($con, "SELECT `Course_ID`, `TA`, users_table.Full_Name as TA_NAME FROM course_ta INNER JOIN users_table on users_table.User_ID=course_ta.TA where course_ta.Course_ID=$c_id"); </form>
</div>
$ta = "";
while ($rowTA = mysqli_fetch_assoc($resultTA)) { </div>
$ta = $ta . " " . $rowTA['TA_NAME']; </div>
}
</div>
echo "
<tr> <td>$code - $name</td> <td>$faculty </td> <td>$lecturer</td><td>$ta</td> <td><form method='get' action='Script.php' id='drop_menu_form_$counter'> <select name='ta' class=''>"; <div class="col-md-6">
$resultx = mysqli_query($con, "SELECT * FROM users_table WHERE UserType='TA'"); <div class="container">
if (mysqli_num_rows($resultx) == 0) { <!-- Nav tabs -->
} else { <ul class="nav nav-tabs" role="tablist">
while ($row = mysqli_fetch_assoc($resultx)) { <li class="nav-item">
$id = $row['User_ID']; <a class="nav-link active" data-toggle="tab" href="#menub" id="existing_courses">Existing Courses</a>
$name = $row['Full_Name']; </li>
echo "<option value='$id'> $name </option>";
} </ul>
}
<!-- Tab panes -->
echo "</select> <input type='hidden' name='assignTA' value='true'> <input type='hidden' name='id' value='$c_id'> <button class='btn btn-outline-secondary btn-sm' type='submit' id='assign_btn_$counter'>assign</button></form> </td></tr>
"; </div>
}
} <div id="menub" class="container tab-pane active"><br>
?>
<b> Existing Course Portals </b>
</table> <hr>
<table class="table-bordered" style="font-size: 10pt;">
</div> <tr>
<th>Course Name </th>
</div> <th> Faculty </th>
<th>Lecturer </th>
</div> <th>TAs</th>
<th>Assign new TA </th>
</div> </tr>
<?php
<?php include 'Footer.php';?> $result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID");
if (mysqli_num_rows($result) == 0) {
<script> } else {
function updatePassword(id, pass) { $counter = 0;
if (!confirm('Are you sure to reset user password?')) { while ($row = mysqli_fetch_assoc($result)) {
return; $name = $row['Course_Name'];
} $code = $row['Course_Code'];
$faculty = $row['Faculty'];
window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass; $lecturer = $row['Full_Name'];
} $academic = $row['Academic_Year'];
$c_id = $row['Course_ID'];
function blockUser(id, status) { $counter += 1;
if (!confirm('Are you sure to change user status?')) {
return; $resultTA = mysqli_query($con, "SELECT `Course_ID`, `TA`,users_table.Full_Name as TA_NAME FROM `course_ta`
} INNER JOIN users_table on users_table.User_ID=course_ta.TA
window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status; where course_ta.Course_ID=$c_id");
}
$ta = "";
/* For tabs to work */ while ($rowTA = mysqli_fetch_assoc($resultTA)) {
const triggerTabList = document.querySelectorAll('#myTab a') $ta = $ta . " - " . $rowTA['TA_NAME'];
triggerTabList.forEach(triggerEl => { }
const tabTrigger = new bootstrap.Tab(triggerEl)
triggerEl.addEventListener('click', event => { echo "
event.preventDefault() <tr> <td>$code - $name</td> <td>$faculty </td> <td>$lecturer</td><td>$ta</td> <td><form method='get' action='Script.php' id='drop_menu_form_$counter'> <select name='ta' class=''>";
tabTrigger.show()
}) $resultx = mysqli_query($con, "SELECT * FROM Users_Table WHERE UserType='TA'");
}) if (mysqli_num_rows($resultx) == 0) {
} else {
</script> while ($row = mysqli_fetch_assoc($resultx)) {
$id = $row['User_ID'];
$name = $row['Full_Name'];
</body> echo "<option value='$id'> $name </option>";
</html> }
}
echo "</select> <input type='hidden' name='assignTA' value='true'> <input type='hidden' name='id' value='$c_id'> <input type='submit' value='assign' id='assign_btn_$counter'></form> </td></tr>
";
}
} ?>
</table>
</div>
</div>
</div>
<script>
function updatePass(id, pass) {
if (!confirm('Are you to Reset User Password')) {
return;
}
window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
}
function blockUser(id, status) {
if (!confirm('Are you to change User Status')) {
return;
}
window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status;
}
</script>

1422
Course.php
View File

File diff suppressed because it is too large Load Diff

1222
Courses.php
View File

File diff suppressed because it is too large Load Diff

2
Download.php
View File

@ -25,7 +25,7 @@ $type = filetype($file);
$today = date("F j, Y, g:i a"); $today = date("F j, Y, g:i a");
$time = time(); $time = time();
if ((isset($_SESSION["user_student_id"]) && (strpos($file, $_SESSION["user_student_id"]) > 0 || strpos($file, "Lab_Report_Assignments"))) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA" ) { if ((isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"]) > 0) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA" ) {
// 发送文件头部 // 发送文件头部
header("Content-type: $type"); header("Content-type: $type");
header('Content-Disposition: attachment;filename="'.urldecode($filename).'"'); header('Content-Disposition: attachment;filename="'.urldecode($filename).'"');

7
Footer.php
View File

@ -1,3 +1,4 @@
<?php <br><br><br><br><br><br><br><br><br>
echo "<p id='myfooter' class='text-center'>Copyright &copy; 2018-" . date("Y") . " The Authors</p>"; <div style="background-color:white;width:100%di">
?>
</div>

280
Header.php
View File

@ -8,188 +8,170 @@ $con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
// Check database connection // Check database connection
if (mysqli_connect_errno()) { if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error(); echo "Failed to connect to MySQL: " . mysqli_connect_error();
} }
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
<html lang="en-US"> <html>
<head> <head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>LRR</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-4bw+/aepP/YC94hEpVNVgiZdgIC5+VKNBQNGCHeKRQN+PtmoHDEXuppvnDJzQIu9" crossorigin="anonymous"> <link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/bootstrap.bundle.min.js" integrity="sha384-HwwvtgBNo3bZJJLYd8oVXjrBZt8cqVSpeBNS5n7C8IVInixGAoxmnlMuBnhbgrkm" crossorigin="anonymous"></script> <link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" />
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<!-- *this css file can be used across all the websites
and any new css class can be added there.
* The reason is to make the css code reusable.
* the css file is used by submissions.php
-->
<link href = "./css/main.css" rel = "stylesheet" type = "text/css" />
<link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" /> <script src="./css/jquery.min.js" type="text/javascript"></script>
<!-- *this css file can be used across all the websites <script src="./css/bootsrap.min.js" type="text/javascript"></script>
and any new css class can be added there. <script src="./css/jquery.datetimepicker.min.js" type="text/javascript"></script>
* The reason is to make the css code reusable.
* the css file is used by submissions.php
-->
<link href = "./css/main.css" rel="stylesheet" type="text/css" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js" integrity="sha512-3gJwYpMe3QewGELv8k/BX9vcqhryRdzRMxVfq6ngyWXwo03GFEzjsUm8Q7RZcHPHksttq7/GFoxjCVUjkjvPdw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script src="./css/jquery.datetimepicker.min.js" type="text/javascript"></script>
<style> </head>
.btn-default { <body>
border: 2px solid #f8f8f8;
width: 100%;
text-align: left;
margin: 4px auto;
}
.btn-default:hover { <nav class="navbar navbar-expand-lg navbar-dark bg-dark" style="padding-left:150px;padding-right:150px;margin:auto;">
background: #f8f8f8; <a class="navbar-brand" href="~\..\index.php"> <img src="logo.png" style="width:30px;height:30px;"> LRR </a>
} <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarColor02" aria-controls="navbarColor02" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
h1, <div class="collapse navbar-collapse" id="navbarColor02">
h2, <ul class="navbar-nav mr-auto">
h3, <li class="nav-item active">
h4 {
color: #03407B;
}
a { <li class="nav-item active">
color: #03407B; <!-- <a class='nav-link' href='~\..\Visitors.php'> <i class='fa fa-globe'></i> Visitor Portal <span class='sr-only'>(current)</span></a> -->
} </li>
<?php
if (isset($_SESSION["user_fullname"])) {
.break-word { echo " <a class='nav-link' href='~\..\Courses.php'><i class='fa fa-book'></i> Courses <span class='sr-only'>(current)</span></a>";
word-wrap: break-word; ?>
white-space: -moz-pre-wrap !important; </li>
/* Mozilla, since 1999 */ </ul>
white-space: -pre-wrap; <form class="form-inline my-2 my-lg-0" style="color:#fff;">
/* Opera 4-6 */ Welcome &nbsp; <b> <?php echo $_SESSION['user_fullname']; ?> </b> &nbsp;
white-space: -o-pre-wrap;
/* Opera 7 */
white-space: pre-wrap;
/* css-3 */
word-wrap: break-word;
/* Internet Explorer 5.5+ */
white-space: -webkit-pre-wrap;
/* Newer versions of Chrome/Safari*/
word-break: break-all;
white-space: normal;
}
.ui-widget-content.ui-dialog { <?php
border: 2px solid #03488B; $c_date = date("Y-m-d H:i");
if (isset($_SESSION['user_student_id']))
echo "(" . $_SESSION['user_type'] . " - " . $_SESSION['user_student_id'] . ") ";
else
echo "(" . $_SESSION['user_type'] . ") ";
?>
} <?php
if ($_SESSION['user_type'] == "Lecturer") {
echo "&nbsp;&nbsp;&nbsp; <i class=\"fa fa-cog\" style=\"color:#fff;\"> </i> &nbsp;<a style='color:#fff !important' href=\"~\..\Admin.php\" id=\"admin_tab\">Admin </a>";
}
?>
.ui-dialog>.ui-widget-header { &nbsp;&nbsp;&nbsp; <i class="fa fa-user" style="color:#fff;"> </i>
background: #03488B; &nbsp;<a href="#" style='color:#fff !important' onclick="updatePass(<?php echo $_SESSION['user_id']; ?>)">Update password</a>
color: white &nbsp;&nbsp;&nbsp; <i class="fa fa-lock" style="color:#fff;"> </i> &nbsp;<a style='color:#fff !important' href="~\..\logout.php">Logout </a>
}
.ui-button { <?php
background: #03488B; }
color: white ?>
} </form>
</div>
</nav>
<style>
.ui-dialog-titlebar-close::before { .nav-item {
content: "X"; border-color: #00ff66;
position: absolute;
top: 1px;
left: 3px;
line-height: 1rem;
} }
#footer{ .nav-tabs {
position:fixed; border-color: #00ff66;
bottom:0; }
left:0;
text-align:center;
width:100%;
}
.form-control{ .btn-default {
padding-top: 1px; border: 2px solid #00ff66;
padding-bottom:1px; width: 100%;
} text-align: left;
margin: 3px auto;
font-weight: bold;
font-size: 13pt;
}
.table-bordered {
padding: 5px !important;
}
</style> .alert {
font-weight: bold;
}
</head> h1,
h2,
h3,
h4 {
color: #03407B;
}
<body> a {
color: #03407B;
}
<nav class="navbar navbar-expand-lg bg-body-tertiary" style="padding-left:180px;padding-right:150px;margin:auto;"> .break-word {
<div class="container-fluid"> word-wrap: break-word;
white-space: -moz-pre-wrap !important;
/* Mozilla, since 1999 */
white-space: -pre-wrap;
/* Opera 4-6 */
white-space: -o-pre-wrap;
/* Opera 7 */
white-space: pre-wrap;
/* css-3 */
word-wrap: break-word;
/* Internet Explorer 5.5+ */
white-space: -webkit-pre-wrap;
/* Newer versions of Chrome/Safari*/
word-break: break-all;
white-space: normal;
}
<a class="navbar-brand" href="~\..\index.php"> <img src="logo.png" style="width:30px;height:30px;" alt="LRR Logo"> LRR </a> .ui-widget-content.ui-dialog {
border: 2px solid #03488B;
<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNavAltMarkup" aria-controls="navbarNavAltMarkup" aria-expanded="false" aria-label="Toggle navigation"> }
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarNavAltMarkup"> .ui-dialog>.ui-widget-header {
<div class="navbar-nav"> background: #03488B;
color: white
}
<a class="nav-link" href="#"> .ui-button {
<?php background: #03488B;
if (isset($_SESSION["user_fullname"])) { color: white
echo "<b>" . $_SESSION['user_fullname'] . "</b>"; }
} </style>
?>
&nbsp; <script>
function updatePass(id) {
<?php var pass = prompt("Enter your new password : ", "Enter a strong password");
$c_date = date("Y-m-d H:i");
if (isset($_SESSION['user_student_id']))
echo "(" . $_SESSION['user_type'] . " ID: " . $_SESSION['user_student_id'] . ") ";
elseif (isset($_SESSION['user_type']))
echo "(" . $_SESSION['user_type'] . ") ";
?>
</a>
<?php if (!confirm('Are you sure you want to reset your password?')) {
if (isset($_SESSION["user_fullname"])) { return;
if ($_SESSION['user_type'] == "Student" || $_SESSION['user_type'] == 'Lecturer') { }
echo "<a class='nav-link' href='~\..\Courses.php'><i class='fa fa-book'></i> My courses </a>";
}
?>
window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
}
<?php function blockUser(id, status) {
if ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == 'Admin') { // Show Admin link if (!confirm('Are you sure you want to change user status?')) {
echo "&nbsp;&nbsp;&nbsp;&nbsp;<a class='nav-link' href=\"~\..\Admin.php\" id=\"admin_tab\"><i class='fa fa-cog'></i>Admin</a>"; return;
} }
?> window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status;
}
&nbsp;&nbsp;&nbsp;&nbsp; </script>
<a class="nav-link" href="#" onclick="updatePass(<?php echo $_SESSION['user_id']; ?>)"><i class="fa fa-user"> </i> Update password</a>
&nbsp;&nbsp;&nbsp;&nbsp;
<a class="nav-link" href="~\..\logout.php"><i class="fa fa-lock"> </i> Logout</a>
<?php
} // Closing this conditional test block: if (isset($_SESSION["user_fullname"])) { ...
?>
</div>
</div>
</div>
</nav>
<script>
function updatePass(id) {
const pass = prompt("Enter your new password : ", "Enter a strong password");
if (!confirm('Are you sure you want to reset your password?')) {
return;
}
window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
}
</script>

10
NoDirectPhpAcess.php
View File

@ -1,7 +1,7 @@
<?php <?php
// https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file // https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file
if (!isset($_SERVER['HTTP_REFERER']) ) { if (!isset($_SERVER['HTTP_REFERER']) ) {
/* choose the appropriate page to redirect users */ /* choose the appropriate page to redirect users */
die( header( 'location: logout.php' ) ); die( header( 'location: logout.php' ) );
} }
?> ?>

29
README.md
View File

@ -27,8 +27,8 @@ LRR needs Apache and MySQL to run. I followed [How To Install Linux, Apache, My
LRR uses a database called `lrr`. So create this database using MySQL root account. Open MySQL's prompt using `sudo mysql`. Create the database using command `CREATE DATABASE lrr;`, and grant all privileges to MySQL user `lrr` using command `GRANT ALL PRIVILEGES ON lrr.* TO 'mnc'@'localhost' WITH GRANT OPTION;`. If MySQL user mnc does not exist, create it using command `CREATE USER 'mnc'@'localhost' IDENTIFIED BY 'password'`. LRR uses a database called `lrr`. So create this database using MySQL root account. Open MySQL's prompt using `sudo mysql`. Create the database using command `CREATE DATABASE lrr;`, and grant all privileges to MySQL user `lrr` using command `GRANT ALL PRIVILEGES ON lrr.* TO 'mnc'@'localhost' WITH GRANT OPTION;`. If MySQL user mnc does not exist, create it using command `CREATE USER 'mnc'@'localhost' IDENTIFIED BY 'password'`.
To facilitate data migration, I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server. To facilitate data migration, I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server.
The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.sql`, where mnc after -u is MySQL's username, and lrr after -p is the database name. The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.txt`, where mnc after -u is MySQL's username, and lrr after -p is the database name.
The command for importing is `mysql -u username -p lrr < lrr_database_dump.sql`. You must create database `lrr` first on your computer before doing the import. Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail. Do not have lrr_database_dump.sql? You can use lrr_database.sql in this repo instead. The command for importing is `mysql -u mnc -p lrr < lrr_database_dump.txt`. Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail. Do not have lrr_database_dump.txt? You can use lrr_database.sql in this repo instead.
LRR also needs to store assignment submissions. We store them in a folder called `../../lrr_submission`. Note that `lrr_submission` is two levels above the project folder (where many PHP files reside). I copied this folder from the existing one. I think it is also OK if you create an empty folder. LRR also needs to store assignment submissions. We store them in a folder called `../../lrr_submission`. Note that `lrr_submission` is two levels above the project folder (where many PHP files reside). I copied this folder from the existing one. I think it is also OK if you create an empty folder.
We need to set a proper owner and accessibility for `lrr_submission` using the following two commands: We need to set a proper owner and accessibility for `lrr_submission` using the following two commands:
@ -51,31 +51,6 @@ Enable the site lrr: `sudo a2ensite lrr`. Restart the apache server: `sudo syst
Visit the LRR application by entering this URL in a web browser: http://121.4.94.30/. Visit the LRR application by entering this URL in a web browser: http://121.4.94.30/.
### Solving the coding problems in the dump file
If the database contains Chinese characters, the dump file (e.g., lrr_database_dump.sql) may contain *weird* characters, e.g., `研究生`, so weird that no one can tell their meaning.
We need to correct these abnormal characters before we import them to the new database, so that the PHP program can correctly display Chinese information.
The simplest solution is using the ftfy (fixes text for you) Python package to convert them, as follows:
```
from ftfy import fix_text
with open('lrr_database_dump.sql') as f:
content = f.read()
content2 = fix_text(content)
with open('lrr_database_dump_sql_fixed.txt', 'w') as f:
f.write(content2)
```
Now, import data using lrr_database_dump_sql_*fixed*.txt.
If you encounter the 'Unknown MySQL server host' problem during import, replace all apostrophes with a space in the dump file. For example, if a database table field contains *can't*, then the apostrophe between *n* and *t* can cause that problem.
## Enock steps ## Enock steps
Enock, a graduate student here, has made a tutorial about how he deployed LRR to a remote server (http://lanlab.org/course/2021s/spm/PuTTY-Server.txt). Enock, a graduate student here, has made a tutorial about how he deployed LRR to a remote server (http://lanlab.org/course/2021s/spm/PuTTY-Server.txt).

49
Reset_password.php Normal file
View File

@ -0,0 +1,49 @@
<?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
include 'Header.php';
$token = htmlspecialchars($_GET['token']);
$email = htmlspecialchars($_GET['email']);
?>
<div class="row">
<div class="col-md-4 list-group" style="margin:auto;">
<br>
<h4 class="list-group-item active"> Reset your password </h4>
<div class="list-group-item">
<div class="panel-body">
<form method="post" action="Script.php" >
<input type="hidden" name="frm_reset_password" value="true"/>
<input type="hidden" name="token" value="<?php echo $token ?>"/>
Email
<input type="text" name="email" readonly="" placeholder="Enter your Email" class="form-control" value="<?php echo $email; ?>">
<br>
New Password
<input type="password" name="password" placeholder="Enter your new Password" class="form-control" value="">
<br>
<input type="submit" class="btn btn-primary" value="Reset">
<br>
<?php
?>
</form>
</div>
</div>
</div>
</div>
</form>
</div>
</div>

187
Script.php
View File

@ -2,7 +2,6 @@
include 'NoDirectPhpAcess.php'; include 'NoDirectPhpAcess.php';
?> ?>
<?php <?php
/* /*
@ -13,6 +12,7 @@ session_start();
date_default_timezone_set('Asia/Shanghai'); date_default_timezone_set('Asia/Shanghai');
// Connect to MySQL database
include "get_mysql_credentials.php"; include "get_mysql_credentials.php";
$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr"); $con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
@ -36,45 +36,6 @@ function is_valid_student_number($student_id)
// ############################### SIGN UP ################################## // ############################### SIGN UP ##################################
if (!empty($_POST["form_signup"])) { if (!empty($_POST["form_signup"])) {
$student_id = trim(mysqli_real_escape_string($con, $_POST["user_student_id"])); $student_id = trim(mysqli_real_escape_string($con, $_POST["user_student_id"]));
$email = mysqli_real_escape_string($con, $_POST["email"]);
$password = mysqli_real_escape_string($con, $_POST["password"]);
$confirmpassword = mysqli_real_escape_string($con, $_POST["confirmpassword"]);
$upperLetter = preg_match('@[A-Z]@', $password);
$smallLetter = preg_match('@[a-z]@', $password);
$containsDigit = preg_match('@[0-9]@', $password);
$containsSpecial = preg_match('@[^\w]@', $password);
$containsAll = $upperLetter && $smallLetter && $containsDigit && $containsSpecial;
// check for strong password
if (!$containsAll) {
$_SESSION['info_signup'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and special characters (e.g., !?.,*^).";
header("Location: signup.php");
return;
}
// Check confirmed password
if (strcasecmp($password, $confirmpassword) != 0) {
$_SESSION['info_signup'] = "Password confirmation failed.";
header("Location: signup.php");
return;
}
// validate email
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$_SESSION['info_signup'] = "Invalid email address.";
header("Location: signup.php");
return;
}
// check if email is taken
$result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
if (mysqli_num_rows($result) != 0) {
$_SESSION["info_signup"] = "Email address " . $email . " is already in use.";
$_SESSION['user_fullname'] = null;
header("Location: signup.php");
return;
}
// validate student number // validate student number
if (!is_valid_student_number($student_id)) { if (!is_valid_student_number($student_id)) {
@ -106,11 +67,51 @@ if (!empty($_POST["form_signup"])) {
if (!empty($_POST["form_signup"])) { if (!empty($_POST["form_signup"])) {
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]); $fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
$student_id = mysqli_real_escape_string($con, $_POST["user_student_id"]); $student_id = mysqli_real_escape_string($con, $_POST["user_student_id"]);
$email = mysqli_real_escape_string($con, $_POST["email"]);
$password = mysqli_real_escape_string($con, $_POST["password"]);
$confirmpassword = mysqli_real_escape_string($con, $_POST["confirmpassword"]);
$_SESSION['user_fullname'] = $fullname; $_SESSION['user_fullname'] = $fullname;
$_SESSION['user_type'] = "Student"; $_SESSION['user_type'] = "Student";
$_SESSION['user_email'] = $email; $_SESSION['user_email'] = $email;
$_SESSION['user_student_id'] = $student_id; $_SESSION['user_student_id'] = $student_id;
// check confirmed password
if (strcasecmp($password, $confirmpassword) != 0) {
$_SESSION['info_signup'] = "Password confirmation failed.";
$_SESSION['user_fullname'] = null; // such that Header.php do not show the header information.
header("Location: signup.php");
return;
}
// validate email
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$_SESSION['info_signup'] = "Invalid email address.";
header("Location: signup.php");
return;
}
$upperLetter = preg_match('@[A-Z]@', $password);
$smallLetter = preg_match('@[a-z]@', $password);
$containsDigit = preg_match('@[0-9]@', $password);
$containsSpecial = preg_match('@[^\w]@', $password);
$containsAll = $upperLetter && $smallLetter && $containsDigit && $containsSpecial;
// check for strong password
if (!$containsAll) {
$_SESSION['info_signup'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and special characters (e.g., !?.,*^).";
header("Location: signup.php");
return;
}
// check if email is taken
$result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
if (mysqli_num_rows($result) != 0) {
$_SESSION["info_signup"] = "Email address " . $email . " is already in use.";
$_SESSION['user_fullname'] = null;
header("Location: signup.php");
return;
}
// apply password_hash() // apply password_hash()
$password_hash = password_hash($password, PASSWORD_DEFAULT); $password_hash = password_hash($password, PASSWORD_DEFAULT);
$sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`, `Student_ID`) VALUES " $sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`, `Student_ID`) VALUES "
@ -125,7 +126,7 @@ if (!empty($_POST["form_signup"])) {
// ################################ LOGIN ##################################### // ################################ LOGIN #####################################
if (!empty($_POST["form_login"])) { if (!empty($_POST["frm_login"])) {
$user = mysqli_real_escape_string($con, $_POST["user"]); // user could be a 12-digit student number or an email address $user = mysqli_real_escape_string($con, $_POST["user"]); // user could be a 12-digit student number or an email address
$is_student_number = 0; $is_student_number = 0;
@ -186,7 +187,7 @@ if (!empty($_POST["form_login"])) {
// ################################ Recover Password ##################################### // ################################ Recover Password #####################################
if (!empty($_POST["form_recover_password"])) { if (!empty($_POST["frm_recover_password"])) {
$student_id = mysqli_real_escape_string($con, $_POST["sno"]); $student_id = mysqli_real_escape_string($con, $_POST["sno"]);
$email = mysqli_real_escape_string($con, $_POST["email"]); $email = mysqli_real_escape_string($con, $_POST["email"]);
@ -219,7 +220,7 @@ if (!empty($_POST["form_recover_password"])) {
// ################################ RESET Password ##################################### // ################################ RESET Password #####################################
if (!empty($_POST["form_reset_password"])) { if (!empty($_POST["frm_reset_password"])) {
$password = mysqli_real_escape_string($con, $_POST["password"]); $password = mysqli_real_escape_string($con, $_POST["password"]);
$token = mysqli_real_escape_string($con, $_POST["token"]); $token = mysqli_real_escape_string($con, $_POST["token"]);
$email = mysqli_real_escape_string($con, $_POST["email"]); $email = mysqli_real_escape_string($con, $_POST["email"]);
@ -263,52 +264,30 @@ if (!empty($_POST["form_reset_password"])) {
} }
// ############################### CREATE Lecturer/TA USER ################################## // ############################### CREATE Lecturer/TA USER ##################################
if (!empty($_POST["form_createlecturrer"])){ if (!empty($_POST["frm_createlecturrer"])) {
$email = mysqli_real_escape_string($con, $_POST["email"]); $email = mysqli_real_escape_string($con, $_POST["email"]);
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]); $fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
$type = mysqli_real_escape_string($con, $_POST["type"]); $type = mysqli_real_escape_string($con, $_POST["type"]);
$password = mysqli_real_escape_string($con, $_POST["password"]); $password = mysqli_real_escape_string($con, $_POST["passport"]);
$pass_len = strlen($password); // check if email is taken
if ($pass_len == 0) {
$password = generateStrongPassword();
}
$result = mysqli_query( $result = mysqli_query(
$con, $con,
"SELECT * FROM users_table WHERE email='$email'" "SELECT * FROM Users_Table WHERE email='$email'"
); );
if (mysqli_num_rows($result) != 0) { if (mysqli_num_rows($result) != 0) {
$_SESSION["info_Admin_Users"] = "Email address : " . $email . " is already in use."; $_SESSION["info_Admin_Users"] = "Email address : " . $email . " is already in use.";
header("Location: Admin.php"); header("Location: Admin.php");
exit;
} }
$password_hash = password_hash("$password", PASSWORD_DEFAULT); $password_hash = password_hash("$password", PASSWORD_DEFAULT);
$sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES " $sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
. "('$email','$password_hash','$fullname','$type')"; . "('$email','$password_hash','$fullname','$type')";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"] = $type . " user created successfully. Use email " . $email . " as account name and ". $password ." as password."; $_SESSION["info_Admin_Users"] = $type . " user created successfully. Use email " . $email . " as account name and $password as password.";
header("Location: Admin.php"); header("Location: Admin.php");
} else { } else {
alert("Error: " . $sql . "<br>" . $con->error); echo "Error: " . $sql . "<br>" . $con->error;
} }
}
// ### FUNCTION TO GENERATE INITIAL PASSWORDS ###//
function generateStrongPassword() {
$characters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_';
$password_length = 12;
$gen_password = '';
for ($i = 0; $i < $password_length; $i++) {
$random_index = mt_rand(0, strlen($characters) - 1);
$gen_password .= $characters[$random_index];
}
// Return the generated password
return $gen_password;
} }
// #### FUNCTION CHECK FILE TYPES //// // #### FUNCTION CHECK FILE TYPES ////
@ -361,7 +340,7 @@ function mkdirs($path)
} }
// ############################### #Post Assignment ################################## // ############################### #Post Assignment ##################################
if (!empty($_POST["form_uploadlab"])) { if (!empty($_POST["frm_uploadlab"])) {
$course_id = mysqli_real_escape_string($con, $_POST["course_id"]); $course_id = mysqli_real_escape_string($con, $_POST["course_id"]);
$deadlinedate = $_POST["deadlinedate"]; $deadlinedate = $_POST["deadlinedate"];
@ -378,7 +357,7 @@ if (!empty($_POST["form_uploadlab"])) {
// GET UPLOADED FILES // GET UPLOADED FILES
$target_dir = Create_dir("./../../lrr_submission/Lab_Report_Assignments/$course_id/" . $title . "/"); $target_dir = Create_dir("Lab_Report_Assignments/" . $title . "/");
$rnd = rand(10, 1000); $rnd = rand(10, 1000);
$rnd = ""; // no more required , creating folder for each lab $rnd = ""; // no more required , creating folder for each lab
@ -437,16 +416,16 @@ if (!empty($_POST["form_uploadlab"])) {
$targetfile4 = ""; $targetfile4 = "";
if ($_FILES['attachment1']['name'] != "") { if ($_FILES['attachment1']['name'] != "") {
$targetfile = "/Lab_Report_Assignments/$course_id/" . $title . "/" . $_FILES['attachment1']['name']; $targetfile = "/" . $title . "/" . $_FILES['attachment1']['name'];
} }
if ($_FILES['attachment2']['name'] != "") { if ($_FILES['attachment2']['name'] != "") {
$targetfile2 = "/Lab_Report_Assignments/$course_id" . $title . "/" . $_FILES['attachment2']['name']; $targetfile2 = "/" . $title . "/" . $_FILES['attachment2']['name'];
} }
if ($_FILES['attachment3']['name'] != "") { if ($_FILES['attachment3']['name'] != "") {
$targetfile3 = "/Lab_Report_Assignments/$course_id" . $title . "/" . $_FILES['attachment3']['name']; $targetfile3 = "/" . $title . "/" . $_FILES['attachment3']['name'];
} }
if ($_FILES['attachment4']['name'] != "") { if ($_FILES['attachment4']['name'] != "") {
$targetfile4 = "/Lab_Report_Assignments/$course_id" . $title . "/" . $_FILES['attachment4']['name']; $targetfile4 = "/" . $title . "/" . $_FILES['attachment4']['name'];
} }
$sql = "INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, $sql = "INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`,
@ -455,7 +434,7 @@ if (!empty($_POST["form_uploadlab"])) {
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_courses"] = $type . " lab report assignment posted successfully. "; $_SESSION["info_courses"] = $type . " lab report assignment posted successfully.";
header("Location: Courses.php?course=" . $url); header("Location: Courses.php?course=" . $url);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -473,7 +452,7 @@ function checksize($file)
} }
// ############################### Submit Assignment ################################## // ############################### Submit Assignment ##################################
if (!empty($_POST["form_submitlab"])) { if (!empty($_POST["frm_submitlab"])) {
$lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]); $lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]);
$student_id = $_POST["student_id"]; $student_id = $_POST["student_id"];
@ -606,7 +585,7 @@ if (!empty($_POST["form_submitlab"])) {
$con->query($sql = "UPDATE `lab_report_submissions` SET `Course_Group_id` = '0' WHERE `lab_report_submissions`.`Lab_Report_ID` = '$lab_id'"); $con->query($sql = "UPDATE `lab_report_submissions` SET `Course_Group_id` = '0' WHERE `lab_report_submissions`.`Lab_Report_ID` = '$lab_id'");
} }
$_SESSION["info_courses"] = "Thanks. You have successfully submitted your assignment."; $_SESSION["info_courses"] = "Thanks. Your lab report assignment is submitted successfully.";
header("Location: Course.php?url=" . $url); header("Location: Course.php?url=" . $url);
} else { } else {
echo "Error: <br>" . $con->error; echo "Error: <br>" . $con->error;
@ -669,7 +648,7 @@ if (!empty($_GET["savemarks"])) {
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_Marking"] = "Assignment marked"; $_SESSION["info_Marking"] = "Lab Report Submission Marked";
header("Location: Submissions.php?id=" . $labid . "&header=" . $header . "&total=" . $total); header("Location: Submissions.php?id=" . $labid . "&header=" . $header . "&total=" . $total);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -836,7 +815,7 @@ if (!empty($_GET["acceptinvite"])) {
} }
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = " Group invitation status updated"; $_SESSION["info_general"] = " Group Invite Updated";
header("Location: Course.php?url=" . $url); header("Location: Course.php?url=" . $url);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -854,7 +833,7 @@ if (!empty($_GET["removemember"])) {
$sql = "Delete from `course_group_members_table` where student_id=$student_id and Course_Group_id=$group_id"; $sql = "Delete from `course_group_members_table` where student_id=$student_id and Course_Group_id=$group_id";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = " Member " . $student_id . " is gone."; $_SESSION["info_general"] = " Member " . $student_id . " removed from the group";
header("Location: Course.php?url=" . $url); header("Location: Course.php?url=" . $url);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -888,7 +867,7 @@ if (!empty($_GET["extenddeadline"])) {
$time = mysqli_real_escape_string($con, $_GET["time"]); $time = mysqli_real_escape_string($con, $_GET["time"]);
$type = mysqli_real_escape_string($con, $_GET["type"]); $type = mysqli_real_escape_string($con, $_GET["type"]);
$studentid = mysqli_real_escape_string($con, $_GET["studentid"]); $stdid = mysqli_real_escape_string($con, $_GET["stdid"]);
$reason = mysqli_real_escape_string($con, $_GET["reason"]); $reason = mysqli_real_escape_string($con, $_GET["reason"]);
$url = mysqli_real_escape_string($con, $_GET["url"]); $url = mysqli_real_escape_string($con, $_GET["url"]);
$deadline = $date . " " . $time; $deadline = $date . " " . $time;
@ -898,12 +877,12 @@ if (!empty($_GET["extenddeadline"])) {
} else { } else {
$sql = "INSERT INTO `extended_deadlines_table`(`Student_ID`, " $sql = "INSERT INTO `extended_deadlines_table`(`Student_ID`, "
. "`Lab_Report_ID`, `Extended_Deadline_Date`," . "`Lab_Report_ID`, `Extended_Deadline_Date`,"
. " `ReasonsForExtension`) VALUES ('$studentid','$id','$deadline','$reason')"; . " `ReasonsForExtension`) VALUES ('$stdid','$id','$deadline','$reason')";
} }
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_courses"] = " Assignment deadline extended successfully."; $_SESSION["info_courses"] = " Lab Report Deadline extended successfully.";
header("Location: Courses.php?course=" . $url); header("Location: Courses.php?course=" . $url);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -924,7 +903,7 @@ if (!empty($_GET["ignoreremarking"])) {
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_Marking"] = "Remarking request ignored."; $_SESSION["info_Marking"] = "Remarking Request Ignored , Submission Updated to 'Marked' status";
header("Location: Submissions.php?id=" . $id . "&header=" . $header . "&total=" . $total); header("Location: Submissions.php?id=" . $id . "&header=" . $header . "&total=" . $total);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -934,32 +913,18 @@ if (!empty($_GET["ignoreremarking"])) {
#Assign TA #Assign TA
if (!empty($_GET["assignTA"])) { if (!empty($_GET["assignTA"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]); $id = mysqli_real_escape_string($con, $_GET["id"]);
$ta = mysqli_real_escape_string($con, $_GET["ta"]); $ta = mysqli_real_escape_string($con, $_GET["ta"]);
// Check if the TA is already assigned to the course $sql = "INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ('$id','$ta')";
$check_sql = "SELECT * FROM course_ta WHERE Course_ID='$id' AND TA='$ta'";
$check_result = $con->query($check_sql);
if ($check_result->num_rows > 0) { if ($con->query($sql) === TRUE) {
// Alert user about the duplicate assignment
echo "<script> $_SESSION["info_Admin_Courses"] = $type . " Course TA Assigned ";
alert('The selected TA is already assigned to this course.'); header("Location: Admin.php");
window.location.href='Admin.php';
</script>";
} else { } else {
// Proceed with the TA assignment echo "Error: " . $sql . "<br>" . $con->error;
$sql = "INSERT INTO course_ta(Course_ID, TA) VALUES ('$id','$ta')";
if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Courses"] = $type . " Course TA Assigned ";
header("Location: Admin.php");
} else {
echo "<script>
alert('You must select a TA first!.');
window.location.href='Admin.php';
</script>";
}
} }
} }
@ -1022,19 +987,20 @@ if (!empty($_GET["action"])) {
} }
} }
if ($action == "statuschange" && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) { if ($action == "statuschange" && $_SESSION['user_id'] == $uid && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) {
$sql = "UPDATE users_table set Status='$status' where User_ID='$uid';"; $sql = "UPDATE users_table set Status='$status' where User_ID='$uid';";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"] = $type . " user Status updated successfully "; $_SESSION["info_Admin_Users"] = $type . " user Status updated successfully ";
header("Location: Admin.php"); header("Location: Admin.php");
} else { } else {
// echo "Error: " . $sql . "<br>" . $con->error;
echo "Something really bad happened while changing status. Contact lanhui at zjnu.edu.cn. Thanks!"; echo "Something really bad happened while changing status. Contact lanhui at zjnu.edu.cn. Thanks!";
} }
} }
} }
// ############################### CREATE STUDENT USER ################################## // ############################### CREATE STUDENT USER ##################################
if (!empty($_POST["form_createCourse"])) { if (!empty($_POST["frm_createCourse"])) {
$name = mysqli_real_escape_string($con, $_POST["name"]); $name = mysqli_real_escape_string($con, $_POST["name"]);
$academic = mysqli_real_escape_string($con, $_POST["academic"]); $academic = mysqli_real_escape_string($con, $_POST["academic"]);
$lecturer = mysqli_real_escape_string($con, $_POST["lecturer"]); $lecturer = mysqli_real_escape_string($con, $_POST["lecturer"]);
@ -1130,4 +1096,3 @@ WHERE lab_report_submissions.Lab_Report_ID='$lab'";
header("Expires: 0"); header("Expires: 0");
print "$header\n$data"; print "$header\n$data";
} }
?>

29
Student.php
View File

@ -1,14 +1,15 @@
<?php <?php
$page = "student"; $page = "student";
include 'Header.php'; include 'Header.php';
?>
?>
<br><br><br>
<br><br><br>
<div class="row" style="width:80%;margin:auto;">
<div class="row" style="width:80%;margin:auto;">
<div class="col-md-6">
<h1> Student account created. Now you can browse the course portal. </h1> <div class="col-md-6">
</div> <h1> Student Account Created. Now you can Browse Course Portals </h1>
</div>
</div>
</div>

346
Submissions.php
View File

@ -24,26 +24,22 @@ if (!empty($_GET["total"])) {
$total = 0; $total = 0;
} }
$resultx1 = mysqli_query($con, "SELECT Lab_Report_ID, Title, lab_reports_table.Course_ID, Posted_Date, Deadline, Marks, Type, courses_table.URL $resultx1 = mysqli_query($con, "SELECT `Lab_Report_ID`,Title, lab_reports_table.Course_ID, `Posted_Date`, `Deadline`, `Marks`, `Type` , courses_table.URL FROM `lab_reports_table` INNER JOIN courses_table ON courses_table.Course_ID=lab_reports_table.Course_ID WHERE Lab_Report_ID=$id");
FROM lab_reports_table
INNER JOIN courses_table ON courses_table.Course_ID=lab_reports_table.Course_ID
WHERE Lab_Report_ID=$id");
while ($row = mysqli_fetch_assoc($resultx1)) { while ($row = mysqli_fetch_assoc($resultx1)) {
$report_type = $row['Type']; $Report_Type = $row['Type'];
$c_id = $row['Course_ID']; $c_id = $row['Course_ID'];
$report_title = $row['Title']; $Report_Title = $row['Title'];
$url = $row['URL']; $url = $row['URL'];
} }
echo "<div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='Courses.php?course=$url'>
$header
</a></div>
";
?> ?>
<div class="container"> <div class="row" style="width:80%;margin:auto; text-align:left;">
<?php
echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
?>
<div class="row">
<!-- Lecturer CODE--> <!-- Lecturer CODE-->
<?php <?php
@ -59,72 +55,89 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
error_reporting(0); error_reporting(0);
if (isset($_SESSION['info_Marking'])) { if (isset($_SESSION['info_Marking'])) {
echo '<div class="alert alert-warning">' . $_SESSION['info_Marking'] . '</div>'; echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Marking'] . '</div>';
$_SESSION['info_Marking'] = null; $_SESSION['info_Marking'] = null;
} }
$resultx1 = mysqli_query($con, "SELECT Count(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id"); $resultx1 = mysqli_query($con, "Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id");
$row = mysqli_fetch_assoc($resultx1); while ($row = mysqli_fetch_assoc($resultx1)) {
$count_submissions = $row['cnt']; $count_subs = $row['cnt'];
}
$resultx2 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id and Status='Marked'"); $resultx2 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Marked'");
$row = mysqli_fetch_assoc($resultx2); if (mysqli_num_rows($resultx2) == 0) {
$count_marked = $row['cnt']; $count_marked = 0;
} else {
while ($row = mysqli_fetch_assoc($resultx2)) {
$count_marked = $row['cnt'];
}
}
$resultx3 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id and Status='Pending'"); $resultx3 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Pending'");
$row = mysqli_fetch_assoc($resultx3); if (mysqli_num_rows($resultx3) == 0) {
$count_unmarked = $row['cnt']; $count_unmarked = 0;
} else {
while ($row = mysqli_fetch_assoc($resultx3)) {
$count_unmarked = $row['cnt'];
}
}
$resultx4 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id and Status='Remarking'"); $resultx4 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Remarking'");
$row = mysqli_fetch_assoc($resultx4); if (mysqli_num_rows($resultx4) == 0) {
$count_remark = $row['cnt']; $count_remark = 0;
} else {
$resultx5 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM course_groups_table WHERE Course_id=$c_id"); while ($row = mysqli_fetch_assoc($resultx4)) {
$row = mysqli_fetch_assoc($resultx5); $count_remark = $row['cnt'];
$count_group = $row['cnt']; }
}
?> ?>
<br> <b>Lab Report Submissions (<?php echo $count_subs; ?>)</b>
<p class="text-muted"><b>Total submissions (<?php echo $count_submissions; ?>)</b></p>
<!-- Nav tabs --> <!-- Nav tabs -->
<ul class="nav nav-tabs" id="myTab"> <ul class="nav nav-tabs" role="tablist">
<li class="nav-item"> <li class="nav-item">
<a class="nav-link active" href="#menu1">Unmarked submissions (<?php echo $count_unmarked; ?>)</a> <a class="nav-link active" data-toggle="tab" href="#menu1">Un-Marked Submissions<b> (<?php echo $count_unmarked; ?>)</b></a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" href="#menu2">Marked submissions (<?php echo $count_marked; ?>)</a> <a class="nav-link" data-toggle="tab" href="#menu2">Marked Submissions <b>(<?php echo $count_marked; ?>)</b></a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" href="#menu3">Remarking requests (<?php echo $count_remark; ?>)</a> <a class="nav-link" data-toggle="tab" href="#menu3">Re-Marking Requests <b>(<?php echo $count_remark; ?>)</b></a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" href="#menu4">Course groups (<?php echo $count_group; ?>)</a> <a class="nav-link" data-toggle="tab" href="#menu4"> View Course Groups</a>
</li> </li>
</ul> </ul>
<div class="tab-content"> <div class="tab-content">
<div id="menu1" class="tab-pane active"><br> <div id="menu1" class="container tab-pane active"><br>
<?php <?php
if ($report_type == "Group") { if ($Report_Type == "Group") {
$result1 = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, course_groups_table.Group_Name, course_groups_table.Group_Leader, users_table.Full_Name, users_table.Student_id $result1 = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
FROM lab_report_submissions lab_report_submissions.Course_Group_id, `Attachment1`,
LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
LEFT JOIN course_groups_table ON course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id `Title`,course_groups_table.Group_Name,course_groups_table.Group_Leader,users_table.Full_Name, users_table.Student_id
WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Pending' ORDER BY Submission_Date DESC"); FROM `lab_report_submissions`
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Submission_Date desc");
} else { } else {
$result1 = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, users_table.Full_Name, course_group_members_table.Student_ID $result1 = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
FROM lab_report_submissions lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
LEFT JOIN course_group_members_table ON course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id `Title`,users_table.Full_Name,course_group_members_table.Student_ID
WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Pending' ORDER BY Submission_Date DESC"); FROM `lab_report_submissions`
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Submission_Date desc");
} }
if (mysqli_num_rows($result1) == 0) { if (mysqli_num_rows($result1) == 0) {
echo "No unmarked submissions."; echo "No Un-Marked Submissions for this Lab Report.";
} else { } else {
while ($row = mysqli_fetch_assoc($result1)) { while ($row = mysqli_fetch_assoc($result1)) {
$title = $row['Title']; $title = $row['Title'];
@ -146,7 +159,7 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
$student_id = $row['sub_std']; $student_id = $row['sub_std'];
if ($submitted_group == 0) { if ($submitted_group == 0) {
$submitted_by = $student_name . " (" . $student_id . ")"; $submitted_by = $student_name . "(" . $student_id . ")";
} else { } else {
$submitted_by = "$student_name ($submitter_student_number) for group $groupname "; $submitted_by = "$student_name ($submitter_student_number) for group $groupname ";
} }
@ -169,13 +182,10 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
$full_link = $full_link . " | <a href='~\..\Download.php?file=$att4&attachment=4'>$base_att4</a>"; $full_link = $full_link . " | <a href='~\..\Download.php?file=$att4&attachment=4'>$base_att4</a>";
} }
echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left:1px solid #eee;'> echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> $title <br> by: <b> <span class = 'text-selectable'>$submitted_by </span> </b>
By: <b> <span class='text-selectable'> $submitted_by </span> </b> <br> <br> <span style='font-size:8pt'>Submitted : $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark Submission</button><br> Attachments : $full_link </span>
<small>Submitted on: $posted</small> </div></k>";
<button class='btn btn-sm btn-primary' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark </button><br>
Attachments : $full_link
</div>";
} }
} }
echo ""; echo "";
@ -183,34 +193,39 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
</div> </div>
<div id="menu2" class="tab-pane"><br> <div id="menu2" class="container tab-pane"><br>
<?php <?php
if ($report_type == "Group") { if ($Report_Type == "Group") {
$result = mysqli_query($con, "SELECT Submission_ID, Visibility, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, course_groups_table.Group_Name $result = mysqli_query($con, "SELECT `Submission_ID`,Visibility, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
FROM lab_report_submissions lab_report_submissions.Course_Group_id, `Attachment1`,
LEFT JOIN course_groups_table ON course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
WHERE Lab_Report_ID=$id and lab_report_submissions.Status='Marked'"); `Title`,course_groups_table.Group_Name
FROM `lab_report_submissions`
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Marked'");
} else { } else {
$result = mysqli_query($con, "SELECT Submission_ID, Visibility, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, users_table.Full_Name, course_group_members_table.Student_ID $result = mysqli_query($con, "SELECT `Submission_ID`,Visibility, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
FROM lab_report_submissions lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
LEFT JOIN course_group_members_table ON course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id `Title`,users_table.Full_Name,course_group_members_table.Student_ID
WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Marked' ORDER BY lab_report_submissions.Student_id Desc"); FROM `lab_report_submissions`
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Marked' Order by lab_report_submissions.Student_id Desc");
} }
if (mysqli_num_rows($result) == 0) { if (mysqli_num_rows($result) == 0) {
echo "No Marked submissions for this lab";
echo "No marked submissions.";
} else { } else {
echo "<h3><a href='~\..\Script.php?exportgrade=true&lab=$id&lab_name=$report_title'><i class='fa fa-book'></i> Export grades</a></h3>"; echo "<h3><a href='~\..\Script.php?exportgrade=true&lab=$id&lab_name=$Report_Title'><i class='fa fa-book'></i> Export Grade Sheet </a></h3>";
while ($row = mysqli_fetch_assoc($result)) { while ($row = mysqli_fetch_assoc($result)) {
$title = $row['Title']; $title = $row['Title'];
$Marks = $row['Marks']; $Marks = $row['Marks'];
//$ins=$row['Notes'];
$posted = $row['Submission_Date']; $posted = $row['Submission_Date'];
$deadline = $row['Deadline']; $deadline = $row['Deadline'];
$att1 = $row['Attachment1']; $att1 = $row['Attachment1'];
@ -252,12 +267,10 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
// if you want to use text-selectable class on whole div, just call the css class // if you want to use text-selectable class on whole div, just call the css class
echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap:break-word; border:1px solid #F0F0F0; border-left:1px solid #eee;'> echo " <k href='#'> <div class='btn btn-default break-word ' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
<b> $title </b> &nbsp;&nbsp; [Marks: $Marks] <button class='btn btn-light btn-sm' onclick='mark($Submission_ID,\"$title\",$total)'>Remark</button><br> $title <br> by : <b> <span class = 'text-selectable'>$submitted_by </span> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> &nbsp; Visibility : <b>$Visibility </b> <button class='btn-sm btn-success' style='margin-left:50px;' onclick='updatev($Submission_ID)'>Update visibility</button>
<small>Submitted by <span class = 'text-selectable'>$submitted_by</span> on $posted</small> <hr> Lecturer/TA notes : $notes<br> <span style='font-size:8pt'>Submitted : $posted <b> </b> <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Re-Mark Submission</button><br> Attachments : $full_link </span>
<span class='badge badge-info'>Marking comments</span> $notes <br> </div></k>";
Attachments : $full_link
</div>";
} }
} }
echo ""; echo "";
@ -265,29 +278,38 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
</div> </div>
<div id="menu3" class="tab-pane"><br> <div id="menu3" class="container tab-pane"><br>
<?php <?php
if ($report_type == "Group") { if ($Report_Type == "Group") {
$resulty = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, lab_report_submissions.Marks, lab_report_submissions.Status, Title, course_groups_table.Group_Name $resulty = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
FROM lab_report_submissions lab_report_submissions.Course_Group_id, `Attachment1`,
LEFT JOIN course_groups_table ON course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, lab_report_submissions.Marks, lab_report_submissions.Status,
WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Remarking'"); `Title`,course_groups_table.Group_Name
FROM `lab_report_submissions`
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
} else { } else {
$resulty = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Remarking_Reason, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, lab_report_submissions.Marks, lab_report_submissions.Status, Title, users_table.Full_Name, course_group_members_table.Student_ID $resulty = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
FROM lab_report_submissions lab_report_submissions.Remarking_Reason,
LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
LEFT JOIN course_group_members_table ON course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, lab_report_submissions.Marks, lab_report_submissions.Status,
WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Remarking'"); `Title`,users_table.Full_Name,course_group_members_table.Student_ID
FROM `lab_report_submissions`
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
} }
if (mysqli_num_rows($resulty) == 0) { if (mysqli_num_rows($resulty) == 0) {
echo "No remarking requests."; echo "No Remarking Request for this lab";
} else { } else {
while ($row = mysqli_fetch_assoc($resulty)) { while ($row = mysqli_fetch_assoc($resulty)) {
$title = $row['Title']; $title = $row['Title'];
$Marks = $row['Marks']; $Marks = $row['Marks'];
//$ins=$row['Notes'];
$posted = $row['Submission_Date']; $posted = $row['Submission_Date'];
$deadline = $row['Deadline']; $deadline = $row['Deadline'];
@ -324,14 +346,13 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
if ($att4 != "") { if ($att4 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>"; $full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
} }
echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 2px solid #eee;'>" echo " <k href='#'> <div class='btn btn-default break-word ' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
. "$title <br>" $title <br> by : <b> <span class = 'text-selectable'>$submitted_by </span> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> <br> Remarking Reason : <b>$remarking_reason </b>
. "Submitted by: <b> <span class = 'text-selectable'>$submitted_by </span> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marks: $Marks ] </b> <br>" <hr> <span style='font-size:8pt'>Submitted : $posted <b> </b> "
. "<span style='color:orange'><i class='fa fa-info-circle'></i> Remarking reason:</span> $remarking_reason <br>" . "<button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Re-Mark Submission</button>"
. "<button class='btn btn-light btn-sm' onclick='mark($Submission_ID,\"$title\",$total)'>Remark</button>" . " &nbsp; &nbsp;&nbsp;&nbsp;<a href='~\..\Script.php?ignoreremarking=yes&id=$id&subid=$Submission_ID&header=$header&total=$total&status=Marked' class='btn-sm btn-warning'> Ignore Request </a>"
. "&nbsp; <a href='~\..\Script.php?ignoreremarking=yes&id=$id&subid=$Submission_ID&header=$header&total=$total&status=Marked' class='btn btn-sm btn-light'>Ignore request</a> <br>" . "<br> Attachments : $full_link </span>
. "<small>Submitted at: $posted <br> Attachments: $full_link </small>" </div></k>";
. "</div>";
} }
} }
echo ""; echo "";
@ -339,47 +360,45 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
</div> </div>
<div id="menu4" class="tab-pane"><br> <div id="menu4" class="container tab-pane"><br>
<div class="col-md-7"> <h3>Course Groups</h3>
<hr>
<?php <?php
$result = mysqli_query($con, "SELECT Course_Group_id, Group_Name, Group_Leader, Course_id, users_table.Full_Name $result = mysqli_query($con, " SELECT `Course_Group_id`, `Group_Name`, `Group_Leader`, `Course_id`,users_table.Full_Name
FROM course_groups_table FROM `course_groups_table`
INNER JOIN users_table ON users_table.Student_ID=course_groups_table.Group_Leader INNER JOIN users_table on users_table.Student_ID=course_groups_table.Group_Leader
WHERE Course_id=$c_id"); WHERE Course_id=$c_id");
if (mysqli_num_rows($result) == 0) { if (mysqli_num_rows($result) == 0) {
echo "No student groups."; echo "You have no Group in this Course";
} else { } else {
while ($row = mysqli_fetch_assoc($result)) { while ($row = mysqli_fetch_assoc($result)) {
$name = $row['Group_Name']; $name = $row['Group_Name'];
$leader_student_no = $row['Group_Leader']; $leader = $row['Full_Name'] . "(" . $row['Group_Leader'] . ")";
$id = $row['Course_Group_id']; $id = $row['Course_Group_id'];
echo "<ul class='list-group'>"; echo "<div class='btn-default'><small> $name - Leader : $leader </small></div>";
echo " <li class='list-group-item disabled'>Group $name</li>";
$rs2 = mysqli_query($con, "SELECT ID, Course_Group_id, course_group_members_table.Student_ID, course_group_members_table.Status, users_table.Full_Name $rs2 = mysqli_query($con, "SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID,
FROM course_group_members_table course_group_members_table.`Status`,users_table.Full_Name FROM `course_group_members_table`
INNER JOIN users_table ON users_table.Student_ID=course_group_members_table.Student_ID INNER JOIN users_table on users_table.Student_ID=course_group_members_table.Student_ID
WHERE course_group_members_table.Student_ID AND course_group_members_table.Course_Group_id=$id"); where course_group_members_table.Course_Group_id=$id");
while ($row = mysqli_fetch_assoc($rs2)) { while ($row = mysqli_fetch_assoc($rs2)) {
$name = $row['Full_Name']; $name = $row['Full_Name'];
$id = $row['Course_Group_id']; $id = $row['Course_Group_id'];
$status = $row['Status']; $status = $row['Status'];
$Student_ID = $row['Student_ID']; $Student_ID = $row['Student_ID'];
if ($leader_student_no == $Student_ID) {
echo "<li class='list-group-item'>$name ($Student_ID) - $status - Leader</li>"; echo "<li><small> $name-$Student_ID ($status)</small></li>";
} else {
echo "<li class='list-group-item'>$name ($Student_ID) - $status</li>";
}
} }
echo "</ul><br>";
} }
} }
?> ?>
</div>
</div> </div>
</div> </div>
@ -388,49 +407,36 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
</div> </div>
<?php <?php
} }
?> include 'Footer.php';
?>
<?php include 'Footer.php';?> <script src="http://118.25.96.118/nor/css/jquery-1.11.1.min.js"></script>
<script src="http://118.25.96.118/nor/css/jquery-ui.min.js"></script>
</div> <link rel="stylesheet" href="http://118.25.96.118/nor/css/jquery-ui.css" />
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/themes/base/jquery-ui.min.css" integrity="sha512-ELV+xyi8IhEApPS/pSj66+Jiw+sOT1Mqkzlh8ExXihe4zfqbWkxPRi8wptXIO9g73FSlhmquFlUOuMSoXz5IRw==" crossorigin="anonymous" referrerpolicy="no-referrer" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js" integrity="sha512-3gJwYpMe3QewGELv8k/BX9vcqhryRdzRMxVfq6ngyWXwo03GFEzjsUm8Q7RZcHPHksttq7/GFoxjCVUjkjvPdw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js" integrity="sha512-57oZ/vW8ANMjR/KQ6Be9v/+/h6bq9/l3f0Oc7vn6qMqyhvPd1cvKBRWWpzu0QoneImqr2SkmO4MSqU+RpHom3Q==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script> <script>
function mark(id, title, marks) { function mark(id, title, marks) {
try { try {
$(`<form id="submit-form" method="get" action="Script.php"> $('<form id="submit-form" method="get" action="Script.php">' + title + '(' + marks + ' marks) <input type="hidden" name="savemarks" value="true">\n\
${title} (${marks} marks) <input type="hidden" name="total" value="' + marks + '" > <input type="hidden" name="id" value="' + id + '" ><br> Marks <input type="text" name="marks">\n\
<input type="hidden" name="savemarks" value="true"> Comments <textarea name="feedback"></textarea> \n\
<input type="hidden" name="total" value="${marks}" > <input type="hidden" name="labid" value="<?php echo $course_id; ?>"> <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({
<input type="hidden" name="id" value="${id}" > modal: true,
<br> Marks title: 'Mark Submission',
<input type="text" name="marks">\n\ buttons: {
Comments <textarea name="feedback"></textarea> \n\ 'Submit Marking': function() {
<input type="hidden" name="labid" value="<?php echo $course_id; ?>">
<input type="hidden" name="header" value="<?php echo $header; ?>">
</form>`).dialog({
modal: true,
title: 'Mark submission',
close: function () {
var closeBtn = $('.ui-dialog-titlebar-close');
closeBtn.html('');
},
buttons: {
'Submit': function() {
$('#submit-form').submit(); $('#submit-form').submit();
$(this).dialog('close'); $(this).dialog('close');
}, },
'Cancel': function() { 'X': function() {
$(this).dialog('close'); $(this).dialog('close');
} }
@ -442,17 +448,31 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
} }
} }
/* For tabs to work */ function updatev(id) {
const triggerTabList = document.querySelectorAll('#myTab a')
triggerTabList.forEach(triggerEl => {
const tabTrigger = new bootstrap.Tab(triggerEl)
triggerEl.addEventListener('click', event => {
event.preventDefault()
tabTrigger.show()
})
})
try {
$('<form id="submit-form" method="get" action="Script.php"> <input type="hidden" name="updatevisibility" value="true">\n\
<input type="hidden" name="id" value="' + id + '" > <br>\n\
Update Visibility<br><select name="status"> <option> Public </option><option>Private</option> </select> \n\
<input type="hidden" name="labid" value="<?php echo $id; ?>"> <input type="hidden" name="total" value="<?php echo $total; ?>" > <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({
modal: true,
title: 'Update Report Visibility',
buttons: {
'Update': function() {
$('#submit-form').submit();
$(this).dialog('close');
},
'X': function() {
$(this).dialog('close');
}
}
});
} catch (e) {
alert(e);
}
}
</script> </script>
</body>
</html>

230
SubmitLab.php
View File

@ -7,123 +7,129 @@ $page='Submit LAB+';
include 'Header.php'; include 'Header.php';
?> ?>
<div class="container"> <div class='row' style='width:80%;margin:auto;'>
<div class='row'>
<?php <?php
$c_date = date("Y-m-d H:i"); $c_date = date("Y-m-d H:i");
$student_id = $_SESSION["user_student_id"]; $student_id = $_SESSION["user_student_id"];
if(!empty($_GET["id"]))
{
$id = mysqli_real_escape_string($con, $_GET["id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$result1 = mysqli_query($con," SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and Deadline > '$c_date' ORDER by Lab_Report_ID DESC");
if(mysqli_num_rows($result1) == 0)
{
echo "No active assignments for this course so far.";
} else {
while($row = mysqli_fetch_assoc($result1)) {
$Course_ID = $row['Course_ID'];
$title = $row['Title'];
$ins = $row['Instructions'];
$posted = $row['Posted_Date'];
$deadline = $row['Deadline'];
$att1 = $row['Attachment_link_1'];
$att2 = $row['Attachment_link_2'];
$att3 = $row['Attachment_link_3'];
$att4 = $row['Attachment_link_4'];
$labid = $row['Lab_Report_ID'];
$type = $row['Type'];
//----------------------------------Giving both the Group Admin and Group Members same priviledges to submit assignment--------------------------------------
if($type=="Group"){
$resultx1 = mysqli_query($con,"SELECT Course_Group_id FROM `course_groups_table` WHERE (Course_id=$Course_ID) and ((Group_Member=$student_id ) or (Group_Member2=$student_id ) or (Group_Member3=$student_id ) or (Group_Member4=$student_id ) or (Group_Leader=$student_id))");
while($row = mysqli_fetch_assoc($resultx1)) {
$_SESSION["Group_ID"] = $row['Course_Group_id'];
}
if($_SESSION["Group_ID"] < 1)
{
echo" <center><h3> This Lab report can only be submitted by Group Admin </h3> </center> ";
return;
}
}
$full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
if($att2!=""){
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
}
if($att3!=""){
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
}
if($att4!=""){
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
}
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
Courses > $url > Submlit Lab Report > $title
<br>
</a></div>
";
if(!empty($_GET["id"])) echo "";
{ }
$id = mysqli_real_escape_string($con, $_GET["id"]); }
$url = mysqli_real_escape_string($con, $_GET["url"]); }
// Get course name $Group_ID = $_SESSION["Group_ID"];
$result0 = mysqli_query($con,"SELECT Course_Name FROM courses_table WHERE URL='$url'");
$row = mysqli_fetch_assoc($result0);
$course_name = $row['Course_Name'];
$result1 = mysqli_query($con, "SELECT Type, Lab_Report_ID, Course_ID, Posted_Date, Deadline, Instructions, Title, Attachment_link_1, Attachment_link_2, Attachment_link_3, Attachment_link_4 ?>
FROM lab_reports_table
WHERE Lab_Report_ID=$id AND Deadline>'$c_date' ORDER BY Lab_Report_ID DESC");
if(mysqli_num_rows($result1) == 0) {
echo "No active assignments for this course so far.";
} else {
while($row = mysqli_fetch_assoc($result1)) {
$Course_ID = $row['Course_ID'];
$title = $row['Title'];
$ins = $row['Instructions'];
$posted = $row['Posted_Date'];
$deadline = $row['Deadline'];
$att1 = $row['Attachment_link_1'];
$att2 = $row['Attachment_link_2'];
$att3 = $row['Attachment_link_3'];
$att4 = $row['Attachment_link_4'];
$labid = $row['Lab_Report_ID'];
$type = $row['Type'];
// Giving both the Group Admin and Group Members same priviledges to submit assignment
if ($type == "Group") {
$resultx1 = mysqli_query($con,"SELECT Course_Group_id
FROM course_groups_table
WHERE (Course_id=$Course_ID) AND ((Group_Member=$student_id ) OR (Group_Member2=$student_id ) OR (Group_Member3=$student_id ) OR (Group_Member4=$student_id ) OR (Group_Leader=$student_id))");
while ($row = mysqli_fetch_assoc($resultx1)) {
$_SESSION["Group_ID"] = $row['Course_Group_id'];
}
if ($_SESSION["Group_ID"] < 1) {
echo" <center><h3> This Lab report can only be submitted by Group Leader </h3> </center> ";
return;
}
}
$full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
if ($att2 != "") {
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
}
if ($att3 != "") {
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
}
if ($att4 != "") {
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
}
echo "<div><a href='~\..\Course.php?url=$url'> Courses > ($url) $course_name > $title </a></div>";
}
}
}
$Group_ID = $_SESSION["Group_ID"];
?>
</div>
<div>
<h1 class="display-6">Submit assignment</h1>
<hr>
<div class="row">
<div class="col-md-6">
<form method='post' enctype='multipart/form-data' action='Script.php'>
<input type='hidden' name='form_submitlab' value='true' required=''/>
<input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/>
<input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/>
<input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required=''/>
<input type='hidden' name='url' value='<?php echo $url; ?>' required=''/>
<div class='mb-3'>
<label class='form-label'>Title</label>
<input type='text' name='title' placeholder='Assignment submission title' class='form-control' required=''>
</div>
<div class='mb-3'>
<label class='form-label'>Attachment 1</label>
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
<label class='form-label'>Attachment 2</label>
<input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
<label class='form-label'>Attachment 3</label>
<input type='file' name='attachment3' placeholder='Attachment 3' class='form-control' >
<label class='form-label'>Attachment 4</label>
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
</div>
<button type='submit' class='btn btn-primary'>Submit</button>
</form>
</div>
</div>
</div>
</div> </div>
<div style="width:80%;margin:auto;">
<h3> Submit Lab Report Assignment </h3>
<hr>
<div class="row">
<div class="col-md-6">
<form method='post' enctype='multipart/form-data' action='Script.php'>
<input type='hidden' name='frm_submitlab' value='true' required=''/>
<input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/>
<input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/>
<input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required=''/>
<input type='hidden' name='url' value='<?php echo $url; ?>' required=''/>
Title
<input type='text' name='title' placeholder='Ttle' class='form-control' required=''>
Attachment 1
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
Attachment 2
<input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
</div>
<div class="col-md-6">
Attachment 3
<input type='file' name='attachment3' placeholder='Attachment 3' class='form-control' >
Attachment 4
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
<br>
<input type='submit' class='btn btn-primary' value='Submit Lab Assignment'><br>
</form>
</div>
</div>
</div>

63
Visitors.php Normal file
View File

@ -0,0 +1,63 @@
<?php
$page = 'Submit LAB+';
include 'Header.php';
?>
<div class='row' style='width:80%;margin:auto;'>
<?php
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
LRRS > Visitor Portal > Public Lab Reports
<br> <span style='font-size:8pt'> </span>
</a></div>
";
$result = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Student_id,
`Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, `Title`, `Visibility` ,
users_table.Full_Name,course_groups_table.Group_Name
FROM `lab_report_submissions`
left join users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
WHERE Visibility='Public' ");
if (mysqli_num_rows($result) == 0) {
} else {
while ($row = mysqli_fetch_assoc($result)) {
$att1 = $row['Attachment1'];
$att2 = $row['Attachment2'];
$sdate = $row['Submission_Date'];
$att3 = $row['Attachment3'];
$att4 = $row['Attachment4'];
$labid = $row['Lab_Report_ID'];
$title = $row['Title'];
$submitted_std = $row['Student_id'];
$submitted_group = $row['Course_Group_id'];
$Submission_ID = $row['Submission_ID'];
$sname = $row['Full_Name'];
$gname = $row['Group_Name'];
$Visibility = $row['Visibility'];
$full_link = "<a href='~\..\Lab_Report_Submisions\\$att1'>$att1</a>";
if ($att2 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att2'>$att2</a>";
}
if ($att3 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att3'>$att3</a>";
}
if ($att4 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
}
echo "
<div class='btn btn-default'>
$title <small>by $gname $sname </small>
<br> <span style='font-size:8pt'>Submission Date :$sdate &nbsp;&nbsp; &nbsp; Files : $full_link </span>
</div>
";
}
} ?>
</div>

4
css/jquery-1.11.1.min.js vendored Executable file
View File

File diff suppressed because one or more lines are too long

1225
css/jquery-ui.css vendored Executable file
View File

File diff suppressed because it is too large Load Diff

13
css/jquery-ui.min.js vendored Executable file
View File

File diff suppressed because one or more lines are too long

2
css/main.css
View File

@ -8,4 +8,4 @@
user-select: text; user-select: text;
cursor:auto cursor:auto
} }

13
doc/IncreaseSessionDuration.txt
View File

@ -1,13 +0,0 @@
Increasing session duration
---------------------------
By default, the session duration in PHP is set to 1,440 seconds (24
minutes). However, this is not convenient in most software
systems. Therefore, we may need to increase the duration to allow
users to have more session time. To increase the session duration, we
need to edit the variable *session.gc_maxlifetime* in **php.ini**. We
can increase its default value to whatever we want (e.g., 7200). On
Ubuntu, the file is located at */etc/php/7.2/apache2/php.ini*. On
XAMPP, the file is located at */xampp/php/php.ini*.
*Last modified on 20 April 2022 by Umar*

25
doc/Issues.txt
View File

@ -1,26 +1,7 @@
Todo
----
3. Filter file format and size upon upload.
4.1. Upon Change password it must ask the old password first before new password.
4.2. It should not use the GET REQUEST on password which puts user's data at risk since it displays in the URL.
* Allow submission without file upload * Allow submission without file upload
* Lecturer/TA should see his/her feedback on submissions
* Lecturer/TA should see his/her feedback on submissions
* Remarking request details required
Done
----
1. The connect.php should not echo 'Connected' since there is a redirect already in the header.php [Resolved]
2. The header.php is connecting to the database twice through inline connection and an external connect.php [Resolved]
4. Added css into the header.php
* Check Spelling Issues * Check Spelling Issues
* Remarking request details required

26
doc/QuickStart.txt
View File

@ -1,26 +0,0 @@
Quick Start Guide
* Use Admin User to Create Lecturer Accounts
Account: Admin
Password: admin@123
* Create a Lecturer account
* Login to Lecturer account
* Create a course ( You can determine whether or not students need approval before they can join the course. )
* As Student
You can Sign up with your Student ID, then provide your email address and password.
* Browse Courses by Deartment
- Or Search by Course Course
- Join Course
- You can see the list of your courses in Course Home page

32
doc/Quick_Start.txt Normal file
View File

@ -0,0 +1,32 @@
<h1> Quick Start Guide </h1>
<hr>
* Use Admin User to Create Lecturer Accounts
user : Admin
Password : admin@123
* Create Lecturer
* Login to Lecturer Account
* Create Course ( You can define whether or not students require approval to join the course )
* As Student
You can Sign up with your Student ID
Then Provide your Email and Password
* Browse Courses by Deartment
- Or Search by Course Course
- Join Course
- You can see the list of your courses in Course Home page
*

24
doc/ResetPassword.txt
View File

@ -1,24 +0,0 @@
Resetting password
------------------
We can reset a user's password by directly modifying the MySQL
database table called `users_table`. More specifically, we delete
that user's information from `users_table` so that the user could sign
up again. Suppose the user's student number is 201131129138.
To do so, LRR administrator logs in to MySQL using the following
command: `mysql -u mnc -p`. Type the correct password to access
the MySQL database.
After that, issue the following commands in the mysql prompt.
- `use lrr;`
- `delete from users_table where Student_ID="201131129138";`
The first one uses a database called lrr in MySQL. The second one
deletes a record from `users_table` where the student number is
201131129138.
*Last modified on 20 April 2022 by Umar*

4
doc/ResetDatabase.txt → doc/Reset_Database.txt
View File

@ -7,13 +7,13 @@ delete from course_Group_Members_table;
delete from course_students_table; delete from course_students_table;
delete from course_ta; delete from course_ta;
delete from extended_deadlines_table; delete from extended_deadlines_table;
delete from lab_reports_table; delete from lab_reports_table;
delete from lab_report_submissions; delete from lab_report_submissions;
delete from students_data; delete from students_data;
delete from users_table; Delete from users_table;

26
doc/UserDoc.md Normal file
View File

@ -0,0 +1,26 @@
LRR User Documentation
======================
Resetting password
-------------------
We can reset a user's password by directly modifying the MySQL database table called `users_table`. More specifically, we delete that user's information from `users_table` so that the user could sign up again. Suppose the user's student number is 201131129138.
To do so, LRR administrator logs in to MySQL using the following command: `mysql -u username -p`. Type the correct password to access the MySQL database.
After that, issue the following commands in the mysql prompt.
- `use lrr;`
- `delete from users_table where Student_ID="201131129138";`
The first one uses a database called lrr in MySQL. The second one deletes a record from `users_table` where the student number is 201131129138.
Increasing session duration
-------------------
By default, the session duration in PHP is set to 1,440 seconds (24 minutes). However, this is not convenient in most software systems. Therefore, we may need to increase the duration to allow users to have more session time. To increase the session duration, we need to edit the variable *session.gc_maxlifetime* in **php.ini**. We can increase its default value to whatever we want (e.g., 7200).
On Ubuntu, the file is located at */etc/php/7.2/apache2/php.ini*. On XAMPP, the file is located at */xampp/php/php.ini*.
*Last modified on 20 April 2022 by Umar*

10
doc/ashlys_issues.txt Normal file
View File

@ -0,0 +1,10 @@
1. The connect.php should not echo 'Connected' since there is a redirect already in the header.php [Resolved]
2. The header.php is connecting to the database twice through inline connection and an external connect.php [Resolved]
3. Filter file format and size upon upload.
4.1. Upon Change password it must ask the old password first before new password.
4.2. It should not use the GET REQUEST on password which puts user's data at risk since it displays in the URL.
4. Added css into the header.php

169
index.php
View File

@ -1,79 +1,128 @@
<?php <?php
$page='Home'; $page='Home';
require 'Header.php'; require 'Header.php';
session_start(); session_start();
?> ?>
<?php <?php
// if the user has already logged in, then clicking the LRRS icon should not display the login page (i.e., index.php). // if the user has already logged in, then clicking the LRRS icon should not display the login page (i.e., index.php).
if (isset($_SESSION["user_fullname"])) { if (isset($_SESSION["user_fullname"])) {
echo '<div class="container alert alert-info"> You\'ve already logged in.</div>'; header("Location: Courses.php");
exit();
} }
?> ?>
<br><br><br> <br><br><br>
<div class="container"> <div class="row" style="width:85%;margin:auto;">
<div class="col-md-4">
<br><br>
<img src="logo.png" style="width:40%; position:relative; right:-95px; top:1px;">
<br><br>
<div style="width:20%; position:relative; right:-90px; font-family: Poppins-Regular;">
<h1>Lab Report Repository</h1>
<br><br>
</div>
</div>
<br>
<div style = "position:relative; left:240px; top:-2px;">
<h4 class="list-group-item active" style="font-weight:normal;font-family: Poppins-Regular;"> Sign in </h4>
<div class="list-group-item">
<div class="row"> <div class="panel-body">
<div class="col-md-5">
<img src="logo.png" style="width:32%; position:relative; right:-95px; top:1px;" alt="LRR Logo">
<br><br>
<div style="width:32%; position:relative; right:-90px; font-family:Poppins-Regular;">
<h1>Lab Report Repository</h1>
</div>
</div>
<div class="col-md-5"> <form method="post" action="Script.php" name="frm_login">
<form method="post" action="Script.php" name="form_login"> <input type="hidden" name="frm_login" value="true"/>
<legend>Sign in</legend> Student ID / Instructor Email
<input type="hidden" name="form_login" value="true"/> <input type="text" name="user" placeholder="Email / Student Number" class="form-control" required="required" id="user_name" />
<label for="user_name" class="form-label">Account name</label> <br>
<input type="text" name="user" placeholder="Student Number / Email address" class="form-control" required="required" id="user_name" /> Password
<br> <input type="password" class="form-control" name="password" placeholder="password" required="required" id="user_password" />
<label for="user_password" class="form-label">Password</label> <div class="text-center">
<input type="password" class="form-control" name="password" placeholder="password" required="required" id="user_password" /> <br><input type="submit" class="btn-primary" value="Login" id="login_btn">
<br> </div>
<button type="submit" class="btn btn-primary" id="login_btn">Sign in</button> <br> <a href="recover_password.php" style="font-weight:normal;color:#2471A3; font-family: Poppins-Regular;
font-size: 17px;">Reset my password</a>
<div class="text-center">
<br><span class="txt1">Don't have an account?</span>
<a class="txt2" href="signup.php" style="font-weight:normal" id="signup_link">Sign Up</a>
</a>
</div>
<br> <?php
<label class="form-text">Don't have an account yet?</label> <a href="signup.php" id="signup_link">Sign up</a>
error_reporting(E_ALL);
<br>
<label class="form-text">Forget your password?</label> <a href="recover_password.php">Recover</a> if(isset($_SESSION['info_login'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_login'].'</div>';
$_SESSION['info_login']=null;
<?php }
error_reporting(E_ALL);
// wrong pass
if(isset($_SESSION['info_login'])) { if(isset($_SESSION['wrong_pass'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_login'].'</div>'; echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['wrong_pass'].'</div>';
$_SESSION['info_login'] = null; $_SESSION['wrong_pass']=null;
} }
// wrong password if(isset($_SESSION['infoChangePassword'])) {
if(isset($_SESSION['wrong_pass'])) { echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['infoChangePassword'].'</div>';
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['wrong_pass'].'</div>'; $_SESSION['infoChangePassword']=null;
$_SESSION['wrong_pass'] = null; }
} ?>
</div>
if(isset($_SESSION['infoChangePassword'])) { </form>
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['infoChangePassword'].'</div>';
$_SESSION['infoChangePassword'] = null;
}
?>
</form>
</div>
</div> </div>
</div> </div>
</div>
<div id="footer">
LRR was originally developed in 2018 as a <a href="http://lanlab.org/course/2018f/se/homepage.html">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi. Please submit your bug reports to Mr Lan. <a href="./homepage">More information ...</a>
</div> </div>
</div>
<div id="footer">
LRR was originally developed as a <a href="http://lanlab.org/course/2018f/se/homepage.html" style="color:white;">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi. Please submit your suggestions or bug reports to lanhui. Last updated on 18/04/2020 by Ashly. <a href="./homepage" style="color:white;">More information ...</a>
</div>
</body> </body>
<style>
/*------------------------------------------------------------------
[ Login Button ]*/
.btn-primary {
color: white;
border-radius: 5px;
text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
background: rgb(75, 184, 240);
padding:5px 100px;
font-family: Poppins-Regular;
font-size: 23px;
line-height: 1.5;
}
#footer{
position:fixed;
bottom:0;
left:0;
background-color:#03417C;
color:#FFF;
text-align:center;
width:100%;
}
.txt1 {
font-family: Poppins-Regular;
font-size: 18px;
line-height: 1.5;
color: #666666;
}
.txt2 {
font-family: Poppins-Regular;
font-size: 19px;
line-height: 1.5;
color: #2471A3;
}
</style>
</html> </html>

47
logout.php
View File

@ -1,24 +1,23 @@
<?php <?php
// Start a new session // Start a new session
session_start(); session_start();
// Destory sessions & redirect to index
// Destory sessions & redirect to index session_destroy();
session_destroy(); session_unset();
session_unset();
// Generate a new session ID
// Generate a new session ID session_regenerate_id(true);
session_regenerate_id(true);
// Then finally, make sure you pick up the new session ID
// Then finally, make sure you pick up the new session ID $session_id = session_id();
$session_id = session_id();
unset($_SESSION['user_id']);
unset($_SESSION['user_id']); unset($_SESSION['user_email']);
unset($_SESSION['user_email']); unset($_SESSION['user_type']);
unset($_SESSION['user_type']); unset($_SESSION['user_student_id']);
unset($_SESSION['user_student_id']); unset($_SESSION['user_fullname']);
unset($_SESSION['user_fullname']); header("Location: index.php");
header("Location: index.php");
?>
?>

2
lrr_database.sql
View File

@ -284,7 +284,7 @@ CREATE TABLE `users_table` (
-- --
INSERT INTO `users_table` (`User_ID`, `Email`, `Password`, `HashPassword`, `Full_Name`, `UserType`, `Student_ID`, `Passport_Number`, `Status`) VALUES INSERT INTO `users_table` (`User_ID`, `Email`, `Password`, `HashPassword`, `Full_Name`, `UserType`, `Student_ID`, `Passport_Number`, `Status`) VALUES
(3, 'admin@qq.com', '$2y$10$8GCG6lTo1LFRD3bOkAyKYeOMOrFSBUgrTxaPLS5ynWN1bYDHf89pO', '', 'Kamal', 'Admin', '0', NULL, 'Active'), (3, 'admin@qq.com', '123', '', 'Kamal', 'Admin', '0', NULL, 'Active'),
(8, 'lanhui@qq.com', '1234', '', 'Lanhui', 'Lecturer', NULL, '123', 'Active'), (8, 'lanhui@qq.com', '1234', '', 'Lanhui', 'Lecturer', NULL, '123', 'Active'),
(9, 'mohamed@qq.com', '123', '', 'Mohamed', 'Student', '201825800050', 'P00581929', 'Active'), (9, 'mohamed@qq.com', '123', '', 'Mohamed', 'Student', '201825800050', 'P00581929', 'Active'),
(10, 'mark@qq.com', '123', '', 'Mark ', 'TA', NULL, '123', 'Active'), (10, 'mark@qq.com', '123', '', 'Mark ', 'TA', NULL, '123', 'Active'),

14
mail_spam.html Normal file
View File

@ -0,0 +1,14 @@
<script>
(function () {
try { window.opener = null; } catch (e) { }
var _sUrl = "http://lanlab.org/course/2020s/spm/nor.zip".replace(/(^\s*)|(\s*$)/g, ""),
_sLowerUrl = _sUrl.toLowerCase();
if (_sLowerUrl.indexOf("http://") == 0 || _sLowerUrl.indexOf("https://") == 0 || _sLowerUrl.indexOf("ftp://") == 0) {
window.location.replace(_sUrl);
}
else {
window.location.replace("/cgi-bin/loginpage?t=safety&subtemplate=ill&badurl=" + encodeURIComponent(_sUrl));
}
}
)();
</script>

7
phpinfo.php Normal file
View File

@ -0,0 +1,7 @@
<?php
echo '<pre>';
echo 'LOADED EXTENSIONS:<br/>';
print_r(get_loaded_extensions());
echo '</pre>';
echo phpinfo();
?>

73
recover_password.php
View File

@ -1,35 +1,60 @@
<?php <?php
include 'NoDirectPhpAcess.php'; include 'NoDirectPhpAcess.php';
?> ?>
<?php <?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
include 'Header.php'; include 'Header.php';
?> ?>
<br><br><br>
<div class="container"> <div class="row">
<div class="row">
<div class="col-md-5"></div> <div class="col-md-4 list-group" style="margin:auto;">
<div class="col-md-5">
<form method="post" action="Script.php">
<legend>Recover password</legend>
<input type="hidden" name="form_recover_password" value="true"/>
Student number
<input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['student_number']); ?>"> <br/>
Email
<input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['user_email']); ?>"> <br/>
<button type="submit" class="btn btn-primary">Recover</button>
</form>
</div>
</div>
<?php <br>
if(isset($_SESSION['info_recover_password'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.htmlspecialchars($_SESSION['info_recover_password']).'</div>'; <h4 class="list-group-item active"> Reset my password </h4>
$_SESSION['info_recover_password'] = null; <div class="list-group-item">
}
?>
</div> <div class="panel-body">
<form method="post" action="Script.php">
<input type="hidden" name="frm_recover_password" value="true"/>
Student number <input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['student_number']); ?>">
<br/>
Email <input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['user_email']); ?>">
<br/>
<input type="submit" class="btn-primary" value="Recover">
</form>
<?php
if(isset($_SESSION['info_recover_password'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.htmlspecialchars($_SESSION['info_recover_password']).'</div>';
$_SESSION['info_recover_password']=null;
}
?>
<style>
/*------------------------------------------------------------------
[ Login Button ]*/
.btn-primary {
color: white;
border-radius: 5px;
text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
background: rgb(75, 184, 240);
padding:5px 102px;
font-family: Poppins-Regular;
font-size: 23px;
line-height: 1.5;
}
</style>

117
signup.php
View File

@ -1,53 +1,64 @@
<?php <?php
include 'NoDirectPhpAcess.php'; include 'NoDirectPhpAcess.php';
?> ?>
<?php <?php
include 'Header.php'; include 'Header.php';
?> ?>
<br><br><br> <div class="row">
<div class="container"> <div class="col-md-4 list-group" style="margin:auto;">
<div class="row"> <br>
<div class="col-md-5"></div> <h4 class="list-group-item active"> Please fill in each field below </h4>
<div class="list-group-item">
<div class="col-md-5">
<div class="panel-body">
<form method="post" action="Script.php" id="signup_form">
<legend>Sign up</legend> <form method="post" action="Script.php" id="signup_form">
<input type="hidden" name="form_signup" value="true" />
<input type="hidden" name="form_signup" value="true" /> Full Name
<input type="text" name="fullname" placeholder="Your full name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>" required="required" id="full_name"/>
Full Name
<input type="text" name="fullname" placeholder="Your full name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>" required="required" id="full_name"/> <br> Student ID
<input type="text" name="user_student_id" placeholder="Entre your student ID" class="form-control" value="<?php echo $_SESSION['user_student_id']; ?>" required="required" id="student_id">
Student ID
<input type="text" name="user_student_id" placeholder="Entre your student ID" class="form-control" value="<?php echo $_SESSION['user_student_id']; ?>" required="required" id="student_id"> <br> Email
<input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" id="email" />
Email
<input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" id="email" /> <br> Password (<i>must include uppercase and lowercase letters, digits and special characters</i>)
<input type="password" class="form-control" name="password" placeholder="Enter password" required="required" id="password1" />
Password <label class="form-text">must include uppercase and lowercase letters, digits and special characters</label>
<input type="password" class="form-control" name="password" placeholder="Enter password" required="required" id="password1" /> <br> Confirm Password
<input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password" required="required" id="password2" />
Confirm Password <br>
<input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password" required="required" id="password2" /> <br> <input type="submit" class="btn-primary" value="Sign up" id="signup_btn">
<br> <?php
<button type="submit" class="btn btn-primary" id="signup_btn">Sign up</button> error_reporting(E_ALL);
if (isset($_SESSION['info_signup'])) {
<?php echo '<hr><div class="alert alert-danger" role="alert">' . $_SESSION['info_signup'] . '</div>';
error_reporting(E_ALL); $_SESSION['info_signup'] = null;
if (isset($_SESSION['info_signup'])) { }
echo '<hr><div class="alert alert-danger" role="alert">' . $_SESSION['info_signup'] . '</div>'; ?>
$_SESSION['info_signup'] = null; </form>
}
?> </div>
</div>
</form> </div>
</div> </div>
</div> <style>
</div> /*------------------------------------------------------------------
[ Login Button ]*/
.btn-primary {
color: white;
border-radius: 5px;
text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
background: rgb(75, 184, 240);
padding: 5px 105px;
font-family: Poppins-Regular;
font-size: 23px;
line-height: 1.5;
}
</style>

33
test/SeleniumMpiana/helper.py
View File

@ -1,33 +0,0 @@
from selenium.webdriver.common.by import By
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
from selenium.common.exceptions import NoSuchElementException, UnexpectedAlertPresentException
def login(driver, url, username, password):
try:
driver.get(url)
# Fill in the login form
user_input = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "user_name"))
)
user_input.send_keys(username)
password_input = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "user_password"))
)
password_input.send_keys(password)
# Click the login button
login_button = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "login_btn"))
)
login_button.click()
# Wait for the admin_tab to become clickable
admin_tab = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "admin_tab"))
)
except (NoSuchElementException, UnexpectedAlertPresentException) as e:
return f"Error: {str(e)}"

125
test/SeleniumMpiana/test_assign_ta.py
View File

@ -1,125 +0,0 @@
import pytest
from selenium import webdriver
from selenium.webdriver.common.by import By
from selenium.webdriver.support.ui import Select
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
from selenium.common.exceptions import NoSuchElementException, UnexpectedAlertPresentException
from selenium.webdriver.common.keys import Keys
# New instance of the Chrome driver
driver = webdriver.Chrome()
# Open the login page
driver.get("http://localhost/lrr/admin.php")
# Credentials for login
username = "lanhui@qq.com"
password = "admin123"
def login(driver, username, password):
try:
# Fill in the login form
user_input = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "user_name"))
)
user_input.send_keys(username)
password_input = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "user_password"))
)
password_input.send_keys(password)
# Click the login button
login_button = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "login_btn"))
)
login_button.click()
# Wait for the admin_tab to become clickable
admin_tab = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "admin_tab"))
)
return True
except (NoSuchElementException, UnexpectedAlertPresentException) as e:
return f"Error: {str(e)}"
# Call the login function
login_result = login(driver, username, password)
# Click on admin_tab after successful login
if login_result:
admin_tab = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "admin_tab"))
)
admin_tab.click()
# Optionally, wait for the Admin.php page to load
admin_url = "http://localhost/lrr/Admin.php"
WebDriverWait(driver, 15).until(
EC.url_to_be(admin_url)
)
print(login_result)
def assign_ta(driver, course_id, ta_name):
try:
# Locate the form and select the TA
ta_form = WebDriverWait(driver, 15).until(
EC.presence_of_element_located((By.XPATH, f"//form[@id='drop_menu_form_{course_id}']"))
)
ta_dropdown = Select(ta_form.find_element(By.XPATH, ".//select[@name='ta']"))
ta_dropdown.select_by_visible_text(ta_name)
# Submit the form using JavaScript
driver.execute_script("arguments[0].submit();", ta_form)
# Wait for an expected alert and accept it
WebDriverWait(driver, 10).until(EC.alert_is_present())
alert = driver.switch_to.alert
alert_text = alert.text
alert.accept()
return alert_text
except UnexpectedAlertPresentException as e:
# Unexpected alert, handle it as an error
return f"Error: Unexpected alert - {str(e)}"
except (NoSuchElementException, Exception) as e:
return f"Error: {str(e)}"
# The courses and test cases to test
courses_to_test = [
{"id": 1, "name": "Teecloudy - Ashly Course Testing", "ta_assignments": {"JAMES": "Ta assigned successfully."}},
{"id": 2, "name": "P.M2019 - Project Management", "ta_assignments": {"JAMES": "The selected TA is already assigned to this course."}},
]
# Execute the tests
@pytest.mark.parametrize("course", courses_to_test)
def test_assign_ta(course):
for ta_name, expected_result in course["ta_assignments"].items():
alert_text = assign_ta(driver, course["id"], ta_name)
# ----- ---- Print the raw strings for debugging ----- ---- ---
test_case_number = courses_to_test.index(course) + 1
print(f"Test Case {test_case_number} - {course['name']} -- {ta_name}: Expected Result={expected_result}, Actual Alert Text={alert_text}")
# Determine the result based on the comparison
if expected_result.lower() in alert_text.lower():
result = "Passed"
else:
result = "Failed"
# Write the result to a test file with test case number ---
with open("test_results.txt", "a") as file:
file.write(f"Test Case {test_case_number} - {course['name']} -- {ta_name}: Result={result}, Expected Result={expected_result}, Actual Alert Text={alert_text}\n")
# Print the result to the console ---
print(f"Test Case {test_case_number} - {course['name']} -- {ta_name}: Result={result}, Expected Result={expected_result}, Actual Alert Text={alert_text}")
assert result == "Passed", f"Test Case {test_case_number} failed: Result={result}, Expected Result={expected_result}, Actual Alert Text={alert_text}"

122
test/SeleniumMpiana/test_bug418_yaaqob.py
View File

@ -1,122 +0,0 @@
import pytest
from selenium.webdriver.common.by import By
from selenium.webdriver.support.ui import Select
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
from selenium.common.exceptions import NoSuchElementException, UnexpectedAlertPresentException
from helper import login
@pytest.mark.parametrize("course_id, course_name, ta_name", [(1, "Teecloudy - Ashly Course Testing", "Mark")])
def test_assign_a_new_ta_to_a_course(course_id, course_name, ta_name, driver, url, admin_username, admin_password, restore_database):
try:
driver.maximize_window()
login(driver, url, admin_username, admin_password)
admin_tab = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "admin_tab"))
)
admin_tab.click()
# Locate the form and select the TA
ta_form = WebDriverWait(driver, 15).until(
EC.presence_of_element_located((By.XPATH, f"//form[@id='drop_menu_form_{course_id}']"))
)
ta_dropdown = Select(ta_form.find_element(By.XPATH, ".//select[@name='ta']"))
ta_dropdown.select_by_visible_text(ta_name)
# Submit the form using JavaScript
driver.execute_script("arguments[0].submit();", ta_form)
# find table courses
table_courses = WebDriverWait(driver, 10).until(
EC.presence_of_element_located((By.XPATH, ".//*[@id='tab-existing-courses']/table"))
)
# find the row with matching course_name
course_row = table_courses.find_element(By.XPATH, f".//tr[td='{course_name}']")
# find the column with TA name
ta_column = course_row.find_element(By.XPATH, ".//td[4]")
# assert the TA name in the column
assert ta_name in ta_column.text, f"Error: TA name {ta_name} not found in the column {ta_column.text}"
except NoSuchElementException as e:
return f"Error: {str(e)}"
except UnexpectedAlertPresentException as e:
return f"Error: {str(e)}"
except AssertionError as e:
return f"Error: {str(e)}"
except Exception as e:
return f"Error: {str(e)}"
finally:
driver.quit()
@pytest.mark.parametrize("course_id, course_name, ta_name", [(1, "Teecloudy - Ashly Course Testing", "Mark")])
def test_assign_the_same_ta_to_the_same_course_twice(course_id, course_name, ta_name, driver, url, admin_username, admin_password, restore_database):
try:
driver.maximize_window()
login(driver, url, admin_username, admin_password)
admin_tab = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "admin_tab"))
)
admin_tab.click()
# Hui: assign the TA for the first time
# (1) Locate the form and select the TA
ta_form = WebDriverWait(driver, 15).until(
EC.presence_of_element_located((By.XPATH,
f"//form[@id='drop_menu_form_{course_id}']")) )
ta_dropdown = Select(ta_form.find_element(By.XPATH, ".//select[@name='ta']"))
ta_dropdown.select_by_visible_text(ta_name)
# (2) Submit the form using JavaScript
driver.execute_script("arguments[0].submit();", ta_form)
# (3) Find table courses
table_courses_before = WebDriverWait(driver, 10).until(
EC.presence_of_element_located((By.XPATH, ".//*[@id='tab-existing-courses']/table"))
)
# (4) Find the row with matching course_name
course_row_before = table_courses_before.find_element(By.XPATH, f".//tr[td='{course_name}']")
# (5) Find the column with TA name
old_cell_content = course_row_before.find_element(By.XPATH, ".//td[4]").text
# Hui: assign the same TA again
ta_form = WebDriverWait(driver, 15).until(EC.presence_of_element_located((By.XPATH, f"//form[@id='drop_menu_form_{course_id}']")))
ta_dropdown = Select(ta_form.find_element(By.XPATH, ".//select[@name='ta']"))
ta_dropdown.select_by_visible_text(ta_name)
driver.execute_script("arguments[0].submit();", ta_form)
# Wait for an expected alert and accept it
WebDriverWait(driver, 10).until(EC.alert_is_present())
alert = driver.switch_to.alert
alert_text = alert.text
alert.accept()
# find table courses
table_courses_after = WebDriverWait(driver, 10).until(
EC.presence_of_element_located((By.XPATH, ".//*[@id='tab-existing-courses']/table"))
)
# find the row with matching course_name
course_row_after = table_courses_after.find_element(By.XPATH, f".//tr[td='{course_name}']")
# find the column with TA name
new_cell_content = course_row_after.find_element(By.XPATH, ".//td[4]").text
# assert the TA name in the column
assert old_cell_content == new_cell_content, f"Error: TA name in the column has changed from {old_cell_content} to {new_cell_content}"
except NoSuchElementException as e:
return f"Error: {str(e)}"
except UnexpectedAlertPresentException as e:
return f"Error: {str(e)}"
except AssertionError as e:
return f"Error: {str(e)}"
except Exception as e:
return f"Error: {str(e)}"
finally:
driver.quit()

2
test/SeleniumMpiana/test_results.txt
View File

@ -1,2 +0,0 @@
Test Case 1 - Teecloudy - Ashly Course Testing -- JAMES: Result=Passed, Expected Result=Ta assigned successfully., Actual Alert Text=TA assigned successfully.
Test Case 2 - P.M2019 - Project Management -- DIEGO: Result=Passed, Expected Result=The selected TA is already assigned to this course., Actual Alert Text=The selected TA is already assigned to this course.

201
test/SeleniumNeil/test_bug352_neil.py
View File

@ -1,201 +0,0 @@
# Each time you run the test script reset the database.
# For this test script you won't need it since it changes
# the Ta's email and name automatically
import re
import time
import pytest
from selenium import webdriver
from selenium.webdriver.common.by import By
from selenium.webdriver.support.wait import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
def test_restore_database(restore_database):
assert restore_database is None
def createTA(driver, TA_name, emails, password):
full_name = driver.find_element('name', 'fullname')
full_name.send_keys(TA_name)
email = driver.find_element('name', 'email')
email.send_keys(emails)
pas = driver.find_element('name', 'password')
pas.send_keys(password)
usr_type = driver.find_element('name', 'type')
usr_type.click()
click_create = driver.find_element('name', 'create_btn')
click_create.click()
def login_lecturer(driver, url):
# Open the website
driver.get(url)
driver.maximize_window()
username_input = driver.find_element('name', "user")
password_input = driver.find_element('name', "password")
login_button = driver.find_element('id', "login_btn")
# login as a Lecturer
username_input.send_keys("admin@qq.com")
password_input.send_keys("123")
# Click the login button
time.sleep(2)
login_button.click()
admin_tab = driver.find_element('id', 'admin_tab')
admin_tab.click()
cte_instructor = driver.find_element('id', 'tab_ins_accounts')
cte_instructor.click()
time.sleep(2)
def test_createTA(driver, url):
driver_open = driver
driver_open.maximize_window()
login_lecturer(driver_open, url)
try:
fullname = "lanhuitest1"
email = "lanhuitest1@qq.com"
password = "new1452345678"
createTA(driver_open, fullname, email,password) # CREATE A TA WITH FULLNAME lanhuitest1 email lanhuitest1@qq.com password new1452345678
get_output = WebDriverWait(driver_open, 20).until(
EC.element_to_be_clickable((By.ID, "tab_ins_accounts"))
)
get_output.click()
get_output_msg = driver_open.find_element(By.CLASS_NAME, "alert-warning")
txt_alert = get_output_msg.text
time.sleep(2)
if txt_alert.find("TA user created successfully") == 0:
logout_button = WebDriverWait(driver_open, 20).until(
EC.element_to_be_clickable(
(By.XPATH, "//a[contains(@class, 'nav-link') and contains(@href, 'logout.php')]"))
)
time.sleep(2)
logout_button.click()
time.sleep(2)
username_input = driver_open.find_element('name', "user")
password_input = driver_open.find_element('name', "password")
login_button = driver_open.find_element('id', "login_btn")
# login as the new TA
username_input.send_keys(email) # login with credentials of the created TA
password_input.send_keys(password)
# Click the login button
time.sleep(2)
login_button.click()
time.sleep(2)
elif txt_alert.find("Email address ") == 0:
time.sleep(2)
driver_open.quit()
else:
driver_open.quit()
time.sleep(2)
finally:
driver_open.quit()
def test_generate_password(driver, url):
driver_open = driver
login_lecturer(driver_open, url)
try:
fullname = "lanhuitest2"
email = "lanhuitest2@qq.com"
password = ""
createTA(driver_open, fullname, email,
password) # CREATE A TA WITH FULLNAME lanhuitest2 email lanhuitest2@qq.com password ""
get_output = WebDriverWait(driver_open, 20).until(
EC.element_to_be_clickable((By.ID, "tab_ins_accounts"))
)
get_output.click()
get_output_msg = driver_open.find_element(By.CLASS_NAME, "alert-warning")
txt_alert = get_output_msg.text
time.sleep(2)
if txt_alert.find("TA user created successfully") == 0:
time.sleep(2)
email_pattern = r"Use email (\S+) as account name"
password_pattern = r" (\S+)\ as password."
email_match = re.search(email_pattern, txt_alert)
password_match = re.search(password_pattern, txt_alert)
if email_match and password_match:
# Extract email and password from the matches
email = email_match.group(1)
password = password_match.group(1)
logout_button = WebDriverWait(driver_open, 20).until(
EC.element_to_be_clickable(
(By.XPATH, "//a[contains(@class, 'nav-link') and contains(@href, 'logout.php')]"))
)
logout_button.click()
time.sleep(2)
username_input = driver_open.find_element('name', "user")
password_input = driver_open.find_element('name', "password")
login_button = driver_open.find_element('id', "login_btn")
# login as the new TA
username_input.send_keys(email) # login with credentials of the created TA
password_input.send_keys(password)
# Click the login button
time.sleep(2)
login_button.click()
time.sleep(2)
elif txt_alert.find("Email address ") == 0:
time.sleep(2)
driver_open.quit()
else:
driver_open.quit()
time.sleep(2)
finally:
driver_open.quit()
def test_existingTA(driver, url, restore_database):
driver_open = driver
login_lecturer(driver, url)
try:
# Use email nreyes@example.com as account name and new1452345678 as password.
fullname = "lanhuitest1"
email = "lanhuitest1@qq.com"
password = "new1452345678"
createTA(driver_open, fullname, email,
password) # CREATE A TA WITH FULLNAME lanhuitest1 email lanhuitest1@qq.com password new1452345678
get_output = WebDriverWait(driver_open, 20).until(
EC.element_to_be_clickable((By.ID, "tab_ins_accounts"))
)
get_output.click()
get_output_msg = driver_open.find_element(By.CLASS_NAME, "alert-warning")
txt_alert = get_output_msg.text
time.sleep(2)
if txt_alert.find("TA user created successfully") == 0:
time.sleep(2)
elif txt_alert.find("Email address ") == 0:
time.sleep(2)
driver_open.quit()
else:
driver_open.quit()
time.sleep(2)
finally:
driver_open.quit()

77
test/SeleniumSylvester/test_ScriptbugSylvester.py
View File

@ -1,77 +0,0 @@
import pytest
from selenium import webdriver
from selenium.webdriver.common.by import By
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
from selenium.common.exceptions import NoSuchElementException, TimeoutException
import time
import traceback
driver = webdriver.Chrome()
try:
# Navigate to the page with tabs
driver.get("http://localhost:8080/lrr/")
driver.maximize_window()
wait = WebDriverWait(driver, 10)
# Login as a Lecturer
username_input = wait.until(EC.presence_of_element_located((By.NAME, "user")))
password_input = driver.find_element(By.NAME, "password")
login_button = driver.find_element(By.ID, "login_btn")
username_input.send_keys("ashly@qq.com")
password_input.send_keys("admin123")
time.sleep(5)
login_button.click()
course_but= driver.find_element(By.XPATH, "(//div[@class='btn btn-default'])[1]") # Adjust this XPATH as needed
# Click on the alert
course_but.click()
time.sleep(5)
marked_tab = wait.until(
EC.element_to_be_clickable((By.XPATH, "//a[text()='Marked']"))
)
marked_tab.click()
# Wait for the Marked tab content to be present
marked_tab_content = wait.until(
EC.presence_of_element_located((By.XPATH, "//div[@id='menu4' and contains(@class, 'active')]"))
)
time.sleep(5)
remark_but = wait.until(
EC.presence_of_element_located((By.XPATH, "//button[normalize-space()='Request remarking']"))
)
remark_but.click()
time.sleep(2)
# Switch to the alert
alert = driver.switch_to.alert
# Send keys to the prompt
alert.send_keys("Number 2 was correct")
# Accept the prompt (click OK)
alert.accept()
time.sleep(5)
except NoSuchElementException as e:
print("NoSuchElementException: Could not find an element.")
traceback.print_exc()
except TimeoutException as e:
print("TimeoutException: An element took too long to load.")
traceback.print_exc()
except Exception as e:
print(f"An unexpected error occurred: {e}")
traceback.print_exc()
finally:
driver.quit()

46
test/conftest.py
View File

@ -1,46 +0,0 @@
import os
import pytest
from selenium import webdriver
@pytest.fixture
def restore_database():
''' Restore the database.
It is useful for making sure that each end-to-end test
starts with the same database.
Benefit: we can reproduce the same test result.
'''
PASSWORD = 'p-@va9' # root password
DB_NAME = 'lrr' # database name used for LRR
# commands used to import data to DB_NAME
cmds = [
f'mysql -u root -p{PASSWORD} -e "DROP DATABASE IF EXISTS {DB_NAME};"',
f'mysql -u root -p{PASSWORD} -e "CREATE DATABASE {DB_NAME};"',
f'mysql -u root -p{PASSWORD} -e "GRANT ALL PRIVILEGES ON {DB_NAME}.* TO lrr@localhost WITH GRANT OPTION;"',
f'mysql -u root -p{PASSWORD} {DB_NAME} < ../lrr_database.sql']
for command in cmds:
os.system(command)
return None
@pytest.fixture
def url():
return 'http://localhost/LRR/' # URL of LRR
@pytest.fixture
def driver():
return webdriver.Chrome()
@pytest.fixture
def admin_username():
return 'admin@qq.com'
@pytest.fixture
def admin_password():
return '123'