Compare commits
17 Commits
Bug404-Eds
...
master
Author | SHA1 | Date |
---|---|---|
mrlan | 244af4c11b | |
mrlan | 0539b7053a | |
mrlan | f4c373611b | |
Hui Lan | d94421a160 | |
mrlan | a02b3bec4b | |
Adjei Kingsley | 3214b26d5d | |
Adjei Kingsley | f76cc2eb49 | |
mrlan | f7f9558721 | |
YAKUBU ABDULAI | 1e8533090f | |
徐宣 | 74a8a68ee9 | |
YEBOAH MARTHA ASAMOAH | e9a7af1059 | |
mrlan | 6831fdcd0f | |
ileaderx | 868f5854a2 | |
ileaderx | 8a47d3733c | |
EDSON NYONI | 0065489fcb | |
mrlan | 3bff64f400 | |
Lan Hui | 423010d225 |
80
Admin.php
80
Admin.php
|
@ -7,14 +7,15 @@ $page = "admin";
|
||||||
include 'Header.php';
|
include 'Header.php';
|
||||||
?>
|
?>
|
||||||
|
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
if ($_SESSION['user_type'] != "Lecturer") {
|
// Only Lecturer or Admin could access this page
|
||||||
$_SESSION["info_login"] = "You must log in first.";
|
if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
|
||||||
echo $_SESSION["info_login"];
|
die("Sorry. Nothing to see here.");
|
||||||
header("Location: index.php");
|
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
|
|
||||||
|
|
||||||
<style>
|
<style>
|
||||||
.col-md-4 {
|
.col-md-4 {
|
||||||
border-right: 1px solid skyblue;
|
border-right: 1px solid skyblue;
|
||||||
|
@ -36,10 +37,21 @@ if ($_SESSION['user_type'] != "Lecturer") {
|
||||||
<hr>
|
<hr>
|
||||||
-->
|
-->
|
||||||
<div class="col-md-6">
|
<div class="col-md-6">
|
||||||
<h4> User Account Management </h4>
|
|
||||||
<hr>
|
|
||||||
|
|
||||||
<b>Lecturer / TA Accounts </b><br>
|
<?php
|
||||||
|
if ($_SESSION['user_type'] == "Lecturer") {
|
||||||
|
|
||||||
|
echo " <h4> TA Account Management </h4>
|
||||||
|
<hr> " ;
|
||||||
|
echo "<b>TA Accounts </b><br>" ;
|
||||||
|
}
|
||||||
|
else if($_SESSION['user_type'] == "Admin"){
|
||||||
|
echo " <h4> Lecturer Account Management </h4>
|
||||||
|
<hr> ";
|
||||||
|
echo "<b>Lecturer Accounts </b><br>";
|
||||||
|
}
|
||||||
|
|
||||||
|
?>
|
||||||
|
|
||||||
<div class="container">
|
<div class="container">
|
||||||
|
|
||||||
|
@ -65,20 +77,45 @@ if ($_SESSION['user_type'] != "Lecturer") {
|
||||||
|
|
||||||
<div id="home" class="container tab-pane active"><br>
|
<div id="home" class="container tab-pane active"><br>
|
||||||
|
|
||||||
<b>Create Lecturer/TA Accounts </b>
|
<?php
|
||||||
|
if ($_SESSION['user_type'] == "Lecturer") {
|
||||||
|
|
||||||
|
echo "<b>Create TA Accounts </b>";
|
||||||
|
|
||||||
|
}
|
||||||
|
else if($_SESSION['user_type'] == "Admin"){
|
||||||
|
echo "<b>Create Lecturer Accounts </b>";
|
||||||
|
}
|
||||||
|
|
||||||
|
?>
|
||||||
<form method="post" action="Script.php" id="create_account_form">
|
<form method="post" action="Script.php" id="create_account_form">
|
||||||
<input type="hidden" name="frm_createlecturrer" value="true" required="" />
|
<input type="hidden" name="frm_createlecturrer" value="true" required="" />
|
||||||
Full_Name
|
Full Name
|
||||||
<input type="text" name="fullname" placeholder="Full Name" class="form-control" required="">
|
<input type="text" name="fullname" placeholder="Full Name" class="form-control" required="">
|
||||||
Email
|
Email
|
||||||
<input type="text" name="email" placeholder="Email / Student Number" class="form-control" required="">
|
<input type="text" name="email" placeholder="Email / Student Number" class="form-control" required="">
|
||||||
|
|
||||||
Passport_Number / ID (Used as Intial Password)
|
Passport Number / ID (Used as Initial Password)
|
||||||
<input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required="">
|
<input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required="">
|
||||||
<br> User Type :
|
<br> User Type :
|
||||||
<input type="radio" name="type" value="Lecturer" required="" id="role_lecturer"> Lecturer
|
|
||||||
<input type="radio" name="type" value="TA" required="" id="role_TA"> T/A
|
<?php
|
||||||
|
|
||||||
|
if ($_SESSION['user_type'] == "Lecturer") {
|
||||||
|
|
||||||
|
echo ' <input type="radio" name="type" value="TA" required="" id="role_TA"> TA (Teaching Assistant) ';
|
||||||
|
|
||||||
|
}
|
||||||
|
else if($_SESSION['user_type'] == "Admin"){
|
||||||
|
|
||||||
|
echo " <input type='radio' name = 'type' value = 'Lecturer' required = '' id='role_lecturer' > Lecturer ";
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
?>
|
||||||
|
|
||||||
<input type="submit" class="btn btn-primary" value="Create" id="create_btn"><br>
|
<input type="submit" class="btn btn-primary" value="Create" id="create_btn"><br>
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
error_reporting(E_ALL);
|
error_reporting(E_ALL);
|
||||||
|
@ -112,10 +149,21 @@ if ($_SESSION['user_type'] != "Lecturer") {
|
||||||
</tr>
|
</tr>
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
$result = mysqli_query(
|
if ($_SESSION['user_type'] == "Lecturer") {
|
||||||
$con,
|
|
||||||
"SELECT * FROM Users_Table WHERE UserType in ('Lecturer','TA')"
|
$result = mysqli_query(
|
||||||
);
|
$con,
|
||||||
|
"SELECT * FROM Users_Table WHERE UserType in ('TA')"
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
else if($_SESSION['user_type'] == "Admin"){
|
||||||
|
$result = mysqli_query(
|
||||||
|
$con,
|
||||||
|
"SELECT * FROM Users_Table WHERE UserType in ('Lecturer')"
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
while ($row = mysqli_fetch_assoc($result)) {
|
while ($row = mysqli_fetch_assoc($result)) {
|
||||||
$pass = $row['Passport_Number'];
|
$pass = $row['Passport_Number'];
|
||||||
$btn = "<button class='btn-primary' onclick=\"updatePass(" . $row['User_ID'] . ",'$pass')\">Reset</button>";
|
$btn = "<button class='btn-primary' onclick=\"updatePass(" . $row['User_ID'] . ",'$pass')\">Reset</button>";
|
||||||
|
|
87
Course.php
87
Course.php
|
@ -57,9 +57,9 @@ if(!empty($_GET["url"]))
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
if (isset($_SESSION['info_ReMarking'])) {
|
if (isset($_SESSION['info_general'])) {
|
||||||
echo '<hr><div class="alert alert-info" role="alert" style="float:left;">' . $_SESSION['info_ReMarking'] . '</div>';
|
echo '<hr><div class="alert alert-info" role="alert" style="float:left;">' . $_SESSION['info_general'] . '</div>';
|
||||||
$_SESSION['info_ReMarking']=null;
|
$_SESSION['info_general']=null;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_SESSION['info_courses'])) {
|
if (isset($_SESSION['info_courses'])) {
|
||||||
|
@ -529,21 +529,37 @@ course_groups_table.Course_Group_id=course_group_members_table.Course_Group_id W
|
||||||
$extra3=" <a href='#' class='' onclick='accept($id,0)'>Decline</a></small>";
|
$extra3=" <a href='#' class='' onclick='accept($id,0)'>Decline</a></small>";
|
||||||
|
|
||||||
}
|
}
|
||||||
echo "<div class='btn-default'><small> $name ($status) $extra $extra2 $extra3</small></div>";
|
|
||||||
|
# Add "delete group" button and allow only group creator to delete it
|
||||||
|
$extra4 = "<button onclick='delete_group($id)' class='btn btn-danger' style='height: 25px; width: 90px;
|
||||||
|
line-height: 10px; font-size: 10px'>DELETE GROUP</button>";
|
||||||
|
|
||||||
|
echo "<div class='btn-default'><small> $name ($status) $extra $extra2 $extra3" .
|
||||||
|
(($status == "Created")? "$extra4": "")
|
||||||
|
."</small></div>";
|
||||||
|
|
||||||
$rs2=mysqli_query($con,"SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID,
|
$rs2=mysqli_query($con,"SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID,
|
||||||
course_group_members_table.`Status`,users_table.Full_Name FROM `course_group_members_table`
|
course_group_members_table.`Status`,users_table.Full_Name FROM `course_group_members_table`
|
||||||
INNER JOIN users_table on users_table.Student_ID=course_group_members_table.Student_ID
|
INNER JOIN users_table on users_table.Student_ID=course_group_members_table.Student_ID
|
||||||
where course_group_members_table.Course_Group_id=$id");
|
where course_group_members_table.Course_Group_id=$id");
|
||||||
|
|
||||||
|
#Check whether the current user in session is the creator of the group
|
||||||
|
$rs3 = mysqli_query($con, "SELECT `Status` from course_group_members_table where Student_ID = $student_id");
|
||||||
|
$flag = mysqli_fetch_assoc($rs3)['Status'] == "Created";
|
||||||
|
|
||||||
while($row = mysqli_fetch_assoc($rs2)) {
|
while($row = mysqli_fetch_assoc($rs2)) {
|
||||||
$name=$row['Full_Name'];
|
$name=$row['Full_Name'];
|
||||||
$id=$row['Course_Group_id'];
|
$id=$row['Course_Group_id'];
|
||||||
$status=$row['Status'];
|
$status=$row['Status'];
|
||||||
$Student_ID=$row['Student_ID'];
|
$Student_ID=$row['Student_ID'];
|
||||||
|
|
||||||
|
#Show group members + remove button next to each member except the creator of the group
|
||||||
echo "<li><small> $name-$Student_ID ($status)</small></li>";
|
if($flag){
|
||||||
|
echo "<li><small> $name-$Student_ID ($status)</small>".(($status != "Created")?"<button onclick='remove_member($Student_ID, $id)'
|
||||||
|
class='btn btn-danger' style='height: 25px; width: 80px; line-height: 10px;'>remove</button>":"")."</li>";
|
||||||
|
}else{
|
||||||
|
echo "<li><small> $name-$Student_ID ($status)</small>";
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -688,5 +704,62 @@ function remarking(data)
|
||||||
window.location.href = data+"&details="+details;
|
window.location.href = data+"&details="+details;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function remove_member(student_id, group_id) {
|
||||||
|
|
||||||
|
try
|
||||||
|
{
|
||||||
|
|
||||||
|
|
||||||
|
$('<form id="frm" method="get" action="Script.php"><input type="hidden" name="removemember" value="true">\n\
|
||||||
|
<input type="hidden" name="student_id" value="'+student_id+'" > \n\
|
||||||
|
<input type="hidden" name="group_id" value="'+group_id+'">\n\
|
||||||
|
<input type="hidden" name="url" value="<?php echo $url; ?>"></form>').dialog({
|
||||||
|
modal: true,
|
||||||
|
title:'Remove '+student_id+'?',
|
||||||
|
buttons: {
|
||||||
|
'Confirm': function () {
|
||||||
|
$('#frm').submit();
|
||||||
|
|
||||||
|
$(this).dialog('close');
|
||||||
|
},
|
||||||
|
'X': function () {
|
||||||
|
|
||||||
|
$(this).dialog('close');
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
} catch(e){ alert(e); }
|
||||||
|
}
|
||||||
|
|
||||||
|
function delete_group(id) {
|
||||||
|
|
||||||
|
try
|
||||||
|
{
|
||||||
|
|
||||||
|
|
||||||
|
$('<form id="frm" method="get" action="Script.php"><input type="hidden" name="deletegroup" value="true">\n\
|
||||||
|
<input type="hidden" name="group_id" value="'+id+'" > \n\
|
||||||
|
<input type="hidden" name="url" value="<?php echo $url; ?>"></form>').dialog({
|
||||||
|
modal: true,
|
||||||
|
title:'Delete this group?',
|
||||||
|
buttons: {
|
||||||
|
'Confirm': function () {
|
||||||
|
$('#frm').submit();
|
||||||
|
|
||||||
|
$(this).dialog('close');
|
||||||
|
},
|
||||||
|
'X': function () {
|
||||||
|
|
||||||
|
$(this).dialog('close');
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
} catch(e){ alert(e); }
|
||||||
|
}
|
||||||
|
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
|
|
24
Courses.php
24
Courses.php
|
@ -153,14 +153,14 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
|
||||||
<input type='hidden' name='course_id' value='<?php echo "$id" ?>' required=''/>
|
<input type='hidden' name='course_id' value='<?php echo "$id" ?>' required=''/>
|
||||||
<input type='hidden' name='url' value='<?php echo ".$course_url." ?>' required=''/>
|
<input type='hidden' name='url' value='<?php echo ".$course_url." ?>' required=''/>
|
||||||
|
|
||||||
Dealine Date/Time
|
Deadline Date/Time
|
||||||
<div class='row'>
|
<div class='row'>
|
||||||
<div class='col-md-7'><input type='date' id='date' name='deadlinedate' placeholder='' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Date : ""; ?>"> </div>
|
<div class='col-md-7'><input type='date' id='date' name='deadlinedate' placeholder='' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Date : ""; ?>"> </div>
|
||||||
<div class='col-md-5'> <input type='text' id='time' class='form-control' name='deadlinetime' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Time : ""; ?>"> </div>
|
<div class='col-md-5'> <input type='text' id='time' class='form-control' name='deadlinetime' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Time : ""; ?>"> </div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
Title
|
Title
|
||||||
<input type='text' name='title' placeholder='Ttle' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Title : ""; ?>">
|
<input type='text' name='title' placeholder='Title' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Title : ""; ?>">
|
||||||
Instructions
|
Instructions
|
||||||
<textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required='' ><?php echo isset($_GET['act']) && $_GET['act']=='edit' ? $Instructions : ''; ?></textarea>
|
<textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required='' ><?php echo isset($_GET['act']) && $_GET['act']=='edit' ? $Instructions : ''; ?></textarea>
|
||||||
Marks
|
Marks
|
||||||
|
@ -181,9 +181,9 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
if ($Type == "Individual") {
|
if ($Type == "Individual") {
|
||||||
echo "Submission Type <input type='radio' name='type' value='Individual' checked /> Invidual <input type='radio' name='type' value='Group' /> Group";
|
echo "Submission Type <input type='radio' name='type' value='Individual' checked /> Individual <input type='radio' name='type' value='Group' /> Group";
|
||||||
} else {
|
} else {
|
||||||
echo "Submission Type <input type='radio' name='type' value='Individual' /> Invidual <input type='radio' name='type' value='Group' checked> Group";
|
echo "Submission Type <input type='radio' name='type' value='Individual' /> Individual <input type='radio' name='type' value='Group' checked> Group";
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
|
|
||||||
|
@ -213,14 +213,14 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
|
||||||
<input type='hidden' name='course_id' value='<?php echo "$id" ?>' required=''/>
|
<input type='hidden' name='course_id' value='<?php echo "$id" ?>' required=''/>
|
||||||
<input type='hidden' name='url' value='<?php echo ".$course_url." ?>' required=''/>
|
<input type='hidden' name='url' value='<?php echo ".$course_url." ?>' required=''/>
|
||||||
|
|
||||||
Dealine Date/Time
|
Deadline Date/Time
|
||||||
<div class='row'>
|
<div class='row'>
|
||||||
<div class='col-md-7'><input type='date' id='date' name='deadlinedate' placeholder='' class='form-control' required='' value=""> </div>
|
<div class='col-md-7'><input type='date' id='date' name='deadlinedate' placeholder='' class='form-control' required='' value=""> </div>
|
||||||
<div class='col-md-5'> <input type='time' class='form-control' name='deadlinetime' value=""> </div>
|
<div class='col-md-5'> <input type='time' class='form-control' name='deadlinetime' value=""> </div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
Title
|
Title
|
||||||
<input type='text' name='title' placeholder='Ttle' class='form-control' required='' value="">
|
<input type='text' name='title' placeholder='Title' class='form-control' required='' value="">
|
||||||
Instructions
|
Instructions
|
||||||
<textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required='' value=""></textarea>
|
<textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required='' value=""></textarea>
|
||||||
Marks
|
Marks
|
||||||
|
@ -238,7 +238,7 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
|
||||||
Attachment 4
|
Attachment 4
|
||||||
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
|
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
|
||||||
<br>
|
<br>
|
||||||
Submission Type <input type='radio' name='type' value='Individual' required=''> Invidual
|
Submission Type <input type='radio' name='type' value='Individual' required=''> Individual
|
||||||
|
|
||||||
<input type='radio' name='type' value='Group' required=''> Group
|
<input type='radio' name='type' value='Group' required=''> Group
|
||||||
<hr>
|
<hr>
|
||||||
|
@ -689,11 +689,13 @@ List courses by faculty
|
||||||
|
|
||||||
<select name='faculty' class='form-control'>";
|
<select name='faculty' class='form-control'>";
|
||||||
$result = mysqli_query($con,"SELECT DISTINCT(Faculty) as Faculty FROM `courses_table`");
|
$result = mysqli_query($con,"SELECT DISTINCT(Faculty) as Faculty FROM `courses_table`");
|
||||||
if(mysqli_num_rows($result)==0)
|
if(mysqli_num_rows($result)==0){
|
||||||
{} else { while($row = mysqli_fetch_assoc($result)) {
|
|
||||||
|
} else {
|
||||||
|
echo"<option value=''> Search by faculty </option>";
|
||||||
|
while($row = mysqli_fetch_assoc($result)) {
|
||||||
$fname=$row['Faculty'];
|
$fname=$row['Faculty'];
|
||||||
|
echo " <option value='$fname'> $fname </option>";
|
||||||
echo "<option value=''> Search by faculty </option> <option value='$fname'> $fname </option>";
|
|
||||||
}}
|
}}
|
||||||
|
|
||||||
echo "</select></div></div>
|
echo "</select></div></div>
|
||||||
|
|
|
@ -8,7 +8,7 @@ session_start();
|
||||||
|
|
||||||
// 修改这一行设置你的文件下载目录
|
// 修改这一行设置你的文件下载目录
|
||||||
// IMPORTANT: Do not delete the following conditional test
|
// IMPORTANT: Do not delete the following conditional test
|
||||||
if (strpos($_GET['file'], "../") != false) { // 检查是否有 ../,防止用户构造路径,访问某个他不应该访问的目录
|
if (strpos($_GET['file'], "../") !== false) { // 检查是否有 ../,防止用户构造路径,访问某个他不应该访问的目录
|
||||||
die("Sorry. Nothing to download.");
|
die("Sorry. Nothing to download.");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -2,6 +2,6 @@
|
||||||
// https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file
|
// https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file
|
||||||
if (!isset($_SERVER['HTTP_REFERER']) ) {
|
if (!isset($_SERVER['HTTP_REFERER']) ) {
|
||||||
/* choose the appropriate page to redirect users */
|
/* choose the appropriate page to redirect users */
|
||||||
die( header( 'location: index.php' ) );
|
die( header( 'location: logout.php' ) );
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
|
|
56
README.md
56
README.md
|
@ -18,15 +18,17 @@ Our mission is to make the experience of submitting assignments great for tens o
|
||||||
# Installation Instructions
|
# Installation Instructions
|
||||||
|
|
||||||
|
|
||||||
## Hui's steps
|
## Hui steps
|
||||||
|
|
||||||
I spent about two hours installing LRR to a bare, remote Ubuntu server (Ubuntu 20.04 LTS).
|
I spent about two hours installing LRR to a bare, remote Ubuntu server (Ubuntu 20.04 LTS).
|
||||||
|
|
||||||
LRR needs Apache and MySQL to run. I followed [How To Install Linux, Apache, MySQL, PHP (LAMP) stack on Ubuntu 20.04](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-20-04) to set up these server applications.
|
LRR needs Apache and MySQL to run. I followed [How To Install Linux, Apache, MySQL, PHP (LAMP) stack on Ubuntu 20.04](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-20-04) to set up these server applications. [How to install and configure PHP](https://ubuntu.com/server/docs/programming-php) is also a good guide.
|
||||||
|
|
||||||
LRR uses a database called `lrr`. I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server.
|
LRR uses a database called `lrr`. So create this database using MySQL root account. Open MySQL's prompt using `sudo mysql`. Create the database using command `CREATE DATABASE lrr;`, and grant all privileges to MySQL user `lrr` using command `GRANT ALL PRIVILEGES ON lrr.* TO 'mnc'@'localhost' WITH GRANT OPTION;`. If MySQL user mnc does not exist, create it using command `CREATE USER 'mnc'@'localhost' IDENTIFIED BY 'password'`.
|
||||||
The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.txt`.
|
|
||||||
The command for importing is `mysql -u mnc -p lrr < lrr_database_dump.txt`. Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail.
|
To facilitate data migration, I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server.
|
||||||
|
The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.txt`, where mnc after -u is MySQL's username, and lrr after -p is the database name.
|
||||||
|
The command for importing is `mysql -u mnc -p lrr < lrr_database_dump.txt`. Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail. Do not have lrr_database_dump.txt? You can use lrr_database.sql in this repo instead.
|
||||||
|
|
||||||
LRR also needs to store assignment submissions. We store them in a folder called `../../lrr_submission`. Note that `lrr_submission` is two levels above the project folder (where many PHP files reside). I copied this folder from the existing one. I think it is also OK if you create an empty folder.
|
LRR also needs to store assignment submissions. We store them in a folder called `../../lrr_submission`. Note that `lrr_submission` is two levels above the project folder (where many PHP files reside). I copied this folder from the existing one. I think it is also OK if you create an empty folder.
|
||||||
We need to set a proper owner and accessibility for `lrr_submission` using the following two commands:
|
We need to set a proper owner and accessibility for `lrr_submission` using the following two commands:
|
||||||
|
@ -49,7 +51,7 @@ Enable the site lrr: `sudo a2ensite lrr`. Restart the apache server: `sudo syst
|
||||||
Visit the LRR application by entering this URL in a web browser: http://121.4.94.30/.
|
Visit the LRR application by entering this URL in a web browser: http://121.4.94.30/.
|
||||||
|
|
||||||
|
|
||||||
## Enock's steps
|
## Enock steps
|
||||||
|
|
||||||
Enock, a graduate student here, has made a tutorial about how he deployed LRR to a remote server (http://lanlab.org/course/2021s/spm/PuTTY-Server.txt).
|
Enock, a graduate student here, has made a tutorial about how he deployed LRR to a remote server (http://lanlab.org/course/2021s/spm/PuTTY-Server.txt).
|
||||||
|
|
||||||
|
@ -171,49 +173,49 @@ We can also communicate through pull requests. You make a pull request, I revie
|
||||||
|
|
||||||
GitHub Account - Full Name - Student number
|
GitHub Account - Full Name - Student number
|
||||||
|
|
||||||
CODEwithZAKI - Omar Mohamud Mohamed - 202025800041
|
CODEwithZAKI - Omar Mohamud Mohamed - 2020041
|
||||||
|
|
||||||
BloudYoussef - Khayat Youssef - 202025800042
|
BloudYoussef - Khayat Youssef - 2020042
|
||||||
|
|
||||||
TanakaMichelle - Tanaka Michelle Sandati - 201732120134
|
TanakaMichelle - Tanaka Michelle Sandati - 2017134
|
||||||
|
|
||||||
WhyteAsamoah - Yeboah Martha Asamoah - 201732120135
|
WhyteAsamoah - Yeboah Martha Asamoah - 2017135
|
||||||
|
|
||||||
xiaoyusoil - ZhengXiaoyu - 201732120110
|
xiaoyusoil - ZhengXiaoyu - 2017110
|
||||||
|
|
||||||
Benny123-cell - ZhangBin - 201732120127
|
Benny123-cell - ZhangBin - 2017127
|
||||||
|
|
||||||
421281726 - LiJiaxing - 201732120118
|
421281726 - LiJiaxing - 2017118
|
||||||
|
|
||||||
zhenghongyu-david - ZhengHongyu - 201732120128
|
zhenghongyu-david - ZhengHongyu - 2017128
|
||||||
|
|
||||||
wkytz - YeHantao - 201732120125
|
wkytz - YeHantao - 2017125
|
||||||
|
|
||||||
zego000 - GaoZeng - 201732120117
|
zego000 - GaoZeng - 2017117
|
||||||
|
|
||||||
Richard1427 - XieJiacong - 201732120123
|
Richard1427 - XieJiacong - 2017123
|
||||||
|
|
||||||
yutengYing - YingYuteng - 201732120126
|
yutengYing - YingYuteng - 2017126
|
||||||
|
|
||||||
Samrusike - Samantha Rusike - 201632120140
|
Samrusike - Samantha Rusike - 2016140
|
||||||
|
|
||||||
*enockkays* <enockkhondowe94@yahoo.com>
|
*enockkays* <enockkhondowe94@yahoo.com>
|
||||||
|
|
||||||
*Teecloudy* - Ashly Tafadzwa Dhani - 201632120150
|
*Teecloudy* - Ashly Tafadzwa Dhani - 201150
|
||||||
|
|
||||||
GuedaliaBonheurSPM - Guedalia Youma - 201925800221
|
GuedaliaBonheurSPM - Guedalia Youma - 2019221
|
||||||
|
|
||||||
ACorneille - Alimasi Corneille - 201925800168
|
ACorneille - Alimasi Corneille - 2019168
|
||||||
|
|
||||||
Tabithakipanga - Kipanga Dorcas - 201925800170
|
Tabithakipanga - Kipanga Dorcas - 2019170
|
||||||
|
|
||||||
Mary-AK - Mary Akussah Doe - 201925800173
|
Mary-AK - Mary Akussah Doe - 2019173
|
||||||
|
|
||||||
pkkumson - Kumson Princewill Kum - 201925800166
|
pkkumson - Kumson Princewill Kum - 2019166
|
||||||
|
|
||||||
Twizere - Twizere Pacifique - 201925800174
|
Twizere - Twizere Pacifique - 2019174
|
||||||
|
|
||||||
Nicole-Rutagengwa - Nicole Rutagengwa - 201925800169
|
Nicole-Rutagengwa - Nicole Rutagengwa - 2019169
|
||||||
|
|
||||||
*hema-001* - Ibrahim Mohamed Ibrahim Ismail - omitted
|
*hema-001* - Ibrahim Mohamed Ibrahim Ismail - omitted
|
||||||
|
|
||||||
|
|
|
@ -8,8 +8,8 @@
|
||||||
|
|
||||||
|
|
||||||
include 'Header.php';
|
include 'Header.php';
|
||||||
$token=$_GET['token'];
|
$token = htmlspecialchars($_GET['token']);
|
||||||
$email=$_GET['email'];
|
$email = htmlspecialchars($_GET['email']);
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<div class="row">
|
<div class="row">
|
||||||
|
|
157
Script.php
157
Script.php
|
@ -57,14 +57,14 @@ if (!empty($_POST["form_signup"])) {
|
||||||
|
|
||||||
$student_result = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
|
$student_result = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
|
||||||
if (mysqli_num_rows($student_result) > 0) {
|
if (mysqli_num_rows($student_result) > 0) {
|
||||||
$_SESSION["info_signup"] = "This Student ID is already in use! Please contact Student Management Office <lanhui at zjnu.edu.cn> for help.";
|
$_SESSION["info_signup"] = "This Student ID is already in use! Please contact Student Management Office <lanhui at zjnu.edu.cn> for help.";
|
||||||
header("Location: signup.php");
|
header("Location: signup.php");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// ############################### CREATE STUDENT USER ##################################
|
// ############################### CREATE STUDENT USER ##################################
|
||||||
if (!empty($_POST["form_signup"])) {
|
if (!empty($_POST["form_signup"])) {
|
||||||
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
|
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
|
||||||
$student_id = mysqli_real_escape_string($con, $_POST["user_student_id"]);
|
$student_id = mysqli_real_escape_string($con, $_POST["user_student_id"]);
|
||||||
$email = mysqli_real_escape_string($con, $_POST["email"]);
|
$email = mysqli_real_escape_string($con, $_POST["email"]);
|
||||||
|
@ -98,16 +98,15 @@ if (!empty($_POST["form_signup"])) {
|
||||||
|
|
||||||
// check for strong password
|
// check for strong password
|
||||||
if (!$containsAll) {
|
if (!$containsAll) {
|
||||||
$_SESSION['info_signup'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and sepcial characters (e.g., !?.,*^).";
|
$_SESSION['info_signup'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and special characters (e.g., !?.,*^).";
|
||||||
header("Location: signup.php");
|
header("Location: signup.php");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
// check if email is taken
|
// check if email is taken
|
||||||
$result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
|
$result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
|
||||||
if(mysqli_num_rows($result) != 0)
|
if (mysqli_num_rows($result) != 0) {
|
||||||
{
|
$_SESSION["info_signup"] = "Email address " . $email . " is already in use.";
|
||||||
$_SESSION["info_signup"]="Email address ".$email." is already in use.";
|
|
||||||
$_SESSION['user_fullname'] = null;
|
$_SESSION['user_fullname'] = null;
|
||||||
header("Location: signup.php");
|
header("Location: signup.php");
|
||||||
return;
|
return;
|
||||||
|
@ -147,7 +146,7 @@ if (!empty($_POST["frm_login"])) {
|
||||||
$password = mysqli_real_escape_string($con, $_POST["password"]);
|
$password = mysqli_real_escape_string($con, $_POST["password"]);
|
||||||
$result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')");
|
$result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')");
|
||||||
if (mysqli_num_rows($result) == 0) {
|
if (mysqli_num_rows($result) == 0) {
|
||||||
$_SESSION["info_login"] = "Inavlid user name information.";
|
$_SESSION["info_login"] = "Invalid user name information.";
|
||||||
echo $_SESSION["info_login"];
|
echo $_SESSION["info_login"];
|
||||||
header("Location: index.php");
|
header("Location: index.php");
|
||||||
} else {
|
} else {
|
||||||
|
@ -196,7 +195,6 @@ if (!empty($_POST["frm_recover_password"])) {
|
||||||
// validate student number
|
// validate student number
|
||||||
if (strlen($student_id) != 12 || is_numeric($student_id) == FALSE) {
|
if (strlen($student_id) != 12 || is_numeric($student_id) == FALSE) {
|
||||||
$_SESSION["info_recover_password"] = "Invalid student number.";
|
$_SESSION["info_recover_password"] = "Invalid student number.";
|
||||||
#echo "Invalid student number.";
|
|
||||||
header("Location: recover_password.php");
|
header("Location: recover_password.php");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -248,7 +246,7 @@ if (!empty($_POST["frm_reset_password"])) {
|
||||||
|
|
||||||
// Password Update
|
// Password Update
|
||||||
$hashed_password = hash('sha512', $password);
|
$hashed_password = hash('sha512', $password);
|
||||||
$sql = "UPDATE users_table set HashPassword='$hashed_password' where User_ID=$userid;";
|
$sql = "UPDATE users_table set HashPassword='$hashed_password' where User_ID='$userid';";
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
|
|
||||||
error_reporting(0);
|
error_reporting(0);
|
||||||
|
@ -272,18 +270,20 @@ if (!empty($_POST["frm_createlecturrer"])) {
|
||||||
$type = mysqli_real_escape_string($con, $_POST["type"]);
|
$type = mysqli_real_escape_string($con, $_POST["type"]);
|
||||||
$password = mysqli_real_escape_string($con, $_POST["passport"]);
|
$password = mysqli_real_escape_string($con, $_POST["passport"]);
|
||||||
// check if email is taken
|
// check if email is taken
|
||||||
$result = mysqli_query($con,
|
$result = mysqli_query(
|
||||||
"SELECT * FROM Users_Table WHERE email='$email'");
|
$con,
|
||||||
if(mysqli_num_rows($result)!=0)
|
"SELECT * FROM Users_Table WHERE email='$email'"
|
||||||
{
|
);
|
||||||
$_SESSION["info_Admin_Users"]="Email address : ".$email." is already in use.";
|
if (mysqli_num_rows($result) != 0) {
|
||||||
header("Location: Admin.php");
|
$_SESSION["info_Admin_Users"] = "Email address : " . $email . " is already in use.";
|
||||||
|
header("Location: Admin.php");
|
||||||
}
|
}
|
||||||
$sql= "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
|
$password_hash = password_hash("$password", PASSWORD_DEFAULT);
|
||||||
. "('$email','$password','$fullname','$type')";
|
$sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
|
||||||
|
. "('$email','$password_hash','$fullname','$type')";
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
$_SESSION["info_Admin_Users"] = $type . " user Created successfully : email " . $email . " and $password as Password.";
|
$_SESSION["info_Admin_Users"] = $type . " user created successfully. Use email " . $email . " as account name and $password as password.";
|
||||||
header("Location: Admin.php");
|
header("Location: Admin.php");
|
||||||
} else {
|
} else {
|
||||||
echo "Error: " . $sql . "<br>" . $con->error;
|
echo "Error: " . $sql . "<br>" . $con->error;
|
||||||
|
@ -430,7 +430,7 @@ if (!empty($_POST["frm_uploadlab"])) {
|
||||||
|
|
||||||
$sql = "INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`,
|
$sql = "INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`,
|
||||||
`Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`,Marks,Type)
|
`Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`,Marks,Type)
|
||||||
VALUES ('$course_id','$date','$deadline','$instructions','$title','$targetfile','$targetfile2','$targetfile3','$targetfile3',$marks,'$type')";
|
VALUES ('$course_id','$date','$deadline','$instructions','$title','$targetfile','$targetfile2','$targetfile3','$targetfile3','$marks','$type')";
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
|
|
||||||
|
@ -467,7 +467,7 @@ if (!empty($_POST["frm_submitlab"])) {
|
||||||
$date = date("Y-m-d H:i:s");
|
$date = date("Y-m-d H:i:s");
|
||||||
|
|
||||||
// GET UPLOADED FILES
|
// GET UPLOADED FILES
|
||||||
$labName = mysqli_query($con, "SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID=$lab_id");
|
$labName = mysqli_query($con, "SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID='$lab_id'");
|
||||||
while ($row = mysqli_fetch_assoc($labName)) {
|
while ($row = mysqli_fetch_assoc($labName)) {
|
||||||
$lab_name = $row['Title'];
|
$lab_name = $row['Title'];
|
||||||
$_SESSION['Sub_Type'] = $row['Type']; // submission type, either Individual or Group
|
$_SESSION['Sub_Type'] = $row['Type']; // submission type, either Individual or Group
|
||||||
|
@ -571,13 +571,13 @@ if (!empty($_POST["frm_submitlab"])) {
|
||||||
$group_id = 0; // FIXME
|
$group_id = 0; // FIXME
|
||||||
}
|
}
|
||||||
|
|
||||||
$sql1 = "DELETE FROM lab_report_submissions where Lab_Report_ID=$lab_id and Student_id=$student_id and Course_Group_id=$group_id";
|
$sql1 = "DELETE FROM lab_report_submissions where Lab_Report_ID='$lab_id' and Student_id='$student_id' and Course_Group_id='$group_id'";
|
||||||
if ($con->query($sql1) === TRUE) {
|
if ($con->query($sql1) === TRUE) {
|
||||||
}
|
}
|
||||||
|
|
||||||
$sql = "INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`,"
|
$sql = "INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`,"
|
||||||
. " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)"
|
. " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)"
|
||||||
. " VALUES ('$date',$lab_id,$student_id,$group_id,'$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4',"
|
. " VALUES ('$date','$lab_id','$student_id','$group_id','$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4',"
|
||||||
. "'Pending','$title','')";
|
. "'Pending','$title','')";
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
|
@ -665,7 +665,7 @@ if (!empty($_GET["updatevisibility"])) {
|
||||||
$header = mysqli_real_escape_string($con, $_GET["header"]);
|
$header = mysqli_real_escape_string($con, $_GET["header"]);
|
||||||
$labid = mysqli_real_escape_string($con, $_GET["labid"]);
|
$labid = mysqli_real_escape_string($con, $_GET["labid"]);
|
||||||
|
|
||||||
$sql = "UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID=$id
|
$sql = "UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID='$id'
|
||||||
";
|
";
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
|
@ -681,18 +681,18 @@ if (!empty($_GET["updatevisibility"])) {
|
||||||
|
|
||||||
if (!empty($_GET["remarking"])) {
|
if (!empty($_GET["remarking"])) {
|
||||||
|
|
||||||
$id = mysqli_real_escape_string($con, $_GET["id"]);
|
$id = htmlspecialchars(mysqli_real_escape_string($con, $_GET["id"]));
|
||||||
$url = mysqli_real_escape_string($con, $_GET["url"]);
|
$url = htmlspecialchars(mysqli_real_escape_string($con, $_GET["url"]));
|
||||||
|
|
||||||
$status = mysqli_real_escape_string($con, $_GET["status"]);
|
$status = htmlspecialchars(mysqli_real_escape_string($con, $_GET["status"]));
|
||||||
$details = mysqli_real_escape_string($con, $_GET["details"]);
|
$details = htmlspecialchars(mysqli_real_escape_string($con, $_GET["details"]));
|
||||||
|
|
||||||
$sql = "UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID=$id
|
$sql = "UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID='$id'
|
||||||
";
|
";
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
|
|
||||||
$_SESSION["info_ReMarking"] = "Remarking Request Sent";
|
$_SESSION["info_general"] = "Remarking Request Sent";
|
||||||
header("Location: Course.php?url=" . $url);
|
header("Location: Course.php?url=" . $url);
|
||||||
} else {
|
} else {
|
||||||
echo "Error: " . $sql . "<br>" . $con->error;
|
echo "Error: " . $sql . "<br>" . $con->error;
|
||||||
|
@ -709,7 +709,7 @@ if (!empty($_GET["creategroup"])) {
|
||||||
$name = mysqli_real_escape_string($con, $_GET["name"]);
|
$name = mysqli_real_escape_string($con, $_GET["name"]);
|
||||||
|
|
||||||
$sql = "INSERT INTO `course_groups_table`(`Group_Name`,
|
$sql = "INSERT INTO `course_groups_table`(`Group_Name`,
|
||||||
`Group_Leader`, `Course_id`) VALUES ('$name',$student_id,$id)";
|
`Group_Leader`, `Course_id`) VALUES ('$name','$student_id','$id')";
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
|
|
||||||
|
@ -719,9 +719,9 @@ if (!empty($_GET["creategroup"])) {
|
||||||
}
|
}
|
||||||
|
|
||||||
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
|
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
|
||||||
VALUES ($gid,$student_id,'Created')";
|
VALUES ('$gid','$student_id','Created')";
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
$_SESSION["info_ReMarking"] = "Course group Created";
|
$_SESSION["info_general"] = "Course group Created";
|
||||||
header("Location: Course.php?url=" . $url);
|
header("Location: Course.php?url=" . $url);
|
||||||
} else {
|
} else {
|
||||||
echo "Error: " . $sql . "<br>" . $con->error;
|
echo "Error: " . $sql . "<br>" . $con->error;
|
||||||
|
@ -739,14 +739,21 @@ if (!empty($_GET["groupinvite"])) {
|
||||||
$url = mysqli_real_escape_string($con, $_GET["url"]);
|
$url = mysqli_real_escape_string($con, $_GET["url"]);
|
||||||
$courseid = mysqli_real_escape_string($con, $_GET["courseid"]);
|
$courseid = mysqli_real_escape_string($con, $_GET["courseid"]);
|
||||||
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
|
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
|
||||||
|
$student = mysqli_query($con, "SELECT * FROM students_data WHERE Student_ID = '$student_id' ");
|
||||||
|
|
||||||
$result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
|
if (mysqli_num_rows($student) > 0) {
|
||||||
if (mysqli_num_rows($result) > 0) {
|
|
||||||
$_SESSION["info_ReMarking"] = $student_id . " has already been invited";
|
$result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
|
||||||
header("Location: Course.php?url=" . $url);
|
if (mysqli_num_rows($result) > 0) {
|
||||||
|
$_SESSION["info_general"] = $student_id . " has already been invited.";
|
||||||
|
header("Location: Course.php?url=" . $url);
|
||||||
|
} else {
|
||||||
|
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
|
||||||
|
VALUES ('$groupid','$student_id','Invited')";
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
|
$_SESSION["info_general"] = $student_id . " is an invalid student number.";
|
||||||
VALUES ($groupid,$student_id,'Invited')";
|
header("Location: Course.php?url=" . $url);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
|
@ -764,26 +771,26 @@ if (!empty($_GET["groupinvite"])) {
|
||||||
|
|
||||||
if ($Group_Member == '0') {
|
if ($Group_Member == '0') {
|
||||||
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
|
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
|
||||||
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
|
$_SESSION["info_general"] = $student_id . " was invited to the group.";
|
||||||
header("Location: Course.php?url=" . $url);
|
header("Location: Course.php?url=" . $url);
|
||||||
} elseif ($Group_Member2 == '0') {
|
} elseif ($Group_Member2 == '0') {
|
||||||
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member2` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
|
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member2` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
|
||||||
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
|
$_SESSION["info_general"] = $student_id . " was invited to the group.";
|
||||||
header("Location: Course.php?url=" . $url);
|
header("Location: Course.php?url=" . $url);
|
||||||
} elseif ($Group_Member3 == '0') {
|
} elseif ($Group_Member3 == '0') {
|
||||||
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member3` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
|
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member3` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
|
||||||
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
|
$_SESSION["info_general"] = $student_id . " was invited to the group.";
|
||||||
header("Location: Course.php?url=" . $url);
|
header("Location: Course.php?url=" . $url);
|
||||||
} elseif ($Group_Member4 == '0') {
|
} elseif ($Group_Member4 == '0') {
|
||||||
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member4` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
|
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member4` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
|
||||||
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
|
$_SESSION["info_general"] = $student_id . " was invited to the group.";
|
||||||
header("Location: Course.php?url=" . $url);
|
header("Location: Course.php?url=" . $url);
|
||||||
} else {
|
} else {
|
||||||
$_SESSION["info_ReMarking"] = " You cant add any more members";
|
$_SESSION["info_general"] = " You cannot add any more members";
|
||||||
header("Location: Course.php?url=" . $url);
|
header("Location: Course.php?url=" . $url);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
|
$_SESSION["info_general"] = $student_id . " was invited to the group.";
|
||||||
header("Location: Course.php?url=" . $url);
|
header("Location: Course.php?url=" . $url);
|
||||||
} else {
|
} else {
|
||||||
echo "Error: " . $sql . "<br>" . $con->error;
|
echo "Error: " . $sql . "<br>" . $con->error;
|
||||||
|
@ -800,15 +807,51 @@ if (!empty($_GET["acceptinvite"])) {
|
||||||
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
|
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
|
||||||
|
|
||||||
if ($action == 1) {
|
if ($action == 1) {
|
||||||
$sql = "Update `course_group_members_table` set Status='Joined' where Course_Group_id =$groupid and student_id=$student_id
|
$sql = "Update `course_group_members_table` set Status='Joined' where Course_Group_id ='$groupid' and student_id='$student_id'
|
||||||
";
|
";
|
||||||
} else {
|
} else {
|
||||||
$sql = "Delete from `course_group_members_table` where Course_Group_id =$groupid and student_id=$student_id
|
$sql = "Delete from `course_group_members_table` where Course_Group_id ='$groupid' and student_id='$student_id'
|
||||||
";
|
";
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
$_SESSION["info_ReMarking"] = " Group Invite Updated";
|
$_SESSION["info_general"] = " Group Invite Updated";
|
||||||
|
header("Location: Course.php?url=" . $url);
|
||||||
|
} else {
|
||||||
|
echo "Error: " . $sql . "<br>" . $con->error;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#Remove a member from group
|
||||||
|
|
||||||
|
if (!empty($_GET["removemember"])) {
|
||||||
|
|
||||||
|
$student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
|
||||||
|
$group_id = mysqli_real_escape_string($con, $_GET["group_id"]);
|
||||||
|
$url = mysqli_real_escape_string($con, $_GET["url"]);
|
||||||
|
|
||||||
|
$sql = "Delete from `course_group_members_table` where student_id=$student_id and Course_Group_id=$group_id";
|
||||||
|
|
||||||
|
if ($con->query($sql) === TRUE) {
|
||||||
|
$_SESSION["info_general"] = " Member " . $student_id . " removed from the group";
|
||||||
|
header("Location: Course.php?url=" . $url);
|
||||||
|
} else {
|
||||||
|
echo "Error: " . $sql . "<br>" . $con->error;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#Delete a whole group
|
||||||
|
|
||||||
|
if (!empty($_GET["deletegroup"])) {
|
||||||
|
|
||||||
|
$group_id = mysqli_real_escape_string($con, $_GET["group_id"]);
|
||||||
|
$url = mysqli_real_escape_string($con, $_GET["url"]);
|
||||||
|
|
||||||
|
$sql1 = "Delete from `course_group_members_table` where Course_Group_id=$group_id";
|
||||||
|
$sql2 = "Delete from `course_groups_table` where Course_Group_id=$group_id";
|
||||||
|
|
||||||
|
if ($con->query($sql1) === TRUE && $con->query($sql2) === TRUE) {
|
||||||
|
$_SESSION["info_general"] = " Group has been deleted successfully. ";
|
||||||
header("Location: Course.php?url=" . $url);
|
header("Location: Course.php?url=" . $url);
|
||||||
} else {
|
} else {
|
||||||
echo "Error: " . $sql . "<br>" . $con->error;
|
echo "Error: " . $sql . "<br>" . $con->error;
|
||||||
|
@ -830,11 +873,11 @@ if (!empty($_GET["extenddeadline"])) {
|
||||||
$deadline = $date . " " . $time;
|
$deadline = $date . " " . $time;
|
||||||
|
|
||||||
if ($type == 1) {
|
if ($type == 1) {
|
||||||
$sql = "UPDATE `lab_reports_table` SET `Deadline`='$deadline' WHERE Lab_Report_ID=$id";
|
$sql = "UPDATE `lab_reports_table` SET `Deadline`='$deadline' WHERE Lab_Report_ID='$id'";
|
||||||
} else {
|
} else {
|
||||||
$sql = "INSERT INTO `extended_deadlines_table`(`Student_ID`, "
|
$sql = "INSERT INTO `extended_deadlines_table`(`Student_ID`, "
|
||||||
. "`Lab_Report_ID`, `Extended_Deadline_Date`,"
|
. "`Lab_Report_ID`, `Extended_Deadline_Date`,"
|
||||||
. " `ReasonsForExtension`) VALUES ($stdid,$id,'$deadline','$reason')";
|
. " `ReasonsForExtension`) VALUES ('$stdid','$id','$deadline','$reason')";
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
|
@ -856,7 +899,7 @@ if (!empty($_GET["ignoreremarking"])) {
|
||||||
|
|
||||||
$subid = mysqli_real_escape_string($con, $_GET["subid"]);
|
$subid = mysqli_real_escape_string($con, $_GET["subid"]);
|
||||||
|
|
||||||
$sql = "UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID=$subid";
|
$sql = "UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID='$subid'";
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
|
|
||||||
|
@ -874,7 +917,7 @@ if (!empty($_GET["assignTA"])) {
|
||||||
$id = mysqli_real_escape_string($con, $_GET["id"]);
|
$id = mysqli_real_escape_string($con, $_GET["id"]);
|
||||||
$ta = mysqli_real_escape_string($con, $_GET["ta"]);
|
$ta = mysqli_real_escape_string($con, $_GET["ta"]);
|
||||||
|
|
||||||
$sql = "INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ($id,$ta)";
|
$sql = "INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ('$id','$ta')";
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
|
|
||||||
|
@ -893,9 +936,9 @@ if (!empty($_GET["AcceptStudent"])) {
|
||||||
$rs = mysqli_real_escape_string($con, $_GET["rs"]);
|
$rs = mysqli_real_escape_string($con, $_GET["rs"]);
|
||||||
|
|
||||||
if ($rs == "yes") {
|
if ($rs == "yes") {
|
||||||
$sql = "Update course_students_table set Status='Joined' Where ID=$id";
|
$sql = "Update course_students_table set Status='Joined' Where ID='$id'";
|
||||||
} else {
|
} else {
|
||||||
$sql = "Delete FROM course_students_table Where ID=$id";
|
$sql = "Delete FROM course_students_table Where ID='$id'";
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
|
@ -931,7 +974,7 @@ if (!empty($_GET["action"])) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($action == "passchange" && $_SESSION['user_id'] == $uid) {
|
if ($action == "passchange" && $_SESSION['user_id'] == $uid) {
|
||||||
$sql = "UPDATE users_table set Password='$pass' where User_ID=$uid;";
|
$sql = "UPDATE users_table set Password='$pass' where User_ID='$uid';";
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
error_reporting(0);
|
error_reporting(0);
|
||||||
echo "Password has been changed";
|
echo "Password has been changed";
|
||||||
|
@ -945,7 +988,7 @@ if (!empty($_GET["action"])) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($action == "statuschange" && $_SESSION['user_id'] == $uid && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) {
|
if ($action == "statuschange" && $_SESSION['user_id'] == $uid && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) {
|
||||||
$sql = "UPDATE users_table set Status='$status' where User_ID=$uid;";
|
$sql = "UPDATE users_table set Status='$status' where User_ID='$uid';";
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
$_SESSION["info_Admin_Users"] = $type . " user Status updated successfully ";
|
$_SESSION["info_Admin_Users"] = $type . " user Status updated successfully ";
|
||||||
header("Location: Admin.php");
|
header("Location: Admin.php");
|
||||||
|
@ -1018,7 +1061,7 @@ INNER JOIN lab_reports_table on lab_reports_table.Lab_Report_ID=lab_report_submi
|
||||||
|
|
||||||
INNER JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
|
INNER JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
|
||||||
|
|
||||||
WHERE lab_report_submissions.Lab_Report_ID=$lab";
|
WHERE lab_report_submissions.Lab_Report_ID='$lab'";
|
||||||
|
|
||||||
$export = mysqli_query($con, $select);
|
$export = mysqli_query($con, $select);
|
||||||
|
|
||||||
|
@ -1048,7 +1091,7 @@ WHERE lab_report_submissions.Lab_Report_ID=$lab";
|
||||||
}
|
}
|
||||||
|
|
||||||
header("Content-type: application/octet-stream");
|
header("Content-type: application/octet-stream");
|
||||||
header("Content-Disposition: attachment; filename=$lab_name Garde Sheet.xls");
|
header("Content-Disposition: attachment; filename=$lab_name Grade Sheet.xls");
|
||||||
header("Pragma: no-cache");
|
header("Pragma: no-cache");
|
||||||
header("Expires: 0");
|
header("Expires: 0");
|
||||||
print "$header\n$data";
|
print "$header\n$data";
|
||||||
|
|
|
@ -9,7 +9,7 @@ include 'Header.php';
|
||||||
<div class="row" style="width:80%;margin:auto;">
|
<div class="row" style="width:80%;margin:auto;">
|
||||||
|
|
||||||
<div class="col-md-6">
|
<div class="col-md-6">
|
||||||
<h1> STUEDNT Account Created , Now you can Browse Course Portals </h1>
|
<h1> Student Account Created. Now you can Browse Course Portals </h1>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
</div>
|
</div>
|
|
@ -19,7 +19,7 @@ if (!$conn) {
|
||||||
}
|
}
|
||||||
|
|
||||||
//获得用户名数据
|
//获得用户名数据
|
||||||
$source = $_POST['users'];
|
$source = mysqli_real_escape_string($conn,$_POST['users']);
|
||||||
|
|
||||||
//如有多个空格,删除剩一个空格
|
//如有多个空格,删除剩一个空格
|
||||||
$source1 = preg_replace('/\s\s+/', ' ', $source);
|
$source1 = preg_replace('/\s\s+/', ' ', $source);
|
||||||
|
@ -31,13 +31,12 @@ $source2 = trim($source1);
|
||||||
//根据空格拆分
|
//根据空格拆分
|
||||||
$user = explode(' ', $source2);
|
$user = explode(' ', $source2);
|
||||||
|
|
||||||
|
|
||||||
//插入数据
|
//插入数据
|
||||||
for($index=0; $index < count($user); $index++) {
|
for($index=0; $index < count($user); $index++) {
|
||||||
$result = mysqli_query($conn, "SELECT * FROM `students_data` WHERE Student_ID='$user[$index]'");
|
$result = mysqli_query($conn, "SELECT * FROM `students_data` WHERE Student_ID='$user[$index]'");
|
||||||
if (mysqli_num_rows($result) < 1) {
|
if (mysqli_num_rows($result) < 1) {
|
||||||
if (! mysqli_query($conn, "REPLACE INTO `students_data`(`Student_ID`, `Passport_Number`) VALUES('$user[$index]', '')" ) ) {
|
if (! mysqli_query($conn, "REPLACE INTO `students_data`(`Student_ID`, `Passport_Number`) VALUES('$user[$index]', '')" ) ) {
|
||||||
echo "SQL Error: " . $sql_stmt . "<br>" . mysqli_error($conn);
|
echo "SQL Error: " . $sql_stmt . "<br>" .htmlspecialchars(mysqli_error($conn));
|
||||||
} else {
|
} else {
|
||||||
echo "<p>Student number $user[$index] added.</p>";
|
echo "<p>Student number $user[$index] added.</p>";
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,11 +1,11 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
// Destory sessions & redirect to index
|
|
||||||
|
|
||||||
session_destroy();
|
|
||||||
session_unset();
|
|
||||||
// Start a new session
|
// Start a new session
|
||||||
session_start();
|
session_start();
|
||||||
|
// Destory sessions & redirect to index
|
||||||
|
session_destroy();
|
||||||
|
session_unset();
|
||||||
|
|
||||||
|
|
||||||
// Generate a new session ID
|
// Generate a new session ID
|
||||||
session_regenerate_id(true);
|
session_regenerate_id(true);
|
||||||
|
|
|
@ -27,9 +27,9 @@ include 'Header.php';
|
||||||
<div class="panel-body">
|
<div class="panel-body">
|
||||||
<form method="post" action="Script.php">
|
<form method="post" action="Script.php">
|
||||||
<input type="hidden" name="frm_recover_password" value="true"/>
|
<input type="hidden" name="frm_recover_password" value="true"/>
|
||||||
Student number <input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo $_SESSION['student_number']; ?>">
|
Student number <input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['student_number']); ?>">
|
||||||
<br/>
|
<br/>
|
||||||
Email <input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo $_SESSION['user_email']; ?>">
|
Email <input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['user_email']); ?>">
|
||||||
<br/>
|
<br/>
|
||||||
<input type="submit" class="btn-primary" value="Recover">
|
<input type="submit" class="btn-primary" value="Recover">
|
||||||
|
|
||||||
|
@ -38,7 +38,7 @@ include 'Header.php';
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
if(isset($_SESSION['info_recover_password'])) {
|
if(isset($_SESSION['info_recover_password'])) {
|
||||||
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_recover_password'].'</div>';
|
echo '<hr><div class="alert alert-danger" role="alert">'.htmlspecialchars($_SESSION['info_recover_password']).'</div>';
|
||||||
$_SESSION['info_recover_password']=null;
|
$_SESSION['info_recover_password']=null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue