mrlan
/
LRR
3
0
Fork 2
Code Issues Pull Requests 7 Projects Releases Wiki Activity

Compare commits

base: mrlan:Hui-Organize
Branches Tags
mrlan:Bug197-Zayid
mrlan:Hui-Organize
mrlan:Bug193-Martha
mrlan:Bug430-Eden
mrlan:Bug486-Nartey
mrlan:Nartey-Testscript
mrlan:Eden-Testscript
mrlan:BUG352-NEIL2
mrlan:Bug352-Neil-Revised
mrlan:Bug418-Yaaqob
mrlan:update-MPIANA-tests
mrlan:Bug418-YAAQOB-MPIANA
mrlan:Bug557-Ayoub
mrlan:BUG352-NEIL
mrlan:Bug430-Eden2
mrlan:nar
mrlan:master
mrlan:Hui-improve-README.md
mrlan:Bug469-Hui
mrlan:Bug519-Hui
mrlan:Refactor-Moyo
mrlan:Bug469-kingsley
mrlan:Bug457-YAAQOB
mrlan:Bug510-Abdulai
mrlan:Bug485-Abdulai
mrlan:Xuxuan
mrlan:Bug196-Ward
mrlan:Bug404-Edson
mrlan:niweicong-bug-458-revised
mrlan:Bug34-Lamashevskyi
mrlan:Bug418-Lamashevskyi
mrlan:Bug37-Dmytro
mrlan:Bug_461_Martha
mrlan:niweicong-bug-458&459
mrlan:SPM-Zayid-468
mrlan:Bug23-Haji
mrlan:bug23-Haaji
mrlan:SMP-ZAYID-468-FEATURE
mrlan:LiangLigang
mrlan:Bug256-Umar
mrlan:Bug246-Petros
mrlan:AutoTesting-Golden
mrlan:IDVerificationBug-Golden
mrlan:Bug200-Ward
mrlan:SeleniumIbrahim-Ibrahim
mrlan:SeleniumIbrahimUpdate-Ibrahim
mrlan:bug231-Ibrahim
mrlan:bug312-Golden
mrlan:Bug203-Hui
mrlan:Hui-UserDoc
mrlan:Hui-DeleteUnnecessaryImages
mrlan:ProjectHomePage
mrlan:Hui-Bug330
mrlan:Hui-CodeIndentation
mrlan:Hui-Bug29
mrlan:Hui-Bug337
mrlan:SIMPLICITY_link
mrlan:Hui-IndentCode
mrlan:Mabasa-bugfix-199
mrlan:Mabasa-readmefix
mrlan:Mvondo-bugfix-21
mrlan:Hui-LecturerEmail
mrlan:SIMPLICITY_Bug-189_Course_Delete_btn
kasoka:Bug200-Ward
kasoka:SeleniumIbrahim-Ibrahim
kasoka:master
kasoka:SeleniumIbrahimUpdate-Ibrahim
kasoka:Bug37-Dmytro
kasoka:bug231-Ibrahim
kasoka:bug312-Golden
kasoka:Bug203-Hui
kasoka:Hui-improve-README.md
kasoka:Hui-UserDoc
kasoka:Hui-DeleteUnnecessaryImages
kasoka:ProjectHomePage
kasoka:Hui-Bug330
kasoka:Hui-CodeIndentation
kasoka:Hui-Bug29
kasoka:Hui-Bug337
kasoka:SIMPLICITY_link
kasoka:Hui-IndentCode
kasoka:Mabasa-bugfix-199
kasoka:Mabasa-readmefix
kasoka:Mvondo-bugfix-21
kasoka:Hui-LecturerEmail
kasoka:SIMPLICITY_Bug-189_Course_Delete_btn
mrlan:sunflower
..
compare: kasoka:SeleniumIbrahimUpdate-Ibrahim
Branches Tags
kasoka:Bug200-Ward
kasoka:SeleniumIbrahim-Ibrahim
kasoka:master
kasoka:SeleniumIbrahimUpdate-Ibrahim
kasoka:Bug37-Dmytro
kasoka:bug231-Ibrahim
kasoka:bug312-Golden
kasoka:Bug203-Hui
kasoka:Hui-improve-README.md
kasoka:Hui-UserDoc
kasoka:Hui-DeleteUnnecessaryImages
kasoka:ProjectHomePage
kasoka:Hui-Bug330
kasoka:Hui-CodeIndentation
kasoka:Hui-Bug29
kasoka:Hui-Bug337
kasoka:SIMPLICITY_link
kasoka:Hui-IndentCode
kasoka:Mabasa-bugfix-199
kasoka:Mabasa-readmefix
kasoka:Mvondo-bugfix-21
kasoka:Hui-LecturerEmail
kasoka:SIMPLICITY_Bug-189_Course_Delete_btn
mrlan:Bug197-Zayid
mrlan:Hui-Organize
mrlan:Bug193-Martha
mrlan:Bug430-Eden
mrlan:Bug486-Nartey
mrlan:Nartey-Testscript
mrlan:Eden-Testscript
mrlan:BUG352-NEIL2
mrlan:Bug352-Neil-Revised
mrlan:Bug418-Yaaqob
mrlan:update-MPIANA-tests
mrlan:Bug418-YAAQOB-MPIANA
mrlan:Bug557-Ayoub
mrlan:BUG352-NEIL
mrlan:Bug430-Eden2
mrlan:nar
mrlan:master
mrlan:Hui-improve-README.md
mrlan:Bug469-Hui
mrlan:Bug519-Hui
mrlan:Refactor-Moyo
mrlan:Bug469-kingsley
mrlan:Bug457-YAAQOB
mrlan:Bug510-Abdulai
mrlan:Bug485-Abdulai
mrlan:Xuxuan
mrlan:Bug196-Ward
mrlan:Bug404-Edson
mrlan:niweicong-bug-458-revised
mrlan:Bug34-Lamashevskyi
mrlan:Bug418-Lamashevskyi
mrlan:Bug37-Dmytro
mrlan:Bug_461_Martha
mrlan:niweicong-bug-458&459
mrlan:SPM-Zayid-468
mrlan:Bug23-Haji
mrlan:bug23-Haaji
mrlan:SMP-ZAYID-468-FEATURE
mrlan:LiangLigang
mrlan:Bug256-Umar
mrlan:Bug246-Petros
mrlan:AutoTesting-Golden
mrlan:IDVerificationBug-Golden
mrlan:Bug200-Ward
mrlan:SeleniumIbrahim-Ibrahim
mrlan:SeleniumIbrahimUpdate-Ibrahim
mrlan:bug231-Ibrahim
mrlan:bug312-Golden
mrlan:Bug203-Hui
mrlan:Hui-UserDoc
mrlan:Hui-DeleteUnnecessaryImages
mrlan:ProjectHomePage
mrlan:Hui-Bug330
mrlan:Hui-CodeIndentation
mrlan:Hui-Bug29
mrlan:Hui-Bug337
mrlan:SIMPLICITY_link
mrlan:Hui-IndentCode
mrlan:Mabasa-bugfix-199
mrlan:Mabasa-readmefix
mrlan:Mvondo-bugfix-21
mrlan:Hui-LecturerEmail
mrlan:SIMPLICITY_Bug-189_Course_Delete_btn
mrlan:sunflower

No commits in common. "Hui-Organize" and "SeleniumIbrahimUpdate-Ibrahim" have entirely different histories.
Hui-Organi ... SeleniumIb

53 changed files with 3752 additions and 3759 deletions
Show Stats Expand all files Collapse all files

BIN
.DS_Store vendored Normal file
View File

Binary file not shown.

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
.vscode
.DS_Store

1
.htaccess
View File

@ -1 +0,0 @@
allow from all

532
Admin.php
View File

@ -1,289 +1,243 @@
<?php
include 'NoDirectPhpAcess.php';
?>
<?php
$page = "admin";
include 'Header.php';
?>
<?php
//Only Lecturer or Admin could access this page
if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
die("Sorry. Nothing to see here.");
}
?>
<div class="container">
<br>
<h1 class="display-6"> Administration panel </h1>
<hr>
<div class="row">
<div class="col-md-6">
<!-- Nav tabs -->
<ul class="nav nav-tabs" id="myTab">
<li class="nav-item">
<a class="nav-link active" href="#tab-student-accounts" id="batch_tab">Enter student numbers</a>
</li>
<li class="nav-item">
<a class="nav-link" href="#tab-ins-accounts" id="tab_ins_accounts">Create instructor account</a>
</li>
<li class="nav-item">
<a class="nav-link" href="#tab-existing-accounts" id="existing_accounts_tab">Existing accounts</a>
</li>
</ul>
<!-- Tab panes -->
<div class="tab-content">
<!-- code contributed by Xu Xiaopeng (https://github.com/xxp1999) -->
<div id="tab-student-accounts" class="tab-pane active" style="margin-top:5px">
<p class="text-muted">Copy & paste student number to the following box, and separate two student numbers with a space.</p>
<form action="batch_insert.php" method="post" id="batch_form">
<textarea cols="60" rows="16" name="users" required=""></textarea>
<button type="submit" class="btn btn-primary" id="register_btn">Register students</button>
</form>
</div>
<div id="tab-ins-accounts" class="tab-pane"><br>
<?php
if ($_SESSION['user_type'] == "Lecturer") {
echo "<p class=\"text-muted\">Create TA Accounts</p>";
}
else if($_SESSION['user_type'] == "Admin"){
echo "<p class=\"text-muted\">Create Lecturer Accounts</p>";
}
?>
<form method="post" action="Script.php" id="create_account_form">
<input type="hidden" name="form_createlecturer" value="true" required="" />
Full name
<input type="text" name="fullname" placeholder="Full Name" class="form-control" required=""> <br>
Email
<input type="text" name="email" placeholder="Email / Student Number" class="form-control" > <br>
Initial password (Enter a strong password or leave it empty to let LRR generate one)
<input type="password" class="form-control" name="password" minlength="8" placeholder="Initial password" > <br>
User type:
<?php
if ($_SESSION['user_type'] == "Lecturer") {
echo ' <input type="radio" name="type" value="TA" required="" id="role_TA"> TA (Teaching Assistant) ';
} else if ($_SESSION['user_type'] == "Admin"){
echo " <input type='radio' name='type' value='Lecturer' required='' id='role_lecturer'> Lecturer ";
}
?>
<br><br>
<button type="submit" class="btn btn-primary" name="create_btn">Create</button>
<?php
error_reporting(E_ALL);
if (isset($_SESSION['info_Admin_Users'])) {
echo '<hr><div class="alert alert-warning" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>';
$_SESSION['info_Admin_Users'] = null;
}
?>
</form>
</div>
<div id="tab-existing-accounts" class="tab-pane"><br>
<table class="table" style="font-size: 10pt;">
<tr style="font-size:10pt;">
<th>ID</th>
<th>Name</th>
<th>Email</th>
<th>Reset password </th>
<th>Block/Activate </th>
</tr>
<?php
if ($_SESSION['user_type'] == "Lecturer") {
$user_id = $_SESSION['user_id'];
echo "<script>console.log('here {$user_id}');</script>"; // debug trick
// find the TAs in the courses taught by this instructor
$ta_result = mysqli_query(
$con,
"SELECT TA FROM course_ta INNER JOIN courses_table ON course_ta.Course_ID=courses_table.Course_ID WHERE courses_table.Lecturer_User_ID=$user_id"
);
$ta_ids = array(-1); // -1 is non-existent ID
while ($row = mysqli_fetch_assoc($ta_result)) {
array_push($ta_ids, $row['TA']);
}
$ta_ids2 = implode(', ', $ta_ids);
$result = mysqli_query(
$con,
"SELECT * FROM users_table WHERE UserType in ('TA') and User_ID in ($ta_ids2)"
);
}
else if ($_SESSION['user_type'] == "Admin"){
$result = mysqli_query(
$con,
"SELECT * FROM users_table WHERE UserType in ('Lecturer')"
);
}
$num_rows = 0;
while ($row = mysqli_fetch_assoc($result)) {
$pass = $row['Password'];
$btn = "<button class='btn btn-warning' onclick=\"updatePassword(" . $row['User_ID'] . ",'$pass')\">Reset</button>";
if ($row['Status'] == "Active") {
$newstatus = "Blocked";
$btnBlock = "<button class='btn btn-danger' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"block_account_1\">Block</button>";
} else {
$newstatus = "Active";
$btnBlock = "<button class='btn btn-success' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"activate_account_1\">Activate</button>";
}
echo "<tr><td>" . $row['User_ID'] . "</td><td>" . $row['Full_Name'] . "</td><td>" . $row['Email'] . "</td><td>$btn</td><td>$btnBlock</td></tr>";
$num_rows += 1;
}
if ($num_rows == 0) {
echo "<p>No TA</p>";
}
?>
</table>
</div>
</div>
</div>
<div class="col-md-6">
<ul class="nav nav-tabs" id="myTab">
<li class="nav-item">
<a class="nav-link active" href="#tab-existing-courses" id="existing_courses">Existing courses</a>
</li>
</ul>
<div id="tab-existing-courses" class="tab-pane active"><br>
<p class="text-muted"> Past courses </p>
<table class="table" style="font-size: 10pt;">
<tr>
<th>Course name</th>
<th>Faculty</th>
<th>Lecturer</th>
<th>TAs</th>
<th>Assign a new TA </th>
</tr>
<?php
$user_id = $_SESSION['user_id'];
if ($_SESSION['user_type'] == 'Lecturer') {
$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `TA_User_ID`, `Course_Code`, `Full_Name` FROM courses_table INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID WHERE User_ID=$user_id ORDER BY Academic_Year DESC;");
} else if ($_SESSION['user_type'] == 'Admin') {
$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `TA_User_ID`, `Course_Code`, `Full_Name` FROM courses_table INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID ORDER BY Academic_Year DESC;");
}
if (mysqli_num_rows($result) != 0) {
$counter = 0;
while ($row = mysqli_fetch_assoc($result)) {
$name = $row['Course_Name'];
$code = $row['Course_Code'];
$faculty = $row['Faculty'];
$lecturer = $row['Full_Name'];
$academic = $row['Academic_Year'];
$c_id = $row['Course_ID'];
$counter += 1;
$resultTA = mysqli_query($con, "SELECT `Course_ID`, `TA`, users_table.Full_Name as TA_NAME FROM course_ta INNER JOIN users_table on users_table.User_ID=course_ta.TA where course_ta.Course_ID=$c_id");
$ta = "";
while ($rowTA = mysqli_fetch_assoc($resultTA)) {
$ta = $ta . " " . $rowTA['TA_NAME'];
}
echo "
<tr> <td>$code - $name</td> <td>$faculty </td> <td>$lecturer</td><td>$ta</td> <td><form method='get' action='Script.php' id='drop_menu_form_$counter'> <select name='ta' class=''>";
$resultx = mysqli_query($con, "SELECT * FROM users_table WHERE UserType='TA'");
if (mysqli_num_rows($resultx) == 0) {
} else {
while ($row = mysqli_fetch_assoc($resultx)) {
$id = $row['User_ID'];
$name = $row['Full_Name'];
echo "<option value='$id'> $name </option>";
}
}
echo "</select> <input type='hidden' name='assignTA' value='true'> <input type='hidden' name='id' value='$c_id'> <button class='btn btn-outline-secondary btn-sm' type='submit' id='assign_btn_$counter'>assign</button></form> </td></tr>
";
}
}
?>
</table>
</div>
</div>
</div>
</div>
<?php include 'Footer.php';?>
<script>
/** After creating a TA account, stay on the same tab "Create instructor account"
Side effect: ?tacreated will be appended on the URL
*/
document.addEventListener("DOMContentLoaded", () => {
const url = new URL(window.location.href);
if (url.searchParams.has('tacreated')) {
const elem = document.querySelector('#tab_ins_accounts');
elem.click();
}
});
</script>
<script>
function updatePassword(id, pass) {
if (!confirm('Are you sure to reset user password?')) {
return;
}
window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
}
function blockUser(id, status) {
if (!confirm('Are you sure to change user status?')) {
return;
}
window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status;
}
/* For tabs to work */
const triggerTabList = document.querySelectorAll('#myTab a')
triggerTabList.forEach(triggerEl => {
const tabTrigger = new bootstrap.Tab(triggerEl)
triggerEl.addEventListener('click', event => {
event.preventDefault()
tabTrigger.show()
})
})
</script>
</body>
</html>
<?php
include 'NoDirectPhpAcess.php';
?>
<?php
$page = "admin";
include 'Header.php';
?>
<?php
if ($_SESSION['user_type'] != "Lecturer") {
$_SESSION["info_login"] = "You must log in first.";
echo $_SESSION["info_login"];
header("Location: index.php");
}
?>
<style>
.col-md-4 {
border-right: 1px solid skyblue;
}
</style>
<br>
<div style="width: 80%;margin: auto;">
<h2> Administration Panel </h2>
</div>
<hr>
<div class="row" style="width: 80%;margin: auto;">
<!--<h4>General system Settings</h4><hr>
<a href="" class="btn btn-lg btn-primary">View System Log </a>
<hr>
Lab Privacy Mode: (STUDENT VERIFICATION)
<hr>
-->
<div class="col-md-6">
<h4> User Account Management </h4>
<hr>
<b>Lecturer / TA Accounts </b><br>
<div class="container">
<!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist">
<li class="nav-item">
<a class="nav-link active" data-toggle="tab" href="#home">Create New Account</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu2" id="batch_tab">Batch Create New Student Accounts</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu1" id="existing_accounts_tab">Existing Accounts</a>
</li>
</ul>
<!-- Tab panes -->
<div class="tab-content">
<div id="home" class="container tab-pane active"><br>
<b>Create Lecturer/TA Accounts </b>
<form method="post" action="Script.php" id="create_account_form">
<input type="hidden" name="frm_createlecturrer" value="true" required="" />
Full_Name
<input type="text" name="fullname" placeholder="Full Name" class="form-control" required="">
Email
<input type="text" name="email" placeholder="Email / Student Number" class="form-control" required="">
Passport_Number / ID (Used as Intial Password)
<input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required="">
<br> User Type :
<input type="radio" name="type" value="Lecturer" required="" id="role_lecturer"> Lecturer
<input type="radio" name="type" value="TA" required="" id="role_TA"> T/A
<input type="submit" class="btn btn-primary" value="Create" id="create_btn"><br>
<?php
error_reporting(E_ALL);
if (isset($_SESSION['info_Admin_Users'])) {
echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>';
$_SESSION['info_Admin_Users'] = null;
}
if (isset($_SESSION['info_Admin_Users'])) {
echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>';
$_SESSION['info_Admin_Users'] = null;
}
?>
</form>
<hr>
</div>
<div id="menu1" class="container tab-pane fade"><br>
<table class="table-bordered" style="font-size: 10pt;">
<tr style="font-size:10pt;">
<th>ID</th>
<th>Name</th>
<th>Email</th>
<th>Passport / ID </th>
<th>Reset Password </th>
<th>Block/Activate </th>
</tr>
<?php
$result = mysqli_query(
$con,
"SELECT * FROM Users_Table WHERE UserType in ('Lecturer','TA')"
);
while ($row = mysqli_fetch_assoc($result)) {
$pass = $row['Passport_Number'];
$btn = "<button class='btn-primary' onclick=\"updatePass(" . $row['User_ID'] . ",'$pass')\">Reset</button>";
if ($row['Status'] == "Active") {
$newstatus = "Blocked";
$btnBlock = "<button class='btn-danger' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"block_account_1\">Block</button>";
} else {
$newstatus = "Active";
$btnBlock = "<button class='btn-success' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"activate_account_1\">Activate</button>";
}
echo "<tr><td>" . $row['User_ID'] . "</td><td>" . $row['Full_Name'] . "</td><td>" . $row['Email'] . "</td> <td>" . $row['Passport_Number'] . "</td><td>$btn</td><td>$btnBlock</td></tr>";
}
?>
</table>
</div>
<!-- code contributed by Xu Xiaopeng (https://github.com/xxp1999) -->
<div id="menu2" class="container tab-pane fade" style="margin-top:10px">
<b>Separate two student numbers with a space.</b><br>
<form action="batch_insert.php" method="post" id="batch_form">
<p>
<textarea cols="80" rows="16" name="users" required=""></textarea>
</p>
<input type="submit" class="btn btn-primary" value="Register Students" id="register_btn"><br>
</form>
</div>
</div>
</div>
</div>
<div class="col-md-6">
<div class="container">
<!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist">
<li class="nav-item">
<a class="nav-link active" data-toggle="tab" href="#menub">Existing Courses</a>
</li>
</ul>
<!-- Tab panes -->
</div>
<div id="menub" class="container tab-pane active"><br>
<b> Existing Course Portals </b>
<hr>
<table class="table-bordered" style="font-size: 10pt;">
<tr>
<th>Course Name </th>
<th> Faculty </th>
<th>Lecturer </th>
<th>TAs</th>
<th>Assign new TA </th>
</tr>
<?php
$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID");
if (mysqli_num_rows($result) == 0) {
} else {
while ($row = mysqli_fetch_assoc($result)) {
$name = $row['Course_Name'];
$code = $row['Course_Code'];
$faculty = $row['Faculty'];
$lecturer = $row['Full_Name'];
$academic = $row['Academic_Year'];
$c_id = $row['Course_ID'];
$resultTA = mysqli_query($con, "SELECT `Course_ID`, `TA`,users_table.Full_Name as TA_NAME FROM `course_ta`
INNER JOIN users_table on users_table.User_ID=course_ta.TA
where course_ta.Course_ID=$c_id");
$ta = "";
while ($rowTA = mysqli_fetch_assoc($resultTA)) {
$ta = $ta . " - " . $rowTA['TA_NAME'];
}
echo "
<tr> <td>$code - $name</td> <td>$faculty </td> <td>$lecturer</td><td>$ta</td> <td><form method='get' action='Script.php'> <select name='ta' class=''>";
$resultx = mysqli_query($con, "SELECT * FROM Users_Table WHERE UserType='TA'");
if (mysqli_num_rows($resultx) == 0) {
} else {
while ($row = mysqli_fetch_assoc($resultx)) {
$id = $row['User_ID'];
$name = $row['Full_Name'];
echo "<option value='$id'> $name </option>";
}
}
echo "</select> <input type='hidden' name='assignTA' value='true'> <input type='hidden' name='id' value='$c_id'> <input type='submit' value='assign'></form> </td></tr>
";
}
} ?>
</table>
</div>
</div>
</div>
<script>
function updatePass(id, pass) {
if (!confirm('Are you to Reset User Password')) {
return;
}
window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
}
function blockUser(id, status) {
if (!confirm('Are you to change User Status')) {
return;
}
window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status;
}
</script>

1321
Course.php
View File

File diff suppressed because it is too large Load Diff

986
Courses.php
View File

File diff suppressed because it is too large Load Diff

7
Download.php
View File

@ -7,11 +7,6 @@ session_start();
// 修改这一行设置你的文件下载目录
// IMPORTANT: Do not delete the following conditional test
if (strpos($_GET['file'], "../") !== false) { // 检查是否有 ../,防止用户构造路径,访问某个他不应该访问的目录
die("Sorry. Nothing to download.");
}
$file = "./../../lrr_submission".$_GET['file'];
$filename = basename($file);
@ -25,7 +20,7 @@ $type = filetype($file);
$today = date("F j, Y, g:i a");
$time = time();
if ((isset($_SESSION["user_student_id"]) && (strpos($file, $_SESSION["user_student_id"]) > 0 || strpos($file, "Lab_Report_Assignments"))) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA" ) {
if ( (isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"])) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA") {
// 发送文件头部
header("Content-type: $type");
header('Content-Disposition: attachment;filename="'.urldecode($filename).'"');

7
Footer.php
View File

@ -1,3 +1,4 @@
<?php
echo "<p id='myfooter' class='text-center'>Copyright &copy; 2018-" . date("Y") . " The Authors</p>";
?>
<br><br><br><br><br><br><br><br><br>
<div style="background-color:white;width:100%di">
</div>

281
Header.php
View File

@ -4,197 +4,168 @@ error_reporting(0);
date_default_timezone_set('Asia/Shanghai');
include "get_mysql_credentials.php";
try {
$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
} catch (mysqli_sql_exception $e) {
echo $e->getMessage();
}
$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
// Check database connection
if (mysqli_connect_errno()) {
echo " Error number: ".mysqli_connect_errno();
exit();
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
?>
<!DOCTYPE html>
<html lang="en-US">
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>LRR</title>
<head>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-4bw+/aepP/YC94hEpVNVgiZdgIC5+VKNBQNGCHeKRQN+PtmoHDEXuppvnDJzQIu9" crossorigin="anonymous">
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/bootstrap.bundle.min.js" integrity="sha384-HwwvtgBNo3bZJJLYd8oVXjrBZt8cqVSpeBNS5n7C8IVInixGAoxmnlMuBnhbgrkm" crossorigin="anonymous"></script>
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" />
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" />
<!-- *this css file can be used across all the websites
and any new css class can be added there.
* The reason is to make the css code reusable.
* the css file is used by submissions.php
-->
<link href = "./css/main.css" rel="stylesheet" type="text/css" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js" integrity="sha512-3gJwYpMe3QewGELv8k/BX9vcqhryRdzRMxVfq6ngyWXwo03GFEzjsUm8Q7RZcHPHksttq7/GFoxjCVUjkjvPdw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script src="./css/jquery.datetimepicker.min.js" type="text/javascript"></script>
<script src="./css/jquery.min.js" type="text/javascript"></script>
<script src="./css/bootsrap.min.js" type="text/javascript"></script>
<script src="./css/jquery.datetimepicker.min.js" type="text/javascript"></script>
<style>
</head>
.btn-default {
border: 2px solid #f8f8f8;
width: 100%;
text-align: left;
margin: 4px auto;
}
<body>
.btn-default:hover {
background: #f8f8f8;
}
<nav class="navbar navbar-expand-lg navbar-dark bg-dark" style="padding-left:150px;padding-right:150px;margin:auto;">
<a class="navbar-brand" href="~\..\index.php"> <img src="logo.png" style="width:30px;height:30px;"> LRR </a>
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarColor02" aria-controls="navbarColor02" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
h1,
h2,
h3,
h4 {
color: #03407B;
}
<div class="collapse navbar-collapse" id="navbarColor02">
<ul class="navbar-nav mr-auto">
<li class="nav-item active">
a {
color: #03407B;
}
<li class="nav-item active">
<!-- <a class='nav-link' href='~\..\Visitors.php'> <i class='fa fa-globe'></i> Visitor Portal <span class='sr-only'>(current)</span></a> -->
</li>
<?php
if (isset($_SESSION["user_fullname"])) {
.break-word {
word-wrap: break-word;
white-space: -moz-pre-wrap !important;
/* Mozilla, since 1999 */
white-space: -pre-wrap;
/* Opera 4-6 */
white-space: -o-pre-wrap;
/* Opera 7 */
white-space: pre-wrap;
/* css-3 */
word-wrap: break-word;
/* Internet Explorer 5.5+ */
white-space: -webkit-pre-wrap;
/* Newer versions of Chrome/Safari*/
word-break: break-all;
white-space: normal;
}
echo " <a class='nav-link' href='~\..\Courses.php'><i class='fa fa-book'></i> Courses <span class='sr-only'>(current)</span></a>";
?>
</li>
</ul>
<form class="form-inline my-2 my-lg-0" style="color:#fff;">
Welcome &nbsp; <b> <?php echo $_SESSION['user_fullname']; ?> </b> &nbsp;
.ui-widget-content.ui-dialog {
border: 2px solid #03488B;
<?php
$c_date = date("Y-m-d H:i");
if (isset($_SESSION['user_student_id']))
echo "(" . $_SESSION['user_type'] . " - " . $_SESSION['user_student_id'] . ") ";
else
echo "(" . $_SESSION['user_type'] . ") ";
?>
}
<?php
if ($_SESSION['user_type'] == "Lecturer") {
echo "&nbsp;&nbsp;&nbsp; <i class=\"fa fa-cog\" style=\"color:#fff;\"> </i> &nbsp;<a style='color:#fff !important' href=\"~\..\Admin.php\" id=\"admin_tab\">Admin </a>";
}
?>
.ui-dialog>.ui-widget-header {
background: #03488B;
color: white
}
&nbsp;&nbsp;&nbsp; <i class="fa fa-user" style="color:#fff;"> </i>
&nbsp;<a href="#" style='color:#fff !important' onclick="updatePass(<?php echo $_SESSION['user_id']; ?>)">Update password</a>
&nbsp;&nbsp;&nbsp; <i class="fa fa-lock" style="color:#fff;"> </i> &nbsp;<a style='color:#fff !important' href="~\..\logout.php">Logout </a>
.ui-button {
background: #03488B;
color: white
}
<?php
}
?>
</form>
</div>
</nav>
.ui-dialog-titlebar-close::before {
content: "X";
position: absolute;
top: 1px;
left: 3px;
line-height: 1rem;
<style>
.nav-item {
border-color: #00ff66;
}
#footer{
position:fixed;
bottom:0;
left:0;
text-align:center;
width:100%;
}
.nav-tabs {
border-color: #00ff66;
}
.form-control{
padding-top: 1px;
padding-bottom:1px;
}
.btn-default {
border: 2px solid #00ff66;
width: 100%;
text-align: left;
margin: 3px auto;
font-weight: bold;
font-size: 13pt;
}
.table-bordered {
padding: 5px !important;
}
</style>
.alert {
font-weight: bold;
}
</head>
h1,
h2,
h3,
h4 {
color: #03407B;
}
<body>
a {
color: #03407B;
}
<nav class="navbar navbar-expand-lg bg-body-tertiary" style="padding-left:180px;padding-right:150px;margin:auto;">
<div class="container-fluid">
.break-word {
word-wrap: break-word;
white-space: -moz-pre-wrap !important;
/* Mozilla, since 1999 */
white-space: -pre-wrap;
/* Opera 4-6 */
white-space: -o-pre-wrap;
/* Opera 7 */
white-space: pre-wrap;
/* css-3 */
word-wrap: break-word;
/* Internet Explorer 5.5+ */
white-space: -webkit-pre-wrap;
/* Newer versions of Chrome/Safari*/
word-break: break-all;
white-space: normal;
}
<a class="navbar-brand" href="~\..\index.php"> <img src="logo.png" style="width:30px;height:30px;" alt="LRR Logo"> LRR </a>
.ui-widget-content.ui-dialog {
border: 2px solid #03488B;
<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNavAltMarkup" aria-controls="navbarNavAltMarkup" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
}
<div class="collapse navbar-collapse" id="navbarNavAltMarkup">
<div class="navbar-nav">
.ui-dialog>.ui-widget-header {
background: #03488B;
color: white
}
<a class="nav-link" href="#">
<?php
if (isset($_SESSION["user_fullname"])) {
echo "<b>" . $_SESSION['user_fullname'] . "</b>";
}
?>
.ui-button {
background: #03488B;
color: white
}
</style>
&nbsp;
<script>
function updatePass(id) {
<?php
$c_date = date("Y-m-d H:i");
if (isset($_SESSION['user_student_id']))
echo "(" . $_SESSION['user_type'] . " ID: " . $_SESSION['user_student_id'] . ") ";
elseif (isset($_SESSION['user_type']))
echo "(" . $_SESSION['user_type'] . ") ";
?>
</a>
var pass = prompt("Enter your new password : ", "Enter a strong password");
<?php
if (isset($_SESSION["user_fullname"])) {
if ($_SESSION['user_type'] == "Student" || $_SESSION['user_type'] == 'Lecturer') {
echo "<a class='nav-link' href='~\..\Courses.php'><i class='fa fa-book'></i> My courses </a>";
}
?>
if (!confirm('Are you sure you want to reset your password?')) {
return;
}
window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
}
<?php
if ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == 'Admin') { // Show Admin link
echo "&nbsp;&nbsp;&nbsp;&nbsp;<a class='nav-link' href=\"~\..\Admin.php\" id=\"admin_tab\"><i class='fa fa-cog'></i>Admin</a>";
}
?>
&nbsp;&nbsp;&nbsp;&nbsp;
<a class="nav-link" href="#" onclick="updatePass(<?php echo $_SESSION['user_id']; ?>)"><i class="fa fa-user"> </i> Update password</a>
&nbsp;&nbsp;&nbsp;&nbsp;
<a class="nav-link" href="~\..\logout.php"><i class="fa fa-lock"> </i> Logout</a>
<?php
} // Closing this conditional test block: if (isset($_SESSION["user_fullname"])) { ...
?>
</div>
</div>
</div>
</nav>
<script>
function updatePass(id) {
const pass = prompt("Enter your new password : ", "Enter a strong password");
if (!confirm('Are you sure you want to reset your password?')) {
return;
}
window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
}
</script>
function blockUser(id, status) {
if (!confirm('Are you sure you want to change user status?')) {
return;
}
window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status;
}
</script>

10
NoDirectPhpAcess.php
View File

@ -1,7 +1,7 @@
<?php
// https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file
if (!isset($_SERVER['HTTP_REFERER']) ) {
/* choose the appropriate page to redirect users */
die( header( 'location: logout.php' ) );
}
// https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file
if (!isset($_SERVER['HTTP_REFERER']) ) {
/* choose the appropriate page to redirect users */
die( header( 'location: index.php' ) );
}
?>

104
README.md
View File

@ -3,9 +3,9 @@
LRR (Lab Report Repository) is an online software application for course instructors to post, receive and mark assignments, and for students to submit assignments, or submit re-marking requests.
This software was originally developed by Mahomed Nor in 2018, a graduate student in the Department of Computer Science at the Zhejiang Normal University,
while he was taking a graduate course called Advanced Software Engineering.
while he was taking a graduate course called **Advanced Software Engineering** (http://lanlab.org/course/2018f/se/homepage.html).
For potential project contributors, we recommend that you browse its home page at ./homepage/index.html first to familiarize yourself with the project.
The LRR's project home page is at http://121.4.94.30/homepage/. For potential project contributors, we recommend that you browse its home page first to familiarize yourself with the project.
@ -18,17 +18,15 @@ Our mission is to make the experience of submitting assignments great for tens o
# Installation Instructions
## Hui steps
## Hui's steps
I spent about two hours installing LRR to a bare, remote Ubuntu server (Ubuntu 20.04 LTS).
LRR needs Apache and MySQL to run. I followed [How To Install Linux, Apache, MySQL, PHP (LAMP) stack on Ubuntu 20.04](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-20-04) to set up these server applications. [How to install and configure PHP](https://ubuntu.com/server/docs/programming-php) is also a good guide.
LRR needs Apache and MySQL to run. I followed [How To Install Linux, Apache, MySQL, PHP (LAMP) stack on Ubuntu 20.04](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-20-04) to set up these server applications.
LRR uses a database called `lrr`. So create this database using MySQL root account. Open MySQL's prompt using `sudo mysql`. Create the database using command `CREATE DATABASE lrr;`, and grant all privileges to MySQL user `lrr` using command `GRANT ALL PRIVILEGES ON lrr.* TO 'mnc'@'localhost' WITH GRANT OPTION;`. If MySQL user mnc does not exist, create it using command `CREATE USER 'mnc'@'localhost' IDENTIFIED BY 'password'`.
To facilitate data migration, I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server.
The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.sql`, where mnc after -u is MySQL's username, and lrr after -p is the database name.
The command for importing is `mysql -u username -p lrr < lrr_database_dump.sql`. You must create database `lrr` first on your computer before doing the import. Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail. Do not have lrr_database_dump.sql? You can use lrr_database.sql in this repo instead.
LRR uses a database called `lrr`. I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server.
The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.txt`.
The command for importing is `mysql -u mnc -p lrr < lrr_database_dump.txt`. Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail.
LRR also needs to store assignment submissions. We store them in a folder called `../../lrr_submission`. Note that `lrr_submission` is two levels above the project folder (where many PHP files reside). I copied this folder from the existing one. I think it is also OK if you create an empty folder.
We need to set a proper owner and accessibility for `lrr_submission` using the following two commands:
@ -51,32 +49,7 @@ Enable the site lrr: `sudo a2ensite lrr`. Restart the apache server: `sudo syst
Visit the LRR application by entering this URL in a web browser: http://121.4.94.30/.
### Solving the coding problems in the dump file
If the database contains Chinese characters, the dump file (e.g., lrr_database_dump.sql) may contain *weird* characters, e.g., `研究生`, so weird that no one can tell their meaning.
We need to correct these abnormal characters before we import them to the new database, so that the PHP program can correctly display Chinese information.
The simplest solution is using the ftfy (fixes text for you) Python package to convert them, as follows:
```
from ftfy import fix_text
with open('lrr_database_dump.sql') as f:
content = f.read()
content2 = fix_text(content)
with open('lrr_database_dump_sql_fixed.txt', 'w') as f:
f.write(content2)
```
Now, import data using lrr_database_dump_sql_*fixed*.txt.
If you encounter the 'Unknown MySQL server host' problem during import, replace all apostrophes with a space in the dump file. For example, if a database table field contains *can't*, then the apostrophe between *n* and *t* can cause that problem.
## Enock steps
## Enock's steps
Enock, a graduate student here, has made a tutorial about how he deployed LRR to a remote server (http://lanlab.org/course/2021s/spm/PuTTY-Server.txt).
@ -159,16 +132,7 @@ https://github.com/spm2020spring/TeamCollaborationTutorial/blob/master/team.rst
## Testing
Make sure your changes can pass all the tests in folder ./test.
You cannot do too much unit testing for LRR because it almost does not
have functions or classes. However, you can do end-to-end testing.
It is important that you *restore* the database each time before your
run a test case. The fixture *restore_database* in ./test/conftest.py
is used to restore the database. Please check that. A use case for
this fixture can be found in the test script
./test/SeleniumMpiana/test_bug418_yaaqob.py. You could run this test script
by typing the following command: `pytest ./SeleniumMpiana/test_bug418_yaaqob.py`
Make sure your changes can pass all the tests in folder [./test](http://121.4.94.30:3000/mrlan/LRR/src/branch/master/test).
## Communications Method
@ -182,10 +146,10 @@ We can also communicate through pull requests. You make a pull request, I revie
## Frequently Asked Questions
1. Q: The web application's front page does not show properly, i.e., elements are not well aligned.
1. Q: The web application's front page does not show properly, i.e., elements are not well aligned.
A: You missed two folders `css` and `font-awesome`. These folders include third-party js or css files and therefore are not included.
1. Q: What if I do not have any information about the `lrr` database?
1. Q: What if I do not have any information about the `lrr` database?
A: You could use `lrr_database.sql` to make a new database.
@ -207,49 +171,49 @@ We can also communicate through pull requests. You make a pull request, I revie
GitHub Account - Full Name - Student number
CODEwithZAKI - Omar Mohamud Mohamed - 2020041
CODEwithZAKI - Omar Mohamud Mohamed - 202025800041
BloudYoussef - Khayat Youssef - 2020042
BloudYoussef - Khayat Youssef - 202025800042
TanakaMichelle - Tanaka Michelle Sandati - 2017134
TanakaMichelle - Tanaka Michelle Sandati - 201732120134
WhyteAsamoah - Yeboah Martha Asamoah - 2017135
WhyteAsamoah - Yeboah Martha Asamoah - 201732120135
xiaoyusoil - ZhengXiaoyu - 2017110
xiaoyusoil - ZhengXiaoyu - 201732120110
Benny123-cell - ZhangBin - 2017127
Benny123-cell - ZhangBin - 201732120127
421281726 - LiJiaxing - 2017118
421281726 - LiJiaxing - 201732120118
zhenghongyu-david - ZhengHongyu - 2017128
zhenghongyu-david - ZhengHongyu - 201732120128
wkytz - YeHantao - 2017125
wkytz - YeHantao - 201732120125
zego000 - GaoZeng - 2017117
zego000 - GaoZeng - 201732120117
Richard1427 - XieJiacong - 2017123
Richard1427 - XieJiacong - 201732120123
yutengYing - YingYuteng - 2017126
yutengYing - YingYuteng - 201732120126
Samrusike - Samantha Rusike - 2016140
Samrusike - Samantha Rusike - 201632120140
*enockkays* <enockkhondowe94@yahoo.com>
*Teecloudy* - Ashly Tafadzwa Dhani - 201150
*Teecloudy* - Ashly Tafadzwa Dhani - 201632120150
GuedaliaBonheurSPM - Guedalia Youma - 2019221
GuedaliaBonheurSPM - Guedalia Youma - 201925800221
ACorneille - Alimasi Corneille - 2019168
ACorneille - Alimasi Corneille - 201925800168
Tabithakipanga - Kipanga Dorcas - 2019170
Tabithakipanga - Kipanga Dorcas - 201925800170
Mary-AK - Mary Akussah Doe - 2019173
Mary-AK - Mary Akussah Doe - 201925800173
pkkumson - Kumson Princewill Kum - 2019166
pkkumson - Kumson Princewill Kum - 201925800166
Twizere - Twizere Pacifique - 2019174
Twizere - Twizere Pacifique - 201925800174
Nicole-Rutagengwa - Nicole Rutagengwa - 2019169
Nicole-Rutagengwa - Nicole Rutagengwa - 201925800169
*hema-001* - Ibrahim Mohamed Ibrahim Ismail - omitted
@ -258,6 +222,6 @@ Nicole-Rutagengwa - Nicole Rutagengwa - 2019169
# References
- 詹沈晨. (2020). 网页程序测试自动化 (Selenium) 测试效率.
- 詹沈晨. (2020). [网页程序测试自动化 (Selenium) 测试效率](http://lanlab.org/ZhanShenchen-On-Automated-Web-Application-Test-Efficiency-with-Selenium.doc)
- Ibrahim. (2021). Defect analysis for LRR]
- Ibrahim. (2021). [Defect analysis for LRR](http://lanlab.org/thesis/Defect-Analysis-for-LRR.docx)

49
Reset_password.php Normal file
View File

@ -0,0 +1,49 @@
<?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
include 'Header.php';
$token=$_GET['token'];
$email=$_GET['email'];
?>
<div class="row">
<div class="col-md-4 list-group" style="margin:auto;">
<br>
<h4 class="list-group-item active"> Reset your password </h4>
<div class="list-group-item">
<div class="panel-body">
<form method="post" action="Script.php" >
<input type="hidden" name="frm_reset_password" value="true"/>
<input type="hidden" name="token" value="<?php echo $token ?>"/>
Email
<input type="text" name="email" readonly="" placeholder="Enter your Email" class="form-control" value="<?php echo $email; ?>">
<br>
New Password
<input type="password" name="password" placeholder="Enter your new Password" class="form-control" value="">
<br>
<input type="submit" class="btn btn-primary" value="Reset">
<br>
<?php
?>
</form>
</div>
</div>
</div>
</div>
</form>
</div>
</div>

516
Script.php
View File

@ -2,7 +2,6 @@
include 'NoDirectPhpAcess.php';
?>
<?php
/*
@ -13,6 +12,7 @@ session_start();
date_default_timezone_set('Asia/Shanghai');
// Connect to MySQL database
include "get_mysql_credentials.php";
$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
@ -34,99 +34,52 @@ function is_valid_student_number($student_id)
}
// ############################### SIGN UP ##################################
if (!empty($_POST["form_signup"])) {
$student_id = trim(mysqli_real_escape_string($con, $_POST["user_student_id"]));
$email = mysqli_real_escape_string($con, $_POST["email"]);
$password = mysqli_real_escape_string($con, $_POST["password"]);
$confirmpassword = mysqli_real_escape_string($con, $_POST["confirmpassword"]);
$upperLetter = preg_match('@[A-Z]@', $password);
$smallLetter = preg_match('@[a-z]@', $password);
$containsDigit = preg_match('@[0-9]@', $password);
$containsSpecial = preg_match('@[^\w]@', $password);
$containsAll = $upperLetter && $smallLetter && $containsDigit && $containsSpecial;
// check for strong password
if (!$containsAll) {
$_SESSION['info_signup'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and special characters (e.g., !?.,*^).";
header("Location: signup.php");
return;
}
// Check confirmed password
if (strcasecmp($password, $confirmpassword) != 0) {
$_SESSION['info_signup'] = "Password confirmation failed.";
header("Location: signup.php");
return;
}
// validate email
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$_SESSION['info_signup'] = "Invalid email address.";
header("Location: signup.php");
return;
}
// check if email is taken
$result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
if (mysqli_num_rows($result) != 0) {
$_SESSION["info_signup"] = "Email address " . $email . " is already in use. You have already signed up?";
}
$_SESSION['user_fullname'] = $_POST["fullname"];
$_SESSION['user_fullname_temp'] = $_POST["fullname"];
$_SESSION['user_email'] = $_POST["email"];
$_SESSION['user_student_id_temp'] = $_POST["user_student_id"];
if (!empty($_POST["frm_signup_1"])) {
$student_id = trim(mysqli_real_escape_string($con, $_POST["student_id"]));
// validate student number
if (!is_valid_student_number($student_id)) {
$_SESSION["info_signup"] = "Invalid student number.";
$_SESSION['user_fullname'] = null;
header("Location: signup.php");
$_SESSION["info_signup1"] = "Invalid student number.";
header("Location: index.php");
return;
}
// Check if this student number is a legal one
$result = mysqli_query($con, "SELECT * FROM `students_data` WHERE Student_ID='$student_id'");
if (mysqli_num_rows($result) == 0) {
$_SESSION["info_signup"] = "Your entered student number could not be verified. Please contact Student Management Office <lanhui at zjnu.edu.cn>. Thanks.";
$_SESSION['user_fullname'] = null;
header("Location: signup.php");
$_SESSION["info_signup1"] = "Your entered student number could not be verified. Please contact Student Management Office <lanhui at zjnu.edu.cn>. Thanks.";
header("Location: index.php");
return;
}
// Check if the student number isn't already registered
$student_result = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
if (mysqli_num_rows($student_result) > 0) {
$_SESSION["info_signup"] = "This Student ID is already in use! Please contact Student Management Office <lanhui at zjnu.edu.cn> for help.";
$_SESSION['user_fullname'] = null;
$result98 = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
if (mysqli_num_rows($result98) == 0) {
$_SESSION['user_student_id'] = $student_id;
header("Location: signup.php");
return;
} else {
$_SESSION["info_signup1"] = "This Student ID is already in use! Please contact Student Management Office <lanhui at zjnu.edu.cn> for help.";
header("Location: index.php");
return;
}
}
// ############################### CREATE STUDENT USER ##################################
if (!empty($_POST["form_signup"])) {
if (!empty($_POST["frm_signup_2"])) {
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
$student_id = mysqli_real_escape_string($con, $_POST["user_student_id"]);
$email = mysqli_real_escape_string($con, $_POST["email"]);
$password = mysqli_real_escape_string($con, $_POST["password"]);
$confirmpassword = mysqli_real_escape_string($con, $_POST["confirmpassword"]);
$_SESSION['user_student_id'] = $_POST["student_id"];
$_SESSION['user_fullname'] = $fullname;
$_SESSION['user_type'] = "Student";
$_SESSION['user_email'] = $email;
$_SESSION['user_student_id'] = $student_id;
// check confirmed password
if (strcasecmp($password, $confirmpassword) != 0) {
$_SESSION['info_signup'] = "Password confirmation failed.";
$_SESSION['info_signup2'] = "Password confirmation failed.";
$_SESSION['user_fullname'] = null; // such that Header.php do not show the header information.
header("Location: signup.php");
return;
@ -134,9 +87,7 @@ if (!empty($_POST["form_signup"])) {
// validate email
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$_SESSION['info_signup'] = "Invalid email address.";
$_SESSION['user_fullname'] = null;
$_SESSION['info_signup2'] = "Invalid email address.";
header("Location: signup.php");
return;
}
@ -149,9 +100,7 @@ if (!empty($_POST["form_signup"])) {
// check for strong password
if (!$containsAll) {
$_SESSION['info_signup'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and special characters (e.g., !?.,*^).";
$_SESSION['user_fullname'] = null;
$_SESSION['info_signup2'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and sepcial characters (e.g., !?.,*^).";
header("Location: signup.php");
return;
}
@ -160,21 +109,16 @@ if (!empty($_POST["form_signup"])) {
$result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
if(mysqli_num_rows($result) != 0)
{
$_SESSION["info_signup"]="Email address ".$email." is already in use. Do you have an old LRR account?";
$_SESSION["info_signup2"]="Email address ".$email." is already in use.";
$_SESSION['user_fullname'] = null;
header("Location: signup.php");
return;
}
$_SESSION['user_type'] = "Student";
$_SESSION['user_email'] = $email;
$_SESSION['user_student_id'] = $student_id;
// apply password_hash()
$password_hash = password_hash($password, PASSWORD_DEFAULT);
$sql = "INSERT INTO `users_table`(`Email`, `Password`, `HashPassword`, `Full_Name`, `UserType`, `Student_ID`) VALUES "
. "('$email','$password_hash','','$fullname','Student','$student_id')";
$_SESSION['user_fullname'] =$_SESSION['user_fullname_temp'];
$sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`, `Student_ID`) VALUES "
. "('$email','$password_hash','$fullname','Student','$student_id')";
if ($con->query($sql) === TRUE) {
header("Location: Courses.php");
@ -185,20 +129,16 @@ if (!empty($_POST["form_signup"])) {
// ################################ LOGIN #####################################
if (!empty($_POST["form_login"])) {
if (!empty($_POST["frm_login"])) {
$user = mysqli_real_escape_string($con, $_POST["user"]); // user could be a 12-digit student number or an email address
$is_student_number = 0;
$_SESSION["failed_login_user"] = $user; // Save the entered username in a session variable
echo "Failed login user: " . $_SESSION["failed_login_user"];
// Validate student number
if (is_valid_student_number($user)) {
$is_student_number = 1;
}
// Validate email address if what provided is not a student number
if (!$is_student_number && !filter_var($user, FILTER_VALIDATE_EMAIL)) {
$_SESSION["info_login"] = "Invalid email address: " . "$user";
@ -209,7 +149,7 @@ if (!empty($_POST["form_login"])) {
$password = mysqli_real_escape_string($con, $_POST["password"]);
$result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')");
if (mysqli_num_rows($result) == 0) {
$_SESSION["info_login"] = "Invalid user name information.";
$_SESSION["info_login"] = "Inavlid user name information.";
echo $_SESSION["info_login"];
header("Location: index.php");
} else {
@ -240,26 +180,17 @@ if (!empty($_POST["form_login"])) {
header("Location: Admin.php");
}
// report wrong pass if not correct
return;
} else {
} else {
$_SESSION["wrong_pass"] = "Wrong Password.";
echo $_SESSION["wrong_pass"]; // Optional: Display the error message for debugging
header("Location: index.php");
exit(); // Add this line to prevent further execution after redirect
}
// Add the following line to reset the session variable when needed
unset($_SESSION["failed_login_user"]);
}
}
}
// ################################ Recover Password #####################################
if (!empty($_POST["form_recover_password"])) {
if (!empty($_POST["frm_recover_password"])) {
$student_id = mysqli_real_escape_string($con, $_POST["sno"]);
$email = mysqli_real_escape_string($con, $_POST["email"]);
@ -267,6 +198,7 @@ if (!empty($_POST["form_recover_password"])) {
// validate student number
if (strlen($student_id) != 12 || is_numeric($student_id) == FALSE) {
$_SESSION["info_recover_password"] = "Invalid student number.";
#echo "Invalid student number.";
header("Location: recover_password.php");
return;
}
@ -290,51 +222,74 @@ if (!empty($_POST["form_recover_password"])) {
}
}
// ############################### CREATE Lecturer/TA USER ##################################
if (!empty($_POST["form_createlecturer"])){
$email = mysqli_real_escape_string($con, $_POST["email"]);
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
$type = mysqli_real_escape_string($con, $_POST["type"]);
$password = mysqli_real_escape_string($con, $_POST["password"]);
$pass_len = strlen($password);
if ($pass_len == 0) {
$password = generateStrongPassword();
}
// ################################ RESET Password #####################################
if (!empty($_POST["frm_reset_password"])) {
$password = mysqli_real_escape_string($con, $_POST["password"]);
$token = mysqli_real_escape_string($con, $_POST["token"]);
$email = mysqli_real_escape_string($con, $_POST["email"]);
$result = mysqli_query(
$con,
"SELECT * FROM users_table WHERE email='$email'"
"SELECT * FROM Users_Table WHERE email='$email'"
);
if (mysqli_num_rows($result) != 0) {
$_SESSION["info_Admin_Users"] = "Email address : " . $email . " is already in use.";
header("Location: Admin.php");
exit;
}
$password_hash = password_hash("$password", PASSWORD_DEFAULT);
$sql = "INSERT INTO `users_table`(`Email`, `Password`, `HashPassword`, `Full_Name`, `UserType`) VALUES ('$email','$password_hash','','$fullname','$type')";
if (mysqli_num_rows($result) == 0) {
try {
$result = mysqli_query($con, $sql);
$_SESSION["info_Admin_Users"] = $type . " user created successfully. Use email " . $email . " as account name and ". $password ." as password.";
header("Location: Admin.php?tacreated");
} catch (Exception $ex) {
echo "$ex";
echo "invalid email";
return;
} else {
while ($row = mysqli_fetch_assoc($result)) {
$userid = $row['User_ID'];
$email = $row['Email'];
$id = $row['Student_ID'];
$user_token = $userid * $userid * $userid + $userid * 0.00343;
if ($user_token == $token) {
// Password Update
// Password Update
$hashed_password = hash('sha512', $password);
$sql = "UPDATE users_table set HashPassword='$hashed_password' where User_ID=$userid;";
if ($con->query($sql) === TRUE) {
error_reporting(0);
$_SESSION["info_login"] = " Password changed successfully , you can login now with your new password ";
header("Location: index.php");
} else {
echo "Error: " . $sql . "<br>" . $con->error;
}
} else {
echo "Invalid Token ";
}
}
}
}
// ### FUNCTION TO GENERATE INITIAL PASSWORDS ###//
function generateStrongPassword() {
$characters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_';
$password_length = 12;
$gen_password = '';
for ($i = 0; $i < $password_length; $i++) {
$random_index = mt_rand(0, strlen($characters) - 1);
$gen_password .= $characters[$random_index];
// ############################### CREATE Lecturer/TA USER ##################################
if (!empty($_POST["frm_createlecturrer"])) {
$email = mysqli_real_escape_string($con, $_POST["email"]);
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
$type = mysqli_real_escape_string($con, $_POST["type"]);
$password = $passport;
// check if email is taken
$result = mysqli_query($con,
"SELECT * FROM Users_Table WHERE email='$email'");
if(mysqli_num_rows($result)!=0)
{
$_SESSION["info_Admin_Users"]="Email address : ".$email." is already in use.";
header("Location: Admin.php");
}
$sql= "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
. "('$email','$password','$fullname','$type')";
// Return the generated password
return $gen_password;
if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"] = $type . " user Created successfully : email " . $email . " and $password as Password.";
header("Location: Admin.php");
} else {
echo "Error: " . $sql . "<br>" . $con->error;
}
}
// #### FUNCTION CHECK FILE TYPES ////
@ -347,7 +302,7 @@ function is_valid_file_format($file)
'cvc', 'c', 'class', 'cpp', 'h', 'java', 'sh', 'swift', 'zip', 'rar', 'ods', 'xlr', 'bak', 'ico', 'swf'
);
$filename = $_FILES[$file]['name'];
utf8_encode($filename = $_FILES[$file]['name']);
$ext = pathinfo($filename, PATHINFO_EXTENSION);
$result = in_array($ext, $allowed);
return $result;
@ -387,7 +342,7 @@ function mkdirs($path)
}
// ############################### #Post Assignment ##################################
if (!empty($_POST["form_uploadlab"])) {
if (!empty($_POST["frm_uploadlab"])) {
$course_id = mysqli_real_escape_string($con, $_POST["course_id"]);
$deadlinedate = $_POST["deadlinedate"];
@ -404,7 +359,7 @@ if (!empty($_POST["form_uploadlab"])) {
// GET UPLOADED FILES
$target_dir = Create_dir("./../../lrr_submission/Lab_Report_Assignments/$course_id/" . $title . "/");
$target_dir = Create_dir("Lab_Report_Assignments/" . $title . "/");
$rnd = rand(10, 1000);
$rnd = ""; // no more required , creating folder for each lab
@ -463,25 +418,25 @@ if (!empty($_POST["form_uploadlab"])) {
$targetfile4 = "";
if ($_FILES['attachment1']['name'] != "") {
$targetfile = "/Lab_Report_Assignments/$course_id/" . $title . "/" . $_FILES['attachment1']['name'];
$targetfile = "/" . $title . "/" . $_FILES['attachment1']['name'];
}
if ($_FILES['attachment2']['name'] != "") {
$targetfile2 = "/Lab_Report_Assignments/$course_id" . $title . "/" . $_FILES['attachment2']['name'];
$targetfile2 = "/" . $title . "/" . $_FILES['attachment2']['name'];
}
if ($_FILES['attachment3']['name'] != "") {
$targetfile3 = "/Lab_Report_Assignments/$course_id" . $title . "/" . $_FILES['attachment3']['name'];
$targetfile3 = "/" . $title . "/" . $_FILES['attachment3']['name'];
}
if ($_FILES['attachment4']['name'] != "") {
$targetfile4 = "/Lab_Report_Assignments/$course_id" . $title . "/" . $_FILES['attachment4']['name'];
$targetfile4 = "/" . $title . "/" . $_FILES['attachment4']['name'];
}
$sql = "INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`,
`Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`,Marks,Type)
VALUES ('$course_id','$date','$deadline','$instructions','$title','$targetfile','$targetfile2','$targetfile3','$targetfile3','$marks','$type')";
VALUES ('$course_id','$date','$deadline','$instructions','$title','$targetfile','$targetfile2','$targetfile3','$targetfile3',$marks,'$type')";
if ($con->query($sql) === TRUE) {
$_SESSION["info_courses"] = $type . " lab report assignment posted successfully. ";
$_SESSION["info_courses"] = $type . " lab report assignment posted successfully.";
header("Location: Courses.php?course=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -499,8 +454,10 @@ function checksize($file)
}
// ############################### Submit Assignment ##################################
if (!empty($_POST["form_submitlab"])) {
if (!empty($_POST["frm_submitlab"])) {
/* Posting values to database */
$lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]);
$student_id = $_POST["student_id"];
$group_id = $_POST["group_id"];
@ -514,7 +471,7 @@ if (!empty($_POST["form_submitlab"])) {
$date = date("Y-m-d H:i:s");
// GET UPLOADED FILES
$labName = mysqli_query($con, "SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID='$lab_id'");
$labName = mysqli_query($con, "SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID=$lab_id");
while ($row = mysqli_fetch_assoc($labName)) {
$lab_name = $row['Title'];
$_SESSION['Sub_Type'] = $row['Type']; // submission type, either Individual or Group
@ -597,19 +554,19 @@ if (!empty($_POST["form_submitlab"])) {
$targetfile4 = "";
if (strlen($_FILES['attachment1']['name']) > 2) { // why greater than 2???
$targetfile = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment1']['name']);
$targetfile = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment1']['name'];
}
if (strlen($_FILES['attachment2']['name']) > 2) {
$targetfile2 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment2']['name']);
$targetfile2 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment2']['name'];
}
if (strlen($_FILES['attachment3']['name']) > 2) {
$targetfile3 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment3']['name']);
$targetfile3 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment3']['name'];
}
if (strlen($_FILES['attachment4']['name']) > 2) {
$targetfile4 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment4']['name']);
$targetfile4 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment4']['name'];
}
// When $group_id is not properly initialized, use integer 0 as its value.
@ -618,13 +575,13 @@ if (!empty($_POST["form_submitlab"])) {
$group_id = 0; // FIXME
}
$sql1 = "DELETE FROM lab_report_submissions where Lab_Report_ID='$lab_id' and Student_id='$student_id' and Course_Group_id='$group_id'";
$sql1 = "DELETE FROM lab_report_submissions where Lab_Report_ID=$lab_id and Student_id=$student_id and Course_Group_id=$group_id";
if ($con->query($sql1) === TRUE) {
}
$sql = "INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`,"
. " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)"
. " VALUES ('$date','$lab_id','$student_id','$group_id','$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4',"
. " VALUES ('$date',$lab_id,$student_id,$group_id,'$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4',"
. "'Pending','$title','')";
if ($con->query($sql) === TRUE) {
@ -632,7 +589,7 @@ if (!empty($_POST["form_submitlab"])) {
$con->query($sql = "UPDATE `lab_report_submissions` SET `Course_Group_id` = '0' WHERE `lab_report_submissions`.`Lab_Report_ID` = '$lab_id'");
}
$_SESSION["info_courses"] = "Thanks. You have successfully submitted your assignment.";
$_SESSION["info_courses"] = "Thanks. Your lab report assignment is submitted successfully.";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: <br>" . $con->error;
@ -642,9 +599,9 @@ if (!empty($_POST["form_submitlab"])) {
// JOIN COURSE
if (!empty($_GET["JoinCourse"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]);
$student_id = mysqli_real_escape_string($con, $_GET["std"]);
$joining = mysqli_real_escape_string($con, $_GET["joining"]);
$id = $_GET["id"];
$student_id = $_GET["std"];
$joining = $_GET["joining"];
$status = "Pending";
if ($joining == 0) {
@ -671,12 +628,12 @@ if (!empty($_GET["JoinCourse"])) {
if (!empty($_GET["savemarks"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]);
$marks = mysqli_real_escape_string($con, $_GET["marks"]);
$total = mysqli_real_escape_string($con, $_GET["total"]);
$feedback = mysqli_real_escape_string($con, $_GET["feedback"]);
$header = mysqli_real_escape_string($con, $_GET["header"]);
$labid = mysqli_real_escape_string($con, $_GET["labid"]);
$id = $_GET["id"];
$marks = $_GET["marks"];
$total = $_GET["total"];
$feedback = $_GET["feedback"];
$header = $_GET["header"];
$labid = $_GET["labid"];
$status = "Marked";
if ($marks > $total) {
@ -695,7 +652,7 @@ if (!empty($_GET["savemarks"])) {
if ($con->query($sql) === TRUE) {
$_SESSION["info_Marking"] = "Assignment marked";
$_SESSION["info_Marking"] = "Lab Report Submission Marked";
header("Location: Submissions.php?id=" . $labid . "&header=" . $header . "&total=" . $total);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -705,14 +662,14 @@ if (!empty($_GET["savemarks"])) {
#Update Report Visibility
if (!empty($_GET["updatevisibility"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]);
$marks = mysqli_real_escape_string($con, $_GET["marks"]);
$total = mysqli_real_escape_string($con, $_GET["total"]);
$status = mysqli_real_escape_string($con, $_GET["status"]);
$header = mysqli_real_escape_string($con, $_GET["header"]);
$labid = mysqli_real_escape_string($con, $_GET["labid"]);
$id = $_GET["id"];
$marks = $_GET["marks"];
$total = $_GET["total"];
$status = $_GET["status"];
$header = $_GET["header"];
$labid = $_GET["labid"];
$sql = "UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID='$id'
$sql = "UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID=$id
";
if ($con->query($sql) === TRUE) {
@ -728,19 +685,19 @@ if (!empty($_GET["updatevisibility"])) {
if (!empty($_GET["remarking"])) {
$id = htmlspecialchars(mysqli_real_escape_string($con, $_GET["id"]));
$url = htmlspecialchars(mysqli_real_escape_string($con, $_GET["url"]));
$id = $_GET["id"];
$url = $_GET["url"];
$status = htmlspecialchars(mysqli_real_escape_string($con, $_GET["status"]));
$details = htmlspecialchars(mysqli_real_escape_string($con, $_GET["details"]));
$status = $_GET["status"];
$details = $_GET["details"];
$sql = "UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID='$id'
$sql = "UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID=$id
";
if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = "Remarking Request Sent";
header("Location: Course.php?url=" . $url . "&tab=Marked");
$_SESSION["info_ReMarking"] = "Remarking Request Sent";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
}
@ -750,13 +707,13 @@ if (!empty($_GET["remarking"])) {
if (!empty($_GET["creategroup"])) {
$student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$id = mysqli_real_escape_string($con, $_GET["id"]);
$name = mysqli_real_escape_string($con, $_GET["name"]);
$student_id = $_GET["student_id"];
$url = $_GET["url"];
$id = $_GET["id"];
$name = $_GET["name"];
$sql = "INSERT INTO `course_groups_table`(`Group_Name`,
`Group_Leader`, `Course_id`) VALUES ('$name','$student_id','$id')";
`Group_Leader`, `Course_id`) VALUES ('$name',$student_id,$id)";
if ($con->query($sql) === TRUE) {
@ -766,9 +723,9 @@ if (!empty($_GET["creategroup"])) {
}
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
VALUES ('$gid','$student_id','Created')";
VALUES ($gid,$student_id,'Created')";
if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = "Course group Created";
$_SESSION["info_ReMarking"] = "Course group Created";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -782,25 +739,18 @@ if (!empty($_GET["creategroup"])) {
if (!empty($_GET["groupinvite"])) {
$student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$courseid = mysqli_real_escape_string($con, $_GET["courseid"]);
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
$student = mysqli_query($con, "SELECT * FROM students_data WHERE Student_ID = '$student_id' ");
$student_id = $_GET["student_id"];
$url = $_GET["url"];
$courseid = $_GET["courseid"];
$groupid = $_GET["groupid"];
if (mysqli_num_rows($student) > 0) {
$result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
if (mysqli_num_rows($result) > 0) {
$_SESSION["info_general"] = $student_id . " has already been invited.";
header("Location: Course.php?url=" . $url);
} else {
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
VALUES ('$groupid','$student_id','Invited')";
}
} else {
$_SESSION["info_general"] = $student_id . " is an invalid student number.";
$result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
if (mysqli_num_rows($result) > 0) {
$_SESSION["info_ReMarking"] = $student_id . " has already been invited";
header("Location: Course.php?url=" . $url);
} else {
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
VALUES ($groupid,$student_id,'Invited')";
}
if ($con->query($sql) === TRUE) {
@ -818,26 +768,26 @@ if (!empty($_GET["groupinvite"])) {
if ($Group_Member == '0') {
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
$_SESSION["info_general"] = $student_id . " was invited to the group.";
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
header("Location: Course.php?url=" . $url);
} elseif ($Group_Member2 == '0') {
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member2` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
$_SESSION["info_general"] = $student_id . " was invited to the group.";
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
header("Location: Course.php?url=" . $url);
} elseif ($Group_Member3 == '0') {
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member3` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
$_SESSION["info_general"] = $student_id . " was invited to the group.";
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
header("Location: Course.php?url=" . $url);
} elseif ($Group_Member4 == '0') {
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member4` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
$_SESSION["info_general"] = $student_id . " was invited to the group.";
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
header("Location: Course.php?url=" . $url);
} else {
$_SESSION["info_general"] = " You cannot add any more members";
$_SESSION["info_ReMarking"] = " You cant add any more members";
header("Location: Course.php?url=" . $url);
}
}
$_SESSION["info_general"] = $student_id . " was invited to the group.";
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -848,57 +798,21 @@ if (!empty($_GET["groupinvite"])) {
if (!empty($_GET["acceptinvite"])) {
$student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$action = mysqli_real_escape_string($con, $_GET["action"]);
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
$student_id = $_GET["student_id"];
$url = $_GET["url"];
$action = $_GET["action"];
$groupid = $_GET["groupid"];
if ($action == 1) {
$sql = "Update `course_group_members_table` set Status='Joined' where Course_Group_id ='$groupid' and student_id='$student_id'
$sql = "Update `course_group_members_table` set Status='Joined' where Course_Group_id =$groupid and student_id=$student_id
";
} else {
$sql = "Delete from `course_group_members_table` where Course_Group_id ='$groupid' and student_id='$student_id'
$sql = "Delete from `course_group_members_table` where Course_Group_id =$groupid and student_id=$student_id
";
}
if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = " Group invitation status updated";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
}
}
#Remove a member from group
if (!empty($_GET["removemember"])) {
$student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$group_id = mysqli_real_escape_string($con, $_GET["group_id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$sql = "Delete from `course_group_members_table` where student_id=$student_id and Course_Group_id=$group_id";
if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = " Member " . $student_id . " is gone.";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
}
}
#Delete a whole group
if (!empty($_GET["deletegroup"])) {
$group_id = mysqli_real_escape_string($con, $_GET["group_id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$sql1 = "Delete from `course_group_members_table` where Course_Group_id=$group_id";
$sql2 = "Delete from `course_groups_table` where Course_Group_id=$group_id";
if ($con->query($sql1) === TRUE && $con->query($sql2) === TRUE) {
$_SESSION["info_general"] = " Group has been deleted successfully. ";
$_SESSION["info_ReMarking"] = " Group Invite Updated";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -909,27 +823,27 @@ if (!empty($_GET["deletegroup"])) {
if (!empty($_GET["extenddeadline"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]);
$date = mysqli_real_escape_string($con, $_GET["date"]);
$time = mysqli_real_escape_string($con, $_GET["time"]);
$type = mysqli_real_escape_string($con, $_GET["type"]);
$id = $_GET["id"];
$date = $_GET["date"];
$time = $_GET["time"];
$type = $_GET["type"];
$studentid = mysqli_real_escape_string($con, $_GET["studentid"]);
$reason = mysqli_real_escape_string($con, $_GET["reason"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$stdid = $_GET["stdid"];
$reason = $_GET["reason"];
$url = $_GET["url"];
$deadline = $date . " " . $time;
if ($type == 1) {
$sql = "UPDATE `lab_reports_table` SET `Deadline`='$deadline' WHERE Lab_Report_ID='$id'";
$sql = "UPDATE `lab_reports_table` SET `Deadline`='$deadline' WHERE Lab_Report_ID=$id";
} else {
$sql = "INSERT INTO `extended_deadlines_table`(`Student_ID`, "
. "`Lab_Report_ID`, `Extended_Deadline_Date`,"
. " `ReasonsForExtension`) VALUES ('$studentid','$id','$deadline','$reason')";
. " `ReasonsForExtension`) VALUES ($stdid,$id,'$deadline','$reason')";
}
if ($con->query($sql) === TRUE) {
$_SESSION["info_courses"] = " Assignment deadline extended successfully.";
$_SESSION["info_courses"] = " Lab Report Deadline extended successfully.";
header("Location: Courses.php?course=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -940,17 +854,17 @@ if (!empty($_GET["extenddeadline"])) {
if (!empty($_GET["ignoreremarking"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]);
$total = mysqli_real_escape_string($con, $_GET["total"]);
$header = mysqli_real_escape_string($con, $_GET["header"]);
$id = $_GET["id"];
$total = $_GET["total"];
$header = $_GET["header"];
$subid = mysqli_real_escape_string($con, $_GET["subid"]);
$subid = $_GET["subid"];
$sql = "UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID='$subid'";
$sql = "UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID=$subid";
if ($con->query($sql) === TRUE) {
$_SESSION["info_Marking"] = "Remarking request ignored.";
$_SESSION["info_Marking"] = "Remarking Request Ignored , Submission Updated to 'Marked' status";
header("Location: Submissions.php?id=" . $id . "&header=" . $header . "&total=" . $total);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -960,32 +874,18 @@ if (!empty($_GET["ignoreremarking"])) {
#Assign TA
if (!empty($_GET["assignTA"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]);
$ta = mysqli_real_escape_string($con, $_GET["ta"]);
// Check if the TA is already assigned to the course
$check_sql = "SELECT * FROM course_ta WHERE Course_ID='$id' AND TA='$ta'";
$check_result = $con->query($check_sql);
$id = $_GET["id"];
$ta = $_GET["ta"];
if ($check_result->num_rows > 0) {
// Alert user about the duplicate assignment
echo "<script>
alert('The selected TA is already assigned to this course.');
window.location.href='Admin.php';
</script>";
$sql = "INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ($id,$ta)";
if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Courses"] = $type . " Course TA Assigned ";
header("Location: Admin.php");
} else {
// Proceed with the TA assignment
$sql = "INSERT INTO course_ta(Course_ID, TA) VALUES ('$id','$ta')";
if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Courses"] = $type . " Course TA Assigned ";
header("Location: Admin.php");
} else {
echo "<script>
alert('You must select a TA first!.');
window.location.href='Admin.php';
</script>";
}
echo "Error: " . $sql . "<br>" . $con->error;
}
}
@ -993,13 +893,13 @@ if (!empty($_GET["assignTA"])) {
if (!empty($_GET["AcceptStudent"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]);
$rs = mysqli_real_escape_string($con, $_GET["rs"]);
$id = $_GET["id"];
$rs = $_GET["rs"];
if ($rs == "yes") {
$sql = "Update course_students_table set Status='Joined' Where ID='$id'";
$sql = "Update course_students_table set Status='Joined' Where ID=$id";
} else {
$sql = "Delete FROM course_students_table Where ID='$id'";
$sql = "Delete FROM course_students_table Where ID=$id";
}
if ($con->query($sql) === TRUE) {
@ -1021,12 +921,12 @@ if (!empty($_GET["AcceptStudent"])) {
if (!empty($_GET["action"])) {
$action = $_GET["action"];
$uid = mysqli_real_escape_string($con, $_GET["uid"]);
$uid = $_GET["uid"];
$pass = mysqli_real_escape_string($con, $_GET["pass"]);
$pass = $_GET["pass"];
$pass = password_hash($pass, PASSWORD_DEFAULT);
$status = mysqli_real_escape_string($con, $_GET["status"]);
$status = $_GET["status"];
// validate uid
if (intval($uid) < 0) {
@ -1034,12 +934,12 @@ if (!empty($_GET["action"])) {
return;
}
if ($action == "passchange" && $_SESSION['user_id'] == $uid) {
$sql = "UPDATE users_table set Password='$pass' where User_ID='$uid';";
if ($action == "passchange") {
$sql = "UPDATE users_table set Password='$pass' where User_ID=$uid;";
if ($con->query($sql) === TRUE) {
error_reporting(0);
echo "Password has been changed";
//return;
// return;
$_SESSION["infoChangePassword"] = $type . " User password was changed successfully.";
header("Location: index.php");
} else {
@ -1048,19 +948,20 @@ if (!empty($_GET["action"])) {
}
}
if ($action == "statuschange" && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) {
$sql = "UPDATE users_table set Status='$status' where User_ID='$uid';";
if ($action == "statuschange") {
$sql = "UPDATE users_table set Status='$status' where User_ID=$uid;";
if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"] = $type . " user Status updated successfully ";
header("Location: Admin.php");
} else {
// echo "Error: " . $sql . "<br>" . $con->error;
echo "Something really bad happened while changing status. Contact lanhui at zjnu.edu.cn. Thanks!";
}
}
}
// ############################### CREATE STUDENT USER ##################################
if (!empty($_POST["form_createCourse"])) {
if (!empty($_POST["frm_createCourse"])) {
$name = mysqli_real_escape_string($con, $_POST["name"]);
$academic = mysqli_real_escape_string($con, $_POST["academic"]);
$lecturer = mysqli_real_escape_string($con, $_POST["lecturer"]);
@ -1108,8 +1009,8 @@ if (!empty($_POST["form_createCourse"])) {
if (!empty($_GET["exportgrade"])) {
$lab = mysqli_real_escape_string($con, $_GET["lab"]);
$lab_name = mysqli_real_escape_string($con, $_GET["lab_name"]);
$lab = $_GET["lab"];
$lab_name = $_GET["lab_name"];
error_reporting(0);
@ -1121,7 +1022,7 @@ INNER JOIN lab_reports_table on lab_reports_table.Lab_Report_ID=lab_report_submi
INNER JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
WHERE lab_report_submissions.Lab_Report_ID='$lab'";
WHERE lab_report_submissions.Lab_Report_ID=$lab";
$export = mysqli_query($con, $select);
@ -1151,9 +1052,8 @@ WHERE lab_report_submissions.Lab_Report_ID='$lab'";
}
header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename=$lab_name Grade Sheet.xls");
header("Content-Disposition: attachment; filename=$lab_name Garde Sheet.xls");
header("Pragma: no-cache");
header("Expires: 0");
print "$header\n$data";
}
?>

29
Student.php
View File

@ -1,14 +1,15 @@
<?php
$page = "student";
include 'Header.php';
?>
<br><br><br>
<div class="row" style="width:80%;margin:auto;">
<div class="col-md-6">
<h1> Student account created. Now you can browse the course portal. </h1>
</div>
</div>
<?php
$page = "student";
include 'Header.php';
?>
<br><br><br>
<div class="row" style="width:80%;margin:auto;">
<div class="col-md-6">
<h1> STUEDNT Account Created , Now you can Browse Course Portals </h1>
</div>
</div>

361
Submissions.php
View File

@ -10,7 +10,7 @@ $group_id = $_SESSION["user_group_id"];
$c_date = date("Y-m-d H:i");
if (!empty($_GET["id"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]);
$id = $_GET["id"];
$course_id = $id;
}
@ -24,26 +24,22 @@ if (!empty($_GET["total"])) {
$total = 0;
}
$resultx1 = mysqli_query($con, "SELECT Lab_Report_ID, Title, lab_reports_table.Course_ID, Posted_Date, Deadline, Marks, Type, courses_table.URL
FROM lab_reports_table
INNER JOIN courses_table ON courses_table.Course_ID=lab_reports_table.Course_ID
WHERE Lab_Report_ID=$id");
$resultx1 = mysqli_query($con, "SELECT `Lab_Report_ID`,Title, lab_reports_table.Course_ID, `Posted_Date`, `Deadline`, `Marks`, `Type` , courses_table.URL FROM `lab_reports_table` INNER JOIN courses_table ON courses_table.Course_ID=lab_reports_table.Course_ID WHERE Lab_Report_ID=$id");
while ($row = mysqli_fetch_assoc($resultx1)) {
$report_type = $row['Type'];
$Report_Type = $row['Type'];
$c_id = $row['Course_ID'];
$report_title = $row['Title'];
$Report_Title = $row['Title'];
$url = $row['URL'];
}
echo "<div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='Courses.php?course=$url'>
$header
</a></div>
";
?>
<div class="container">
<?php
echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
?>
<div class="row">
<div class="row" style="width:80%;margin:auto; text-align:left;">
<!-- Lecturer CODE-->
<?php
@ -59,72 +55,89 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
error_reporting(0);
if (isset($_SESSION['info_Marking'])) {
echo '<div class="alert alert-warning">' . $_SESSION['info_Marking'] . '</div>';
echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Marking'] . '</div>';
$_SESSION['info_Marking'] = null;
}
$resultx1 = mysqli_query($con, "SELECT Count(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id");
$row = mysqli_fetch_assoc($resultx1);
$count_submissions = $row['cnt'];
$resultx1 = mysqli_query($con, "Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id");
while ($row = mysqli_fetch_assoc($resultx1)) {
$count_subs = $row['cnt'];
}
$resultx2 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id and Status='Marked'");
$row = mysqli_fetch_assoc($resultx2);
$count_marked = $row['cnt'];
$resultx2 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Marked'");
if (mysqli_num_rows($resultx2) == 0) {
$count_marked = 0;
} else {
while ($row = mysqli_fetch_assoc($resultx2)) {
$count_marked = $row['cnt'];
}
}
$resultx3 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id and Status='Pending'");
$row = mysqli_fetch_assoc($resultx3);
$count_unmarked = $row['cnt'];
$resultx3 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Pending'");
if (mysqli_num_rows($resultx3) == 0) {
$count_unmarked = 0;
} else {
while ($row = mysqli_fetch_assoc($resultx3)) {
$count_unmarked = $row['cnt'];
}
}
$resultx4 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id and Status='Remarking'");
$row = mysqli_fetch_assoc($resultx4);
$count_remark = $row['cnt'];
$resultx5 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM course_groups_table WHERE Course_id=$c_id");
$row = mysqli_fetch_assoc($resultx5);
$count_group = $row['cnt'];
$resultx4 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Remarking'");
if (mysqli_num_rows($resultx4) == 0) {
$count_remark = 0;
} else {
while ($row = mysqli_fetch_assoc($resultx4)) {
$count_remark = $row['cnt'];
}
}
?>
<br>
<p class="text-muted"><b>Total submissions (<?php echo $count_submissions; ?>)</b></p>
<b>Lab Report Submissions (<?php echo $count_subs; ?>)</b>
<!-- Nav tabs -->
<ul class="nav nav-tabs" id="myTab">
<ul class="nav nav-tabs" role="tablist">
<li class="nav-item">
<a class="nav-link active" href="#menu1">Unmarked submissions (<?php echo $count_unmarked; ?>)</a>
<a class="nav-link active" data-toggle="tab" href="#menu1">Un-Marked Submissions<b> (<?php echo $count_unmarked; ?>)</b></a>
</li>
<li class="nav-item">
<a class="nav-link" href="#menu2">Marked submissions (<?php echo $count_marked; ?>)</a>
<a class="nav-link" data-toggle="tab" href="#menu2">Marked Submissions <b>(<?php echo $count_marked; ?>)</b></a>
</li>
<li class="nav-item">
<a class="nav-link" href="#menu3">Remarking requests (<?php echo $count_remark; ?>)</a>
<a class="nav-link" data-toggle="tab" href="#menu3">Re-Marking Requests <b>(<?php echo $count_remark; ?>)</b></a>
</li>
<li class="nav-item">
<a class="nav-link" href="#menu4">Course groups (<?php echo $count_group; ?>)</a>
<a class="nav-link" data-toggle="tab" href="#menu4"> View Course Groups</a>
</li>
</ul>
<div class="tab-content">
<div id="menu1" class="tab-pane active"><br>
<div id="menu1" class="container tab-pane active"><br>
<?php
if ($report_type == "Group") {
$result1 = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, course_groups_table.Group_Name, course_groups_table.Group_Leader, users_table.Full_Name, users_table.Student_id
FROM lab_report_submissions
LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id
LEFT JOIN course_groups_table ON course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Pending' ORDER BY Submission_Date DESC");
if ($Report_Type == "Group") {
$result1 = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
`Title`,course_groups_table.Group_Name,course_groups_table.Group_Leader,users_table.Full_Name, users_table.Student_id
FROM `lab_report_submissions`
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Submission_Date desc");
} else {
$result1 = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, users_table.Full_Name, course_group_members_table.Student_ID
FROM lab_report_submissions
LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id
LEFT JOIN course_group_members_table ON course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Pending' ORDER BY Submission_Date DESC");
$result1 = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
`Title`,users_table.Full_Name,course_group_members_table.Student_ID
FROM `lab_report_submissions`
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Submission_Date desc");
}
if (mysqli_num_rows($result1) == 0) {
echo "No unmarked submissions.";
echo "No Un-Marked Submissions for this Lab Report.";
} else {
while ($row = mysqli_fetch_assoc($result1)) {
$title = $row['Title'];
@ -146,15 +159,15 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
$student_id = $row['sub_std'];
if ($submitted_group == 0) {
$submitted_by = $student_name . " (" . $student_id . ")";
$submitted_by = $student_name . "(" . $student_id . ")";
} else {
$submitted_by = "$student_name ($submitter_student_number) for group $groupname ";
}
$base_att1 = basename(rawurldecode($att1));
$base_att2 = basename(rawurldecode($att2));
$base_att3 = basename(rawurldecode($att3));
$base_att4 = basename(rawurldecode($att4));
$base_att1 = basename($att1);
$base_att2 = basename($att2);
$base_att3 = basename($att3);
$base_att4 = basename($att4);
$full_link = "<a href='~\..\Download.php?file=$att1&attachment=1'>$base_att1</a>"; // prevent students from directly accessing their classmates' submissions
@ -169,13 +182,10 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
$full_link = $full_link . " | <a href='~\..\Download.php?file=$att4&attachment=4'>$base_att4</a>";
}
echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left:1px solid #eee;'>
$title <br>
By: <b> <span class='text-selectable'> $submitted_by </span> </b> <br>
<small>Submitted on: $posted</small>
<button class='btn btn-sm btn-primary' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark </button><br>
Attachments : $full_link
</div>";
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> by: <b> $submitted_by </b>
<br> <span style='font-size:8pt'>Submitted : $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark Submission</button><br> Attachments : $full_link </span>
</div></k>";
}
}
echo "";
@ -183,34 +193,39 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
</div>
<div id="menu2" class="tab-pane"><br>
<div id="menu2" class="container tab-pane"><br>
<?php
if ($report_type == "Group") {
$result = mysqli_query($con, "SELECT Submission_ID, Visibility, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, course_groups_table.Group_Name
FROM lab_report_submissions
LEFT JOIN course_groups_table ON course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
WHERE Lab_Report_ID=$id and lab_report_submissions.Status='Marked'");
if ($Report_Type == "Group") {
$result = mysqli_query($con, "SELECT `Submission_ID`,Visibility, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
`Title`,course_groups_table.Group_Name
FROM `lab_report_submissions`
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Marked'");
} else {
$result = mysqli_query($con, "SELECT Submission_ID, Visibility, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, users_table.Full_Name, course_group_members_table.Student_ID
FROM lab_report_submissions
LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id
LEFT JOIN course_group_members_table ON course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Marked' ORDER BY lab_report_submissions.Student_id Desc");
$result = mysqli_query($con, "SELECT `Submission_ID`,Visibility, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
`Title`,users_table.Full_Name,course_group_members_table.Student_ID
FROM `lab_report_submissions`
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Marked' Order by lab_report_submissions.Student_id Desc");
}
if (mysqli_num_rows($result) == 0) {
echo "No marked submissions.";
echo "No Marked submissions for this lab";
} else {
echo "<h3><a href='~\..\Script.php?exportgrade=true&lab=$id&lab_name=$report_title'><i class='fa fa-book'></i> Export grades</a></h3>";
echo "<h3><a href='~\..\Script.php?exportgrade=true&lab=$id&lab_name=$Report_Title'><i class='fa fa-book'></i> Export Grade Sheet </a></h3>";
while ($row = mysqli_fetch_assoc($result)) {
$title = $row['Title'];
$Marks = $row['Marks'];
//$ins=$row['Notes'];
$posted = $row['Submission_Date'];
$deadline = $row['Deadline'];
$att1 = $row['Attachment1'];
@ -247,17 +262,10 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
if ($att4 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
}
// you will notice why i used span here to wrap the $submitted_by variable
// because if we wrap with span , the css class text-selectable can be used only by the submittedBy variable
// if you want to use text-selectable class on whole div, just call the css class
echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap:break-word; border:1px solid #F0F0F0; border-left:1px solid #eee;'>
<b> $title </b> &nbsp;&nbsp; [Marks: $Marks] <button class='btn btn-light btn-sm' onclick='mark($Submission_ID,\"$title\",$total)'>Remark</button><br>
<small>Submitted by <span class = 'text-selectable'>$submitted_by</span> on $posted</small>
<span class='badge badge-info'>Marking comments</span> $notes <br>
Attachments : $full_link
</div>";
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> by : <b> $submitted_by &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> &nbsp; Visibility : <b>$Visibility </b> <button class='btn-sm btn-success' style='margin-left:50px;' onclick='updatev($Submission_ID)'>Update visibility</button>
<hr> Lecturer/TA notes : $notes<br> <span style='font-size:8pt'>Submitted : $posted <b> </b> <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Re-Mark Submission</button><br> Attachments : $full_link </span>
</div></k>";
}
}
echo "";
@ -265,29 +273,38 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
</div>
<div id="menu3" class="tab-pane"><br>
<div id="menu3" class="container tab-pane"><br>
<?php
if ($report_type == "Group") {
$resulty = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, lab_report_submissions.Marks, lab_report_submissions.Status, Title, course_groups_table.Group_Name
FROM lab_report_submissions
LEFT JOIN course_groups_table ON course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Remarking'");
if ($Report_Type == "Group") {
$resulty = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, lab_report_submissions.Marks, lab_report_submissions.Status,
`Title`,course_groups_table.Group_Name
FROM `lab_report_submissions`
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
} else {
$resulty = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Remarking_Reason, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, lab_report_submissions.Marks, lab_report_submissions.Status, Title, users_table.Full_Name, course_group_members_table.Student_ID
FROM lab_report_submissions
LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id
LEFT JOIN course_group_members_table ON course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Remarking'");
$resulty = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Remarking_Reason,
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, lab_report_submissions.Marks, lab_report_submissions.Status,
`Title`,users_table.Full_Name,course_group_members_table.Student_ID
FROM `lab_report_submissions`
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
}
if (mysqli_num_rows($resulty) == 0) {
echo "No remarking requests.";
echo "No Remarking Request for this lab";
} else {
while ($row = mysqli_fetch_assoc($resulty)) {
$title = $row['Title'];
$Marks = $row['Marks'];
//$ins=$row['Notes'];
$posted = $row['Submission_Date'];
$deadline = $row['Deadline'];
@ -324,14 +341,13 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
if ($att4 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
}
echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 2px solid #eee;'>"
. "$title <br>"
. "Submitted by: <b> <span class = 'text-selectable'>$submitted_by </span> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marks: $Marks ] </b> <br>"
. "<span style='color:orange'><i class='fa fa-info-circle'></i> Remarking reason:</span> $remarking_reason <br>"
. "<button class='btn btn-light btn-sm' onclick='mark($Submission_ID,\"$title\",$total)'>Remark</button>"
. "&nbsp; <a href='~\..\Script.php?ignoreremarking=yes&id=$id&subid=$Submission_ID&header=$header&total=$total&status=Marked' class='btn btn-sm btn-light'>Ignore request</a> <br>"
. "<small>Submitted at: $posted <br> Attachments: $full_link </small>"
. "</div>";
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> by : <b> $submitted_by &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> <br> Remarking Reason : <b>$remarking_reason </b>
<hr> <span style='font-size:8pt'>Submitted : $posted <b> </b> "
. "<button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Re-Mark Submission</button>"
. " &nbsp; &nbsp;&nbsp;&nbsp;<a href='~\..\Script.php?ignoreremarking=yes&id=$id&subid=$Submission_ID&header=$header&total=$total&status=Marked' class='btn-sm btn-warning'> Ignore Request </a>"
. "<br> Attachments : $full_link </span>
</div></k>";
}
}
echo "";
@ -339,47 +355,45 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
</div>
<div id="menu4" class="tab-pane"><br>
<div id="menu4" class="container tab-pane"><br>
<div class="col-md-7">
<h3>Course Groups</h3>
<hr>
<?php
$result = mysqli_query($con, "SELECT Course_Group_id, Group_Name, Group_Leader, Course_id, users_table.Full_Name
FROM course_groups_table
INNER JOIN users_table ON users_table.Student_ID=course_groups_table.Group_Leader
WHERE Course_id=$c_id");
$result = mysqli_query($con, " SELECT `Course_Group_id`, `Group_Name`, `Group_Leader`, `Course_id`,users_table.Full_Name
FROM `course_groups_table`
INNER JOIN users_table on users_table.Student_ID=course_groups_table.Group_Leader
WHERE Course_id=$c_id");
if (mysqli_num_rows($result) == 0) {
echo "No student groups.";
echo "You have no Group in this Course";
} else {
while ($row = mysqli_fetch_assoc($result)) {
$name = $row['Group_Name'];
$leader_student_no = $row['Group_Leader'];
$leader = $row['Full_Name'] . "(" . $row['Group_Leader'] . ")";
$id = $row['Course_Group_id'];
echo "<ul class='list-group'>";
echo " <li class='list-group-item disabled'>Group $name</li>";
echo "<div class='btn-default'><small> $name - Leader : $leader </small></div>";
$rs2 = mysqli_query($con, "SELECT ID, Course_Group_id, course_group_members_table.Student_ID, course_group_members_table.Status, users_table.Full_Name
FROM course_group_members_table
INNER JOIN users_table ON users_table.Student_ID=course_group_members_table.Student_ID
WHERE course_group_members_table.Student_ID AND course_group_members_table.Course_Group_id=$id");
$rs2 = mysqli_query($con, "SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID,
course_group_members_table.`Status`,users_table.Full_Name FROM `course_group_members_table`
INNER JOIN users_table on users_table.Student_ID=course_group_members_table.Student_ID
where course_group_members_table.Course_Group_id=$id");
while ($row = mysqli_fetch_assoc($rs2)) {
$name = $row['Full_Name'];
$id = $row['Course_Group_id'];
$status = $row['Status'];
$Student_ID = $row['Student_ID'];
if ($leader_student_no == $Student_ID) {
echo "<li class='list-group-item'>$name ($Student_ID) - $status - Leader</li>";
} else {
echo "<li class='list-group-item'>$name ($Student_ID) - $status</li>";
}
echo "<li><small> $name-$Student_ID ($status)</small></li>";
}
echo "</ul><br>";
}
}
?>
</div>
</div>
</div>
@ -388,49 +402,36 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
</div>
<?php
<?php
}
?>
include 'Footer.php';
?>
<?php include 'Footer.php';?>
<script src="http://118.25.96.118/nor/css/jquery-1.11.1.min.js"></script>
<script src="http://118.25.96.118/nor/css/jquery-ui.min.js"></script>
</div>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/themes/base/jquery-ui.min.css" integrity="sha512-ELV+xyi8IhEApPS/pSj66+Jiw+sOT1Mqkzlh8ExXihe4zfqbWkxPRi8wptXIO9g73FSlhmquFlUOuMSoXz5IRw==" crossorigin="anonymous" referrerpolicy="no-referrer" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js" integrity="sha512-3gJwYpMe3QewGELv8k/BX9vcqhryRdzRMxVfq6ngyWXwo03GFEzjsUm8Q7RZcHPHksttq7/GFoxjCVUjkjvPdw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js" integrity="sha512-57oZ/vW8ANMjR/KQ6Be9v/+/h6bq9/l3f0Oc7vn6qMqyhvPd1cvKBRWWpzu0QoneImqr2SkmO4MSqU+RpHom3Q==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<link rel="stylesheet" href="http://118.25.96.118/nor/css/jquery-ui.css" />
<script>
function mark(id, title, marks) {
try {
$(`<form id="submit-form" method="get" action="Script.php">
${title} (${marks} marks)
<input type="hidden" name="savemarks" value="true">
<input type="hidden" name="total" value="${marks}" >
<input type="hidden" name="id" value="${id}" >
<br> Marks
<input type="text" name="marks">\n\
Comments <textarea name="feedback"></textarea> \n\
<input type="hidden" name="labid" value="<?php echo $course_id; ?>">
<input type="hidden" name="header" value="<?php echo $header; ?>">
</form>`).dialog({
modal: true,
title: 'Mark submission',
close: function () {
var closeBtn = $('.ui-dialog-titlebar-close');
closeBtn.html('');
},
buttons: {
'Submit': function() {
$('<form id="submit-form" method="get" action="Script.php">' + title + '(' + marks + ' marks) <input type="hidden" name="savemarks" value="true">\n\
<input type="hidden" name="total" value="' + marks + '" > <input type="hidden" name="id" value="' + id + '" ><br> Marks <input type="text" name="marks">\n\
Comments <textarea name="feedback"></textarea> \n\
<input type="hidden" name="labid" value="<?php echo $course_id; ?>"> <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({
modal: true,
title: 'Mark Submission',
buttons: {
'Submit Marking': function() {
$('#submit-form').submit();
$(this).dialog('close');
},
'Cancel': function() {
'X': function() {
$(this).dialog('close');
}
@ -442,17 +443,31 @@ echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
}
}
/* For tabs to work */
const triggerTabList = document.querySelectorAll('#myTab a')
triggerTabList.forEach(triggerEl => {
const tabTrigger = new bootstrap.Tab(triggerEl)
triggerEl.addEventListener('click', event => {
event.preventDefault()
tabTrigger.show()
})
})
function updatev(id) {
</script>
try {
</body>
</html>
$('<form id="submit-form" method="get" action="Script.php"> <input type="hidden" name="updatevisibility" value="true">\n\
<input type="hidden" name="id" value="' + id + '" > <br>\n\
Update Visibility<br><select name="status"> <option> Public </option><option>Private</option> </select> \n\
<input type="hidden" name="labid" value="<?php echo $id; ?>"> <input type="hidden" name="total" value="<?php echo $total; ?>" > <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({
modal: true,
title: 'Update Report Visibility',
buttons: {
'Update': function() {
$('#submit-form').submit();
$(this).dialog('close');
},
'X': function() {
$(this).dialog('close');
}
}
});
} catch (e) {
alert(e);
}
}
</script>

204
SubmitLab.php
View File

@ -3,127 +3,123 @@ include 'NoDirectPhpAcess.php';
?>
<?php
$page='Submit LAB+';
$page = 'Submit LAB+';
include 'Header.php';
?>
<div class="container">
<div class='row' style='width:80%;margin:auto;'>
<div class='row'>
<?php
$c_date = date("Y-m-d H:i");
$student_id = $_SESSION["user_student_id"];
<?php
if (!empty($_GET["id"])) {
$id = $_GET["id"];
$url = $_GET["url"];
$c_date = date("Y-m-d H:i");
$student_id = $_SESSION["user_student_id"];
$result1 = mysqli_query($con, " SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and Deadline > '$c_date' ORDER by Lab_Report_ID DESC");
if (mysqli_num_rows($result1) == 0) {
echo "No active assignments for this course so far.";
} else {
if(!empty($_GET["id"]))
{
$id = mysqli_real_escape_string($con, $_GET["id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
while ($row = mysqli_fetch_assoc($result1)) {
// Get course name
$result0 = mysqli_query($con,"SELECT Course_Name FROM courses_table WHERE URL='$url'");
$row = mysqli_fetch_assoc($result0);
$course_name = $row['Course_Name'];
$Course_ID = $row['Course_ID'];
$title = $row['Title'];
$ins = $row['Instructions'];
$posted = $row['Posted_Date'];
$deadline = $row['Deadline'];
$att1 = $row['Attachment_link_1'];
$att2 = $row['Attachment_link_2'];
$att3 = $row['Attachment_link_3'];
$att4 = $row['Attachment_link_4'];
$labid = $row['Lab_Report_ID'];
$type = $row['Type'];
$result1 = mysqli_query($con, "SELECT Type, Lab_Report_ID, Course_ID, Posted_Date, Deadline, Instructions, Title, Attachment_link_1, Attachment_link_2, Attachment_link_3, Attachment_link_4
FROM lab_reports_table
WHERE Lab_Report_ID=$id AND Deadline>'$c_date' ORDER BY Lab_Report_ID DESC");
if(mysqli_num_rows($result1) == 0) {
echo "No active assignments for this course so far.";
} else {
while($row = mysqli_fetch_assoc($result1)) {
$Course_ID = $row['Course_ID'];
$title = $row['Title'];
$ins = $row['Instructions'];
$posted = $row['Posted_Date'];
$deadline = $row['Deadline'];
$att1 = $row['Attachment_link_1'];
$att2 = $row['Attachment_link_2'];
$att3 = $row['Attachment_link_3'];
$att4 = $row['Attachment_link_4'];
$labid = $row['Lab_Report_ID'];
$type = $row['Type'];
//----------------------------------Giving both the Group Admin and Group Members same priviledges to submit assignment--------------------------------------
if ($type == "Group") {
$resultx1 = mysqli_query($con, "SELECT Course_Group_id FROM `course_groups_table` WHERE (Course_id=$Course_ID) and ((Group_Member=$student_id ) or (Group_Member2=$student_id ) or (Group_Member3=$student_id ) or (Group_Member4=$student_id ) or (Group_Leader=$student_id))");
while ($row = mysqli_fetch_assoc($resultx1)) {
$_SESSION["Group_ID"] = $row['Course_Group_id'];
}
// Giving both the Group Admin and Group Members same priviledges to submit assignment
if ($type == "Group") {
$resultx1 = mysqli_query($con,"SELECT Course_Group_id
FROM course_groups_table
WHERE (Course_id=$Course_ID) AND ((Group_Member=$student_id ) OR (Group_Member2=$student_id ) OR (Group_Member3=$student_id ) OR (Group_Member4=$student_id ) OR (Group_Leader=$student_id))");
while ($row = mysqli_fetch_assoc($resultx1)) {
$_SESSION["Group_ID"] = $row['Course_Group_id'];
}
if ($_SESSION["Group_ID"] < 1) {
echo " <center><h3> This Lab report can only be submitted by Group Admin </h3> </center> ";
return;
}
}
if ($_SESSION["Group_ID"] < 1) {
echo" <center><h3> This Lab report can only be submitted by Group Leader </h3> </center> ";
return;
}
}
$full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
if ($att2 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
}
if ($att3 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
}
$full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
if ($att4 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
}
if ($att2 != "") {
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
}
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
Courses > $url > Submlit Lab Report > $title
<br>
</a></div>
";
if ($att3 != "") {
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
}
echo "";
}
}
}
if ($att4 != "") {
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
}
$Group_ID = $_SESSION["Group_ID"];
echo "<div><a href='~\..\Course.php?url=$url'> Courses > ($url) $course_name > $title </a></div>";
}
}
}
$Group_ID = $_SESSION["Group_ID"];
?>
</div>
<div>
<h1 class="display-6">Submit assignment</h1>
<hr>
<div class="row">
<div class="col-md-6">
<form method='post' enctype='multipart/form-data' action='Script.php'>
<input type='hidden' name='form_submitlab' value='true' required=''/>
<input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/>
<input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/>
<input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required=''/>
<input type='hidden' name='url' value='<?php echo $url; ?>' required=''/>
<div class='mb-3'>
<label class='form-label'>Title</label>
<input type='text' name='title' placeholder='Assignment submission title' class='form-control' required=''>
</div>
<div class='mb-3'>
<label class='form-label'>Attachment 1</label>
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
<label class='form-label'>Attachment 2</label>
<input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
<label class='form-label'>Attachment 3</label>
<input type='file' name='attachment3' placeholder='Attachment 3' class='form-control' >
<label class='form-label'>Attachment 4</label>
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
</div>
<button type='submit' class='btn btn-primary'>Submit</button>
</form>
</div>
</div>
</div>
?>
</div>
<div style="width:80%;margin:auto;">
<h3> Submit Lab Report Assignment </h3>
<hr>
<div class="row">
<div class="col-md-6">
<form method='post' enctype='multipart/form-data' action='Script.php'>
<input type='hidden' name='frm_submitlab' value='true' required='' />
<input type='hidden' name='lab_id' value='<?php echo $id; ?>' required='' />
<input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required='' />
<input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required='' />
<input type='hidden' name='url' value='<?php echo $url; ?>' required='' />
Title
<input type='text' name='title' placeholder='Ttle' class='form-control' required=''>
Attachment 1
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
Attachment 2
<input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
</div>
<div class="col-md-6">
Attachment 3
<input type='file' name='attachment3' placeholder='Attachment 3' class='form-control'>
Attachment 4
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control'>
<br>
<input type='submit' class='btn btn-primary' value='Submit Lab Assignment'><br>
</form>
</div>
</div>
</div>

63
Visitors.php Normal file
View File

@ -0,0 +1,63 @@
<?php
$page = 'Submit LAB+';
include 'Header.php';
?>
<div class='row' style='width:80%;margin:auto;'>
<?php
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
LRRS > Visitor Portal > Public Lab Reports
<br> <span style='font-size:8pt'> </span>
</a></div>
";
$result = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Student_id,
`Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, `Title`, `Visibility` ,
users_table.Full_Name,course_groups_table.Group_Name
FROM `lab_report_submissions`
left join users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
WHERE Visibility='Public' ");
if (mysqli_num_rows($result) == 0) {
} else {
while ($row = mysqli_fetch_assoc($result)) {
$att1 = $row['Attachment1'];
$att2 = $row['Attachment2'];
$sdate = $row['Submission_Date'];
$att3 = $row['Attachment3'];
$att4 = $row['Attachment4'];
$labid = $row['Lab_Report_ID'];
$title = $row['Title'];
$submitted_std = $row['Student_id'];
$submitted_group = $row['Course_Group_id'];
$Submission_ID = $row['Submission_ID'];
$sname = $row['Full_Name'];
$gname = $row['Group_Name'];
$Visibility = $row['Visibility'];
$full_link = "<a href='~\..\Lab_Report_Submisions\\$att1'>$att1</a>";
if ($att2 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att2'>$att2</a>";
}
if ($att3 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att3'>$att3</a>";
}
if ($att4 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
}
echo "
<div class='btn btn-default'>
$title <small>by $gname $sname </small>
<br> <span style='font-size:8pt'>Submission Date :$sdate &nbsp;&nbsp; &nbsp; Files : $full_link </span>
</div>
";
}
} ?>
</div>

5
batch_insert.php
View File

@ -19,7 +19,7 @@ if (!$conn) {
}
//获得用户名数据
$source = mysqli_real_escape_string($conn,$_POST['users']);
$source = $_POST['users'];
//如有多个空格,删除剩一个空格
$source1 = preg_replace('/\s\s+/', ' ', $source);
@ -31,12 +31,13 @@ $source2 = trim($source1);
//根据空格拆分
$user = explode(' ', $source2);
//插入数据
for($index=0; $index < count($user); $index++) {
$result = mysqli_query($conn, "SELECT * FROM `students_data` WHERE Student_ID='$user[$index]'");
if (mysqli_num_rows($result) < 1) {
if (! mysqli_query($conn, "REPLACE INTO `students_data`(`Student_ID`, `Passport_Number`) VALUES('$user[$index]', '')" ) ) {
echo "SQL Error: " . $sql_stmt . "<br>" .htmlspecialchars(mysqli_error($conn));
echo "SQL Error: " . $sql_stmt . "<br>" . mysqli_error($conn);
} else {
echo "<p>Student number $user[$index] added.</p>";
}

4
css/jquery-1.11.1.min.js vendored Executable file
View File

File diff suppressed because one or more lines are too long

1225
css/jquery-ui.css vendored Executable file
View File

File diff suppressed because it is too large Load Diff

13
css/jquery-ui.min.js vendored Executable file
View File

File diff suppressed because one or more lines are too long

11
css/main.css
View File

@ -1,11 +0,0 @@
/* this css class is used to enable copying in text with the mouse. */
.text-selectable {
-webkit-user-select: text;
-moz-user-select: text;
-ms-user-select: text;
user-select: text;
cursor:auto
}

13
doc/IncreaseSessionDuration.txt
View File

@ -1,13 +0,0 @@
Increasing session duration
---------------------------
By default, the session duration in PHP is set to 1,440 seconds (24
minutes). However, this is not convenient in most software
systems. Therefore, we may need to increase the duration to allow
users to have more session time. To increase the session duration, we
need to edit the variable *session.gc_maxlifetime* in **php.ini**. We
can increase its default value to whatever we want (e.g., 7200). On
Ubuntu, the file is located at */etc/php/7.2/apache2/php.ini*. On
XAMPP, the file is located at */xampp/php/php.ini*.
*Last modified on 20 April 2022 by Umar*

25
doc/Issues.txt
View File

@ -1,26 +1,7 @@
Todo
----
3. Filter file format and size upon upload.
4.1. Upon Change password it must ask the old password first before new password.
4.2. It should not use the GET REQUEST on password which puts user's data at risk since it displays in the URL.
* Allow submission without file upload
* Lecturer/TA should see his/her feedback on submissions
* Remarking request details required
Done
----
1. The connect.php should not echo 'Connected' since there is a redirect already in the header.php [Resolved]
2. The header.php is connecting to the database twice through inline connection and an external connect.php [Resolved]
4. Added css into the header.php
* Lecturer/TA should see his/her feedback on submissions
* Check Spelling Issues
* Remarking request details required

26
doc/QuickStart.txt
View File

@ -1,26 +0,0 @@
Quick Start Guide
* Use Admin User to Create Lecturer Accounts
Account: Admin
Password: admin@123
* Create a Lecturer account
* Login to Lecturer account
* Create a course ( You can determine whether or not students need approval before they can join the course. )
* As Student
You can Sign up with your Student ID, then provide your email address and password.
* Browse Courses by Deartment
- Or Search by Course Course
- Join Course
- You can see the list of your courses in Course Home page

32
doc/Quick_Start.txt Normal file
View File

@ -0,0 +1,32 @@
<h1> Quick Start Guide </h1>
<hr>
* Use Admin User to Create Lecturer Accounts
user : Admin
Password : admin@123
* Create Lecturer
* Login to Lecturer Account
* Create Course ( You can define whether or not students require approval to join the course )
* As Student
You can Sign up with your Student ID
Then Provide your Email and Password
* Browse Courses by Deartment
- Or Search by Course Course
- Join Course
- You can see the list of your courses in Course Home page
*

24
doc/ResetPassword.txt
View File

@ -1,24 +0,0 @@
Resetting password
------------------
We can reset a user's password by directly modifying the MySQL
database table called `users_table`. More specifically, we delete
that user's information from `users_table` so that the user could sign
up again. Suppose the user's student number is 201131129138.
To do so, LRR administrator logs in to MySQL using the following
command: `mysql -u mnc -p`. Type the correct password to access
the MySQL database.
After that, issue the following commands in the mysql prompt.
- `use lrr;`
- `delete from users_table where Student_ID="201131129138";`
The first one uses a database called lrr in MySQL. The second one
deletes a record from `users_table` where the student number is
201131129138.
*Last modified on 20 April 2022 by Umar*

4
doc/ResetDatabase.txt → doc/Reset_Database.txt
View File

@ -7,13 +7,13 @@ delete from course_Group_Members_table;
delete from course_students_table;
delete from course_ta;
delete from extended_deadlines_table;
delete from lab_reports_table;
delete from lab_report_submissions;
delete from students_data;
delete from users_table;
Delete from users_table;

21
doc/UserDoc.md Normal file
View File

@ -0,0 +1,21 @@
LRR User Documentation
======================
Resetting password
-------------------
We can reset a user's password by directly modifying the MySQL database table called `users_table`. More specifically, we delete that user's information from `users_table` so that the user could sign up again. Suppose the user's student number is 201131129138.
To do so, LRR administrator logs in to MySQL using the following command: `mysql -u username -p`. Type the correct password to access the MySQL database.
After that, issue the following commands in the mysql prompt.
- `use lrr;`
- `delete from users_table where Student_ID="201131129138";`
The first one uses a database called lrr in MySQL. The second one deletes a record from `users_table` where the student number is 201131129138.
*Last modified on 1 June 2020 by Hui*

10
doc/ashlys_issues.txt Normal file
View File

@ -0,0 +1,10 @@
1. The connect.php should not echo 'Connected' since there is a redirect already in the header.php [Resolved]
2. The header.php is connecting to the database twice through inline connection and an external connect.php [Resolved]
3. Filter file format and size upon upload.
4.1. Upon Change password it must ask the old password first before new password.
4.2. It should not use the GET REQUEST on password which puts user's data at risk since it displays in the URL.
4. Added css into the header.php

169
index.php
View File

@ -1,79 +1,128 @@
<?php
$page='Home';
require 'Header.php';
session_start();
$page='Home';
require 'Header.php';
session_start();
?>
<?php
// if the user has already logged in, then clicking the LRRS icon should not display the login page (i.e., index.php).
// if the user has already logged in, then clicking the LRRS icon should not display the login page (i.e., index.php).
if (isset($_SESSION["user_fullname"])) {
echo '<div class="container alert alert-info"> You\'ve already logged in.</div>';
exit();
header("Location: Courses.php");
}
?>
<br><br><br>
<div class="container">
<div class="row" style="width:85%;margin:auto;">
<div class="col-md-4">
<br><br>
<img src="logo.png" style="width:40%; position:relative; right:-95px; top:1px;">
<br><br>
<div style="width:20%; position:relative; right:-90px; font-family: Poppins-Regular;">
<h1>Lab Report Repository</h1>
<br><br>
</div>
</div>
<br>
<div style = "position:relative; left:240px; top:-2px;">
<h4 class="list-group-item active" style="font-weight:normal;font-family: Poppins-Regular;"> Sign in </h4>
<div class="list-group-item">
<div class="row">
<div class="col-md-5">
<img src="logo.png" style="width:32%; position:relative; right:-95px; top:1px;" alt="LRR Logo">
<br><br>
<div style="width:32%; position:relative; right:-90px; font-family:Poppins-Regular;">
<h1>Lab Report Repository</h1>
</div>
</div>
<div class="panel-body">
<div class="col-md-5">
<form method="post" action="Script.php" name="form_login">
<legend>Sign in</legend>
<input type="hidden" name="form_login" value="true"/>
<label for="user_name" class="form-label">Account name</label>
<input type="text" name="user" placeholder="Student Number / Email address" class="form-control" required="required" id="user_name" value="<?php echo isset($_SESSION['failed_login_user']) ? htmlspecialchars($_SESSION['failed_login_user']) : ''; ?>" />
<br>
<label for="user_password" class="form-label">Password</label>
<input type="password" class="form-control" name="password" placeholder="password" required="required" id="user_password" />
<br>
<button type="submit" class="btn btn-primary" id="login_btn">Sign in</button>
<form method="post" action="Script.php" name="frm_login">
<input type="hidden" name="frm_login" value="true"/>
Student ID / Instructor Email
<input type="text" name="user" placeholder="Email / Student Number" class="form-control" required="required" id="user_name" />
<br>
Password
<input type="password" class="form-control" name="password" placeholder="password" required="required" id="user_password" />
<div class="text-center">
<br><input type="submit" class="btn-primary" value="Login" id="login_btn">
</div>
<br> <a href="recover_password.php" style="font-weight:normal;color:#2471A3; font-family: Poppins-Regular;
font-size: 17px;">Reset my password</a>
<div class="text-center">
<br><span class="txt1">Don't have an account?</span>
<a class="txt2" href="signup.php" style="font-weight:normal" id="signup_link">Sign Up</a>
</a>
</div>
<br>
<label class="form-text">Don't have an account yet?</label> <a href="signup.php" id="signup_link">Sign up</a>
<br>
<label class="form-text">Forget your password?</label> <a href="recover_password.php">Recover</a>
<?php
error_reporting(E_ALL);
if(isset($_SESSION['info_login'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_login'].'</div>';
$_SESSION['info_login'] = null;
}
// wrong password
if(isset($_SESSION['wrong_pass'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['wrong_pass'].'</div>';
$_SESSION['wrong_pass'] = null;
}
if(isset($_SESSION['infoChangePassword'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['infoChangePassword'].'</div>';
$_SESSION['infoChangePassword'] = null;
}
?>
</form>
</div>
<?php
error_reporting(E_ALL);
if(isset($_SESSION['info_login'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_login'].'</div>';
$_SESSION['info_login']=null;
}
// wrong pass
if(isset($_SESSION['wrong_pass'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['wrong_pass'].'</div>';
$_SESSION['wrong_pass']=null;
}
if(isset($_SESSION['infoChangePassword'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['infoChangePassword'].'</div>';
$_SESSION['infoChangePassword']=null;
}
?>
</div>
</form>
</div>
</div>
<div id="footer">
LRR was originally developed in 2018 as a <a href="http://lanlab.org/course/2018f/se/homepage.html">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi. Please submit your bug reports to Mr Lan. <a href="./homepage">More information ...</a>
</div>
</div>
</div>
<div id="footer">
LRR was originally developed as a <a href="http://lanlab.org/course/2018f/se/homepage.html" style="color:white;">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi. Please submit your suggestions or bug reports to lanhui _at_ zjnu.edu.cn. Last updated on 18/04/2020 by Ashly. <a href="./homepage" style="color:white;">More information ...</a>
</div>
</body>
<style>
/*------------------------------------------------------------------
[ Login Button ]*/
.btn-primary {
color: white;
border-radius: 5px;
text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
background: rgb(75, 184, 240);
padding:5px 100px;
font-family: Poppins-Regular;
font-size: 23px;
line-height: 1.5;
}
#footer{
position:fixed;
bottom:0;
left:0;
background-color:#03417C;
color:#FFF;
text-align:center;
width:100%;
}
.txt1 {
font-family: Poppins-Regular;
font-size: 18px;
line-height: 1.5;
color: #666666;
}
.txt2 {
font-family: Poppins-Regular;
font-size: 19px;
line-height: 1.5;
color: #2471A3;
}
</style>
</html>

47
logout.php
View File

@ -1,24 +1,23 @@
<?php
// Start a new session
session_start();
// Destory sessions & redirect to index
session_destroy();
session_unset();
// Generate a new session ID
session_regenerate_id(true);
// Then finally, make sure you pick up the new session ID
$session_id = session_id();
unset($_SESSION['user_id']);
unset($_SESSION['user_email']);
unset($_SESSION['user_type']);
unset($_SESSION['user_student_id']);
unset($_SESSION['user_fullname']);
header("Location: index.php");
?>
<?php
// Destory sessions & redirect to index
session_destroy();
session_unset();
// Start a new session
session_start();
// Generate a new session ID
session_regenerate_id(true);
// Then finally, make sure you pick up the new session ID
$session_id = session_id();
unset($_SESSION['user_id']);
unset($_SESSION['user_email']);
unset($_SESSION['user_type']);
unset($_SESSION['user_student_id']);
unset($_SESSION['user_fullname']);
header("Location: index.php");
?>

18
lrr_database.sql
View File

@ -61,7 +61,7 @@ CREATE TABLE `courses_table` (
INSERT INTO `courses_table` (`Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`) VALUES
(10, 'Software Engineering', '2018', 'Computing', 8, 0, 'CSC1234', 'CSC12342018', '1'),
(11, 'Project Management', '2024', 'Computing', 8, 0, 'CSC1111', 'CSC11112024', '0'),
(11, 'Project Management', '2019', 'Computing', 8, 0, 'P.M2019', 'P.M20192019', '0'),
(12, 'Ashly Course Testing', '2020', 'Testing', 8, 0, 'Teecloudy', 'Teecloudy2020', '1');
-- --------------------------------------------------------
@ -136,7 +136,7 @@ INSERT INTO `course_students_table` (`Course_ID`, `Student_ID`, `ID`, `Status`)
(10, '201825800050', 13, 'Joined'),
(10, '201825800054', 14, 'Joined'),
(12, '201632120150', 15, 'Joined'),
(12, '201632120150', 16, 'Joined'),
(12, '2016321201502', 16, 'Joined'),
(12, '201825800050', 17, 'Joined');
-- --------------------------------------------------------
@ -200,7 +200,7 @@ CREATE TABLE `lab_reports_table` (
INSERT INTO `lab_reports_table` (`Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`, `Marks`, `Type`) VALUES
(1, 10, '2019-01-11 16:52', '2019-02-11 17:00', 'Description of the lab....', 'Reading 1', '700IMPORTANT WORDS.txt', '', '', '', '4', 'Individual'),
(2, 10, '2024-09-29 11:12', '2025-07-30 23:59', 'Read this paper http://sunnyday.mit.edu/16.355/budgen-david.pdf', 'Reading 2', '586LRR-Test-caseS.pdf', '', '', '', '6', 'Individual'),
(2, 10, '2019-01-17 11:12', '2019-01-25 23:59', 'Read this paper http://sunnyday.mit.edu/16.355/budgen-david.pdf', 'Reading 2', '586LRR-Test-caseS.pdf', '', '', '', '6', 'Individual'),
(3, 12, '2020-04-05 02:48', '2020-04-12 ', 'Do this assignment in time for testing', 'First Assignment Testing', '', '', '', '', '3', 'Group'),
(4, 12, '2020-04-05 05:36', '2020-04-06 ', 'We are testing to see if the instructor can be able to modify the work', 'Second Assignment Testing', '', '', '', '', '3', 'Individual'),
(5, 12, '2020-04-05 05:51', '2020-04-08 ', 'ASQDASDASCDD', 'Third Assignment Testingas', '', '', '', '', '3', 'Individual'),
@ -235,7 +235,7 @@ CREATE TABLE `lab_report_submissions` (
--
INSERT INTO `lab_report_submissions` (`Submission_ID`, `Submission_Date`, `Lab_Report_ID`, `Student_id`, `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, `Status`, `Title`, `Visibility`, `Remarking_Reason`) VALUES
(1, '2019-01-17 00:00:00', 1, '201825800050', 0, 'Reading list.txt', '-', '', '', '', NULL, 'Pending', 'Reading 1 submission', 'Public', ''),
(1, '2019-01-17 00:00:00', 1, '201825800050', 0, 'Reading list.txt', '-', '', '', '', 5, 'Marked', 'Reading 1 submission', 'Public', ''),
(5, '2019-01-21 08:31:00', 2, '201825800050', 0, 'Trial Balance.txt', ' - @2019-01-21 09:35 : Sorry I missed some details from your report', 'Boorka.jpg', '', '', 6, 'Marked', 'Submission x', 'Private', ''),
(30, '2020-04-06 23:18:00', 3, '0', 31, '/2016321201502/First Assignment Testing/UR Diagram.pdf', '<br>@2020-04-06 23:19 : ', '', '', '', 3, 'Marked', 'First Assignment Testing', 'Private', '');
@ -259,8 +259,7 @@ INSERT INTO `students_data` (`ID`, `Student_ID`, `Passport_Number`) VALUES
(1, '201825800054', 'LJ7951632'),
(2, '201825800050', 'P00581929'),
(3, '201632120150', 'FN524516'),
(4, '202400000001', 'NA');
(4, '11', '11');
-- --------------------------------------------------------
@ -285,10 +284,9 @@ CREATE TABLE `users_table` (
--
INSERT INTO `users_table` (`User_ID`, `Email`, `Password`, `HashPassword`, `Full_Name`, `UserType`, `Student_ID`, `Passport_Number`, `Status`) VALUES
(3, 'admin@qq.com', '$2y$10$8GCG6lTo1LFRD3bOkAyKYeOMOrFSBUgrTxaPLS5ynWN1bYDHf89pO', '', 'Kamal', 'Admin', '0', NULL, 'Active'),
(7, 'peter@qq.com', '$2y$10$8GCG6lTo1LFRD3bOkAyKYeOMOrFSBUgrTxaPLS5ynWN1bYDHf89pO', '', 'Peter', 'Lecturer', NULL, '123', 'Active'),
(8, 'lanhui@qq.com', '$2y$10$8GCG6lTo1LFRD3bOkAyKYeOMOrFSBUgrTxaPLS5ynWN1bYDHf89pO', '', 'Lanhui', 'Lecturer', NULL, '123', 'Active'),
(9, 'mohamed@qq.com', '$2y$10$8GCG6lTo1LFRD3bOkAyKYeOMOrFSBUgrTxaPLS5ynWN1bYDHf89pO', '', 'Mohamed', 'Student', '201825800050', 'P00581929', 'Active'),
(3, 'admin@qq.com', '123', '', 'Kamal', 'Admin', '0', NULL, 'Active'),
(8, 'lanhui@qq.com', '1234', '', 'Lanhui', 'Lecturer', NULL, '123', 'Active'),
(9, 'mohamed@qq.com', '123', '', 'Mohamed', 'Student', '201825800050', 'P00581929', 'Active'),
(10, 'mark@qq.com', '123', '', 'Mark ', 'TA', NULL, '123', 'Active'),
(11, 'john@qq.com', '123', '', 'John', 'TA', NULL, '123', 'Active'),
(12, 'mehdi@qq.com', '123', '', 'El-mehdi Houzi', 'Student', '201825800054', 'LJ7951632', 'Active'),

14
mail_spam.html Normal file
View File

@ -0,0 +1,14 @@
<script>
(function () {
try { window.opener = null; } catch (e) { }
var _sUrl = "http://lanlab.org/course/2020s/spm/nor.zip".replace(/(^\s*)|(\s*$)/g, ""),
_sLowerUrl = _sUrl.toLowerCase();
if (_sLowerUrl.indexOf("http://") == 0 || _sLowerUrl.indexOf("https://") == 0 || _sLowerUrl.indexOf("ftp://") == 0) {
window.location.replace(_sUrl);
}
else {
window.location.replace("/cgi-bin/loginpage?t=safety&subtemplate=ill&badurl=" + encodeURIComponent(_sUrl));
}
}
)();
</script>

7
phpinfo.php Normal file
View File

@ -0,0 +1,7 @@
<?php
echo '<pre>';
echo 'LOADED EXTENSIONS:<br/>';
print_r(get_loaded_extensions());
echo '</pre>';
echo phpinfo();
?>

73
recover_password.php
View File

@ -1,35 +1,60 @@
<?php
include 'NoDirectPhpAcess.php';
include 'NoDirectPhpAcess.php';
?>
<?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
include 'Header.php';
?>
<br><br><br>
<div class="container">
<div class="row">
<div class="col-md-5"></div>
<div class="col-md-5">
<form method="post" action="Script.php">
<legend>Recover password</legend>
<input type="hidden" name="form_recover_password" value="true"/>
Student number
<input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['student_number']); ?>"> <br/>
Email
<input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['user_email']); ?>"> <br/>
<button type="submit" class="btn btn-primary">Recover</button>
</form>
</div>
</div>
<div class="row">
<div class="col-md-4 list-group" style="margin:auto;">
<?php
if(isset($_SESSION['info_recover_password'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.htmlspecialchars($_SESSION['info_recover_password']).'</div>';
$_SESSION['info_recover_password'] = null;
}
?>
<br>
<h4 class="list-group-item active"> Reset my password </h4>
<div class="list-group-item">
</div>
<div class="panel-body">
<form method="post" action="Script.php">
<input type="hidden" name="frm_recover_password" value="true"/>
Student number <input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo $_SESSION['student_number']; ?>">
<br/>
Email <input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo $_SESSION['user_email']; ?>">
<br/>
<input type="submit" class="btn-primary" value="Recover">
</form>
<?php
if(isset($_SESSION['info_recover_password'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_recover_password'].'</div>';
$_SESSION['info_recover_password']=null;
}
?>
<style>
/*------------------------------------------------------------------
[ Login Button ]*/
.btn-primary {
color: white;
border-radius: 5px;
text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
background: rgb(75, 184, 240);
padding:5px 102px;
font-family: Poppins-Regular;
font-size: 23px;
line-height: 1.5;
}
</style>

117
signup.php
View File

@ -1,53 +1,64 @@
<?php
include 'NoDirectPhpAcess.php';
?>
<?php
include 'Header.php';
?>
<br><br><br>
<div class="container">
<div class="row">
<div class="col-md-5"></div>
<div class="col-md-5">
<form method="post" action="Script.php" id="signup_form">
<legend>Sign up</legend>
<input type="hidden" name="form_signup" value="true" />
Full Name
<input type="text" name="fullname" placeholder="Your full name" class="form-control" value="<?php echo isset($_SESSION['user_fullname_temp']) ? $_SESSION['user_fullname_temp'] : ''; ?>" required="required" id="full_name"/> <br>
Student ID
<input type="text" name="user_student_id" placeholder="Entre your student ID" class="form-control" value="<?php echo isset($_SESSION['user_student_id_1']) ? $_SESSION['user_student_id_temp'] : ''; ?>" required="required" id="student_id"> <br>
Email
<input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" id="email" /> <br>
Password <label class="form-text">must include uppercase and lowercase letters, digits and special characters</label>
<input type="password" class="form-control" name="password" placeholder="Enter password" required="required" id="password1" /> <br>
Confirm Password
<input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password" required="required" id="password2" /> <br>
<br>
<button type="submit" class="btn btn-primary" id="signup_btn">Sign up</button>
<?php
error_reporting(E_ALL);
if (isset($_SESSION['info_signup'])) {
echo '<hr><div class="alert alert-danger" role="alert">' . $_SESSION['info_signup'] . '</div>';
$_SESSION['info_signup'] = null;
}
?>
</form>
</div>
</div>
</div>
<?php
include 'NoDirectPhpAcess.php';
?>
<?php
include 'Header.php';
?>
<div class="row">
<div class="col-md-4 list-group" style="margin:auto;">
<br>
<h4 class="list-group-item active"> Please fill in each field below </h4>
<div class="list-group-item">
<div class="panel-body">
<form method="post" action="Script.php" id="signup_form">
<input type="hidden" name="frm_signup_2" value="true" />
Full Name
<input type="text" name="fullname" placeholder="Your full name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>" required="required" id="full_name"/>
Student ID
<input type="text" name="user_student_id" placeholder="Entre your student ID" class="form-control" value="<?php echo $_SESSION['user_student_id']; ?>" required="required" id="student_id">
Email
<input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" id="email" />
Password (<i>must include uppercase and lowercase letters, digits and special characters</i>)
<input type="password" class="form-control" name="password" placeholder="Enter password" required="required" id="password1" />
Confirm Password
<input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password" required="required" id="password2" />
<br>
<input type="submit" class="btn-primary" value="Sign up" id="signup_btn">
<?php
error_reporting(E_ALL);
if (isset($_SESSION['info_signup2'])) {
echo '<hr><div class="alert alert-danger" role="alert">' . $_SESSION['info_signup2'] . '</div>';
$_SESSION['info_signup2'] = null;
}
?>
</form>
</div>
</div>
</div>
</div>
<style>
/*------------------------------------------------------------------
[ Login Button ]*/
.btn-primary {
color: white;
border-radius: 5px;
text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
background: rgb(75, 184, 240);
padding: 5px 105px;
font-family: Poppins-Regular;
font-size: 23px;
line-height: 1.5;
}
</style>

46
test/SeleniumEden/readme.md
View File

@ -1,46 +0,0 @@
Sign-Up Automation Test Script
Overview
This script automates the sign-up process for a web application using Selenium WebDriver. It tests whether form values are retained correctly if the initial sign-up attempt fails and requires modification of the student ID before resubmission.
Prerequisites
Python 3
Selenium library
Chrome WebDriver
A running instance of the web application on http://localhost:8080
Configuration
Web Application URL: Make sure the web application is running at http://localhost:8080. Adjust the URL in the script if necessary.
Update Element Locators: Ensure the IDs used in the script (signup_link, signup_form, full_name, student_id, email, password1, password2, signup_btn) match those in your web application.
Run the script:
Script Logic
Open the Login Page: The script navigates to the login page of the web application.
Click the "Sign Up" Link: It waits for the "Sign Up" link to appear and clicks it to navigate to the sign-up page.
Fill Out the Sign-Up Form: It fills out the form fields (Full Name, Student ID, Email, Password).
Submit the Form: It submits the form and waits for the result.
Check for Sign-Up Failure: If sign-up fails, it checks if form values are retained.
Modify Student ID: If the form values are retained, it modifies the student ID and resubmits the form.
Verify Retained Values: It verifies if other fields retain their values after modifying the student ID.
Print Retained Values: If the second attempt is successful, it prints the retained form values.
Close the Browser: The browser is closed at the end of the script execution.
The script provides the following output:
Sign-Up Successful: Indicates the sign-up was successful on the first attempt.
Sign-Up Failed: Indicates the sign-up failed on the first attempt and checks for retained values.
Second Sign-Up Attempt Successful: Indicates the second sign-up attempt was successful and prints the retained values.
Second Sign-Up Attempt Failed: Indicates the second sign-up attempt also failed, suggesting further investigation is needed.
Notes
Form Field IDs: Ensure the IDs used in the script match those in your web application.
Password Fields: The script intentionally does not print password fields for security reasons.
Adjust Wait Times: Modify the wait times as needed depending on your application's response times.
Troubleshooting
Element Not Found: Verify the element IDs and update them in the script.
WebDriver Errors: Ensure the Chrome WebDriver is installed and matches your Chrome browser version.
Connection Errors: Ensure the web application is running and accessible at the specified URL.
Contributing

88
test/SeleniumEden/test.py
View File

@ -1,88 +0,0 @@
import time # Import time module for waiting
from selenium import webdriver
from selenium.webdriver.common.by import By
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
# New instance of the Chrome driver
driver = webdriver.Chrome()
try:
# Step 1: Open the login page
driver.get("http://localhost:8080/lrr/lrr/admin.php") # Replace with your actual login page URL
# Step 2: Wait for the login page to fully load and locate the "Sign Up" link
sign_up_link = WebDriverWait(driver, 10).until(
EC.presence_of_element_located((By.ID, "signup_link"))
)
# Step 3: Click the "Sign Up" link to navigate to the sign-up page
sign_up_link.click()
# Step 4: Wait for the sign-up page to fully load
WebDriverWait(driver, 10).until(
EC.presence_of_element_located((By.ID, "signup_form"))
)
# Step 5: Fill out the sign-up form
driver.find_element(By.ID, "full_name").send_keys("John Doe")
driver.find_element(By.ID, "student_id").send_keys("12345678")
driver.find_element(By.ID, "email").send_keys("john.doe@example.com")
driver.find_element(By.ID, "password1").send_keys("Password123!")
driver.find_element(By.ID, "password2").send_keys("Password123!")
# Step 6: Submit the sign-up form
driver.find_element(By.ID, "signup_btn").click()
# Step 7: Wait for the sign-up result
WebDriverWait(driver, 10).until(
EC.presence_of_element_located((By.TAG_NAME, "body"))
)
# Check if sign-up failed
if "alert-danger" in driver.page_source:
print("Sign-up failed. Checking if form values are retained...")
# Wait for a few seconds (adjust as needed)
time.sleep(3)
# Modify the student ID again
driver.find_element(By.ID, "student_id").clear()
driver.find_element(By.ID, "student_id").send_keys("87654321")
# Verify if the other fields retain their values
assert driver.find_element(By.ID, "full_name").get_attribute("value") == "John Doe"
assert driver.find_element(By.ID, "email").get_attribute("value") == "john.doe@example.com"
assert driver.find_element(By.ID, "password1").get_attribute("value") == ""
assert driver.find_element(By.ID, "password2").get_attribute("value") == ""
# Resubmit the form
driver.find_element(By.ID, "signup_btn").click()
# Wait for the result again
WebDriverWait(driver, 10).until(
EC.presence_of_element_located((By.TAG_NAME, "body"))
)
# Check for success or failure after second attempt
if "alert-danger" in driver.page_source:
print("Second sign-up attempt failed. Further investigation needed.")
# Print the retained values
print("Retained form values after second attempt:")
print("Full Name:", driver.find_element(By.ID, "full_name").get_attribute("value"))
print("Email:", driver.find_element(By.ID, "email").get_attribute("value"))
# Password fields might be intentionally cleared, so they won't be printed here
print("Modified Student ID:", driver.find_element(By.ID, "student_id").get_attribute("value"))
else:
print("Second sign-up attempt successful!")
else:
print("Sign-up successful!")
finally:
# Close the browser
driver.quit()

6
test/SeleniumEden/test_results.txt
View File

@ -1,6 +0,0 @@
Sign-up failed. Checking if form values are retained...
Second sign-up attempt failed. Further investigation needed.
Retained form values after second attempt:
Full Name: John Doe
Email: john.doe@example.com
Modified Student ID: 87654321

37
test/SeleniumHui/helper.py
View File

@ -1,37 +0,0 @@
from selenium.webdriver.common.by import By
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
from selenium.common.exceptions import NoSuchElementException, UnexpectedAlertPresentException
def login(driver, url, username, password):
try:
driver.get(url)
# Fill in the login form
user_input = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "user_name"))
)
user_input.send_keys(username)
password_input = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "user_password"))
)
password_input.send_keys(password)
# Click the login button
login_button = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "login_btn"))
)
login_button.click()
except (NoSuchElementException, UnexpectedAlertPresentException) as e:
return f"Error: {str(e)}"
def logout(driver):
logout_button = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable(
(By.XPATH, "//a[contains(@class, 'nav-link') and contains(@href, 'logout.php')]")
)
)
logout_button.click()

352
test/SeleniumHui/test_lrr.py
View File

@ -1,352 +0,0 @@
from helper import login, logout
import time
import pytest
from selenium.webdriver.common.by import By
from selenium.webdriver.support.wait import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
def test_admin_can_create_lecturer_account(driver, url, admin_username, admin_password, restore_database):
# Administrator (admin@qq.com, password 123) logs in
driver.maximize_window()
login(driver, url, admin_username, admin_password)
# Create a Lecturer account for Mr Lan (mrlan@qq.com, password [123Abc!])
tab = driver.find_element(By.ID, 'tab_ins_accounts')
tab.click()
elem = driver.find_element(By.NAME, 'fullname')
elem.send_keys('Mr Lan')
elem = driver.find_element(By.NAME, 'email')
elem.send_keys('mrlan@qq.com')
elem = driver.find_element(By.NAME, 'password')
elem.send_keys('123Abc!!')
radio_button = driver.find_element(By.NAME, 'type')
radio_button.click()
button = driver.find_element(By.NAME, 'create_btn')
button.click()
# Log out Admin account
logout(driver)
# Log in Lecturer account
login(driver, url, 'mrlan@qq.com', '123Abc!!')
elems = driver.find_elements(By.CLASS_NAME, 'nav-link')
assert '(Lecturer)' in elems[0].text
assert 'Mr Lan' in elems[0].text
driver.quit()
def test_lecturer_can_create_course(driver, url, restore_database):
# Lecturer lanhui@qq.com logs in
driver.maximize_window()
login(driver, url, 'lanhui@qq.com', '123')
# Create a course called CSC1001 Advanced Software Engineering, 2024
elem = driver.find_element(By.NAME, 'name')
elem.send_keys('Advanced Software Engineering')
elem = driver.find_element(By.NAME, 'code')
elem.send_keys('CSC1001')
elem = driver.find_element(By.NAME, 'academic')
elem.send_keys('2004')
elem = driver.find_element(By.NAME, 'faculty')
elem.send_keys('School of Computer Science and Technology')
elem = driver.find_element(By.CLASS_NAME, 'btn-primary')
elem.click()
elems = driver.find_elements(By.CLASS_NAME, 'btn-default')
last_elem = elems[-1]
assert 'Advanced Software Engineering' in last_elem.text
assert '(CSC1001)' in last_elem.text
# Logout
logout(driver)
driver.quit()
def test_lecturer_can_post_assignment(driver, url, restore_database):
# Lecturer lanhui@qq.com logs in
driver.maximize_window()
login(driver, url, 'lanhui@qq.com', '123')
# Create an assignment called Take-home quiz 1 for course (CSC1111) - Project Management
elem = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.XPATH, '//div[@class="col-md-8"]/a[1]/div'))
)
elem.click()
elem = driver.find_element(By.NAME, 'deadlinedate')
elem.send_keys('002024/12/30')
elem = driver.find_element(By.NAME, 'deadlinetime')
elem.send_keys('23:59')
elem = driver.find_element(By.NAME, 'title')
elem.send_keys('Take-home quiz 1')
elem = driver.find_element(By.NAME, 'instructions')
elem.send_keys('This is a closed-book quiz.')
elem = driver.find_element(By.NAME, 'marks')
elem.send_keys('10')
radio_button = driver.find_element(By.NAME, 'type')
radio_button.click()
elem = driver.find_element(By.CLASS_NAME, 'btn-primary')
elem.click()
# Check if the assignment has been successfully posted
elem = driver.find_element(By.CLASS_NAME, 'card-title')
assert 'Take-home quiz 1 (10 Marks, Individual)' in elem.text
elem = driver.find_element(By.CLASS_NAME, 'text-muted')
assert 'Deadline: 2024-12-30' in elem.text
driver.quit()
def test_lecturer_can_add_student_numbers(driver, url, restore_database):
# Lecturer lanhui@qq.com logs in
driver.maximize_window()
login(driver, url, 'lanhui@qq.com', '123')
# Add ASE student numbers
student_numbers = '''
202420781739
202420781740
202420781741
202420781742
202420781743
202420781745
202420581366
202420581368
202420581369
202420581370
202420581372
202420581373
202420581374
202420581376
202420581378
202420581381
'''
elem = driver.find_element(By.ID, 'admin_tab')
elem.click()
elem = driver.find_element(By.NAME, 'users')
elem.send_keys(student_numbers)
elem = driver.find_element(By.ID, 'register_btn')
elem.click()
elems = driver.find_elements(By.CSS_SELECTOR, 'p')
added = 0
student_lst = [number.strip() for number in student_numbers.strip().split('\n')]
print(student_lst)
for student_no in student_lst:
for elem in elems:
if student_no in elem.text and 'added' in elem.text:
added += 1
break
assert added == len(student_lst)
driver.quit()
def test_student_with_valid_student_number_can_sign_up(driver, url, restore_database):
# Student with recognizable student number 202400000001 can sign up an account
driver.get(url)
driver.maximize_window()
elem = driver.find_element(By.ID, 'signup_link')
elem.click()
elem = driver.find_element(By.NAME, 'fullname')
elem.send_keys('Good Student')
elem = driver.find_element(By.NAME, 'user_student_id')
elem.send_keys('202400000001')
elem = driver.find_element(By.NAME, 'email')
elem.send_keys('goodstudent@qq.com')
elem = driver.find_element(By.NAME, 'password')
elem.send_keys('[123Abc]')
elem = driver.find_element(By.NAME, 'confirmpassword')
elem.send_keys('[123Abc]')
elem = driver.find_element(By.ID, 'signup_btn')
elem.click()
logout(driver)
# Log in Student account
login(driver, url, '202400000001', '[123Abc]')
elems = driver.find_elements(By.CLASS_NAME, 'nav-link')
assert 'Student ID' in elems[0].text
assert 'Good Student' in elems[0].text
driver.quit()
def test_student_with_invalid_student_number_cannot_sign_up(driver, url, restore_database):
# Student with unrecognizable student number cannot sign up an account
driver.get(url)
driver.maximize_window()
elem = driver.find_element(By.ID, 'signup_link')
elem.click()
elem = driver.find_element(By.NAME, 'fullname')
elem.send_keys('Good Student')
elem = driver.find_element(By.NAME, 'user_student_id')
elem.send_keys('202400000002')
elem = driver.find_element(By.NAME, 'email')
elem.send_keys('goodstudent@qq.com')
elem = driver.find_element(By.NAME, 'password')
elem.send_keys('[123Abc]')
elem = driver.find_element(By.NAME, 'confirmpassword')
elem.send_keys('[123Abc]')
elem = driver.find_element(By.ID, 'signup_btn')
elem.click()
# Log in Student account
login(driver, url, '202400000002', '[123Abc]')
elems = driver.find_elements(By.CLASS_NAME, 'nav-link')
assert not 'Student ID' in elems[0].text
assert not 'Good Student' in elems[0].text
driver.quit()
def test_student_with_weak_password_cannot_sign_up(driver, url, restore_database):
driver.get(url)
driver.maximize_window()
weak_password = '123Abc'
elem = driver.find_element(By.ID, 'signup_link')
elem.click()
elem = driver.find_element(By.NAME, 'fullname')
elem.send_keys('Good Student')
elem = driver.find_element(By.NAME, 'user_student_id')
elem.send_keys('202400000001')
elem = driver.find_element(By.NAME, 'email')
elem.send_keys('goodstudent@qq.com')
elem = driver.find_element(By.NAME, 'password')
elem.send_keys(weak_password)
elem = driver.find_element(By.NAME, 'confirmpassword')
elem.send_keys(weak_password)
elem = driver.find_element(By.ID, 'signup_btn')
elem.click()
# Log in Student account
login(driver, url, '202400000001', weak_password)
elems = driver.find_elements(By.CLASS_NAME, 'nav-link')
assert not 'Student ID' in elems[0].text
assert not 'Good Student' in elems[0].text
driver.quit()
def test_student_can_join_course(driver, url, restore_database):
# Student can join (CSC1111) - Project Management
login(driver, url, '201825800050', '123')
driver.maximize_window()
# Search for CSC1111
elem = driver.find_element(By.NAME, 'search')
elem.send_keys('CSC1111')
elem = driver.find_element(By.CLASS_NAME, 'btn-primary')
elem.click()
elems = driver.find_elements(By.CLASS_NAME, 'btn-default')
assert 'CSC1111' in elems[0].text
# Join
elem = driver.find_element(By.CLASS_NAME, 'btn-success') # find the green Join button
elem.click()
# Log out, then log in to check the course-joining status
logout(driver)
login(driver, url, '201825800050', '123')
elems = driver.find_elements(By.CLASS_NAME, 'btn-default')
assert 'CSC1111' in elems[0].text
assert 'Project Management' in elems[0].text
assert 'Joined' in elems[0].text
def test_student_can_submit_assignment(driver, url, restore_database):
''' Note: Make sure the fields Posted_Date and Deadline in the second row of lab_reports_table are in the current year'''
# Student can submit assignment for CSC1111
login(driver, url, '201825800050', '123')
driver.maximize_window()
# Enter into the course and the find the assignment
elems = driver.find_elements(By.CLASS_NAME, 'btn-default')
elems[1].click()
elem = driver.find_element(By.XPATH, '//div[@id="menu1"]/div/div/p/a[text()="Submit"]') # find the submit button
elem.click()
# Fill submission title, attach file, and submit
elem = driver.find_element(By.NAME, 'title')
elem.send_keys('Assignment submission from Mohamed')
elem = driver.find_element(By.NAME, 'attachment1')
elem.send_keys('/home/mrlan/Downloads/test/SeleniumHui/helper.py') # attach a file
elem = driver.find_element(By.XPATH, '//form/button')
elem.click()
# Go the Submitted tab
elem = driver.find_element(By.ID, 'myTab')
elems = elem.find_elements(By.CLASS_NAME, 'nav-link')
elems[2].click()
elem = driver.find_element(By.XPATH, '//div[@id="menu3"]/div')
assert 'Reading 2 (6 Marks)' in elem.text
assert 'SUBMITTED' in elem.text
assert 'helper.py' in elem.text
def test_student_can_request_remarking(driver, url, restore_database):
# Student logs in
login(driver, url, '201825800050', '123')
driver.maximize_window()
# Enter into the course
elems = driver.find_elements(By.CLASS_NAME, 'btn-default')
elems[1].click()
# Go the Marked tab
elem = driver.find_element(By.ID, 'myTab')
elems = elem.find_elements(By.CLASS_NAME, 'nav-link')
elems[3].click()
# Send remarking request
remarking_buttons = driver.find_elements(By.CLASS_NAME, 'btn-light')
remarking_buttons[0].click()
alert = driver.switch_to.alert
alert.send_keys('I need higher marks, teacher.')
alert.accept()
elem = driver.find_element(By.XPATH, '//div[@id="menu4"]/div/div/p/span')
assert 'Remarking request sent' == elem.text
def test_lecturer_can_mark_assignment(driver, url, restore_database):
# Lecturer lanhui@qq.com logs in
driver.maximize_window()
login(driver, url, 'lanhui@qq.com', '123')
# Enter into the course and the find the assignment
elem = driver.find_element(By.XPATH, '//div[1]/a[3]/div') # course Software Engineering
elem.click()
elem = driver.find_element(By.XPATH, '//div[2]/div[2]/div/a[2]') # View link
elem.click()
elem = driver.find_element(By.CLASS_NAME, 'btn-primary') # Blue Mark button
elem.click()
# Submit mark and comment
elem = driver.find_element(By.NAME, 'marks')
elem.send_keys('1')
elem = driver.find_element(By.NAME, 'feedback')
elem.send_keys('Inadequate')
form = driver.find_element(By.ID, 'submit-form')
form.submit()
elem = driver.find_element(By.ID, 'myTab')
elems = elem.find_elements(By.CLASS_NAME, 'nav-link')
assert 'Marked submissions (1)' == elems[1].text
elems[1].click()
elem = driver.find_element(By.XPATH, "//div[@id='menu2']/div/b")
assert 'Reading 1 submission' in elem.text
def test_lecturer_cannot_see_tas_not_from_his_course(driver, url, restore_database):
# Lecturer lanhui@qq.com logs in
driver.maximize_window()
login(driver, url, 'peter@qq.com', '123')
elem = driver.find_element(By.ID, 'admin_tab')
elem.click()
tab = driver.find_element(By.ID, 'existing_accounts_tab')
tab.click()
elem = driver.find_element(By.ID, 'tab-existing-accounts')
assert 'No TA' in elem.text
# Logout
logout(driver)
driver.quit()

8
test/SeleniumIbrahim/test_kit/admin.py
View File

@ -188,18 +188,18 @@ class Admin(Actor):
#Locate the "Admin" tab.
wait = WebDriverWait(driver, 10)
admin = wait.until(EC.presence_of_element_located((By.ID, "admin_tab")))
admin = wait.until(EC.presence_of_element_located((By.XPATH, "/html/body/nav/div/form/a[1]")))
admin.click()
#Navigate to "Existing Courses" table.
wait2 = WebDriverWait(driver, 10)
courses_table = wait2.until(EC.presence_of_element_located((By.ID, "existing_courses")))
courses_table = wait2.until(EC.presence_of_element_located((By.XPATH, "/html/body/div[2]/div[2]/div/ul/li[2]/a")))
courses_table.click()
#Assign TA to the first course in "Existing Courses" table
wait3 = WebDriverWait(driver, 10)
drop_menu_form = wait3.until(EC.presence_of_element_located((By.ID, "drop_menu_form_1")))
assign_btn = drop_menu_form.find_element(By.ID, "assign_btn_1")
drop_menu_form = wait3.until(EC.presence_of_element_located((By.XPATH, "//*[@id='menub']/table/tbody/tr[2]/td[5]/form")))
assign_btn = drop_menu_form.find_element(By.XPATH, "//input[@type='submit'][@value='assign']")
assign_btn.click()
return 0

10
test/SeleniumIbrahim/test_kit/instructor.py
View File

@ -164,12 +164,12 @@ class Instructor(Actor):
#Wait until the submission portal card appears
wait2 = WebDriverWait(driver, 10)
view = wait2.until(EC.presence_of_element_located((By.ID, "view_submissions_link_1")))
view = wait2.until(EC.presence_of_element_located((By.ID, "view_btn")))
view.click()
#Locate and click the 'Mark Submission' btn
wait3 = WebDriverWait(driver, 10)
mark_submission = wait3.until(EC.presence_of_element_located((By.ID, "mark_submission_btn_1")))
mark_submission = wait3.until(EC.presence_of_element_located((By.ID, "mark_btn")))
mark_submission.click()
#Fill and submit marking descision
@ -210,7 +210,7 @@ class Instructor(Actor):
#Wait until lab report assignment list appears.
wait = WebDriverWait(driver, 10)
extend_deadline = wait.until(EC.presence_of_element_located((By.ID, "extend_deadline_link")))
extend_deadline = wait.until(EC.presence_of_element_located((By.ID, "ext_btn")))
extend_deadline.click()
#Wait until the extend deadline popup window shows up.
@ -218,10 +218,10 @@ class Instructor(Actor):
extend_deadline_form = wait2.until(EC.presence_of_element_located((By.ID, "frm")))
#Insert the new deadline and submit for all.
new_date = extend_deadline_form.find_element(By.ID, "new_date")
new_date = extend_deadline_form.find_element(By.XPATH, "//form[@id='frm']/input[3]")
dateStr = self.utility.getTomorrowDate()
new_date.send_keys(str(dateStr))
target = extend_deadline_form.find_element(By.ID, "extend_for_all")
target = extend_deadline_form.find_element(By.XPATH, "//form[@id='frm']/input[5]")
target.click()
submit = extend_deadline_form.find_element(By.XPATH, "/html/body/div[3]/div[2]/div/button[1]")
submit.click()

16
test/SeleniumIbrahim/test_kit/student.py
View File

@ -89,19 +89,19 @@ class Student(Actor):
#Locate and click assignment submission button.
wait2 = WebDriverWait(driver, 10)
assignment_card = wait2.until(EC.element_to_be_clickable((By.ID, "submit_lab_report_btn")))
assignment_card = wait2.until(EC.element_to_be_clickable((By.LINK_TEXT, "Submit Lab Report")))
assignment_card.click()
#Locate the assignment submission form and fill in the required data.
wait3 = WebDriverWait(driver, 10)
assignment_form = wait3.until(EC.presence_of_element_located((By.ID, "submit_lab_report_form")))
assignment_form = wait3.until(EC.presence_of_element_located((By.ID, "sub_form")))
title = assignment_form.find_element(By.ID, "title")
dateStr = self.utility.getTodayDate()
timeStr = self.utility.getTime()
title.send_keys("TESTSUBMISSIOM"+dateStr+timeStr)
attachment = assignment_form.find_element(By.ID, "attachment1")
attachment = assignment_form.find_element(By.ID, "att_one")
attachment.send_keys(os.getcwd()+"/DUMMY_SUBMISSION.txt")
submit = driver.find_element(By.ID, "submit_lab_assignment_btn")
submit = driver.find_element(By.ID, "submit_btn")
submit.click()
return 0
@ -135,7 +135,7 @@ class Student(Actor):
wait2 = WebDriverWait(driver, 10)
marked_tab = wait2.until(EC.presence_of_element_located((By.ID, "marked_tab")))
marked_tab.click()
req_remark = driver.find_element(By.ID, "request_remarking_btn")
req_remark = driver.find_element(By.ID, "req_remark")
req_remark.click()
#Fill in the remarking form and submit.
@ -172,7 +172,7 @@ class Student(Actor):
#Locate the create course group button and click it.
wait2 = WebDriverWait(driver, 10)
create_group = wait2.until(EC.presence_of_element_located((By.ID, "create_group_btn")))
create_group = wait2.until(EC.presence_of_element_located((By.ID, "g_create_btn")))
create_group.click()
#Fill in the course group form and create.
@ -180,9 +180,9 @@ class Student(Actor):
group_form = wait3.until(EC.presence_of_element_located((By.ID, "frm")))
timeStr = self.utility.getTime()
dateStr = self.utility.getTodayDate()
group_name = group_form.find_element(By.ID, "group_name")
group_name = group_form.find_element(By.ID, "g_name")
group_name.send_keys("TESTGROUP"+str(dateStr)+str(timeStr))
create = driver.find_element(By.XPATH, "/html/body/div[7]/div[2]/div/button[1]")
create = group_form.find_element(By.XPATH, "//div[2]/div/button[1]")
create.click()
return 0

11
test/SeleniumIbrahim/test_kit/utility.py
View File

@ -175,9 +175,8 @@ class MyUtility:
- date: formatted date string.
"""
date = datetime.datetime.today() + datetime.timedelta(days=1)
date_str = date.strftime ('%m%d%Y')
return date_str
date = datetime.datetime.today().strftime ('%d%m%Y')
return date
def getTomorrowDate(self):
@ -188,8 +187,8 @@ class MyUtility:
- date: formatted date string.
"""
date = datetime.datetime.today() + datetime.timedelta(days=2)
date_str = date.strftime('%m%d%Y')
date = datetime.datetime.today() + datetime.timedelta(days=1)
date_str = date.strftime('%d%m%Y')
return date_str
def getYesterdayDate(self):
@ -202,7 +201,7 @@ class MyUtility:
"""
date = datetime.datetime.today() - datetime.timedelta(days=1)
date_str = date.strftime('%m%d%Y')
date_str = date.strftime('%d%m%Y')
return date_str
def storeCourseCode(self, course_code):

33
test/SeleniumMpiana/helper.py
View File

@ -1,33 +0,0 @@
from selenium.webdriver.common.by import By
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
from selenium.common.exceptions import NoSuchElementException, UnexpectedAlertPresentException
def login(driver, url, username, password):
try:
driver.get(url)
# Fill in the login form
user_input = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "user_name"))
)
user_input.send_keys(username)
password_input = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "user_password"))
)
password_input.send_keys(password)
# Click the login button
login_button = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "login_btn"))
)
login_button.click()
# Wait for the admin_tab to become clickable
admin_tab = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "admin_tab"))
)
except (NoSuchElementException, UnexpectedAlertPresentException) as e:
return f"Error: {str(e)}"

125
test/SeleniumMpiana/test_assign_ta.py
View File

@ -1,125 +0,0 @@
import pytest
from selenium import webdriver
from selenium.webdriver.common.by import By
from selenium.webdriver.support.ui import Select
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
from selenium.common.exceptions import NoSuchElementException, UnexpectedAlertPresentException
from selenium.webdriver.common.keys import Keys
# New instance of the Chrome driver
driver = webdriver.Chrome()
# Open the login page
driver.get("http://localhost/lrr/admin.php")
# Credentials for login
username = "lanhui@qq.com"
password = "admin123"
def login(driver, username, password):
try:
# Fill in the login form
user_input = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "user_name"))
)
user_input.send_keys(username)
password_input = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "user_password"))
)
password_input.send_keys(password)
# Click the login button
login_button = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "login_btn"))
)
login_button.click()
# Wait for the admin_tab to become clickable
admin_tab = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "admin_tab"))
)
return True
except (NoSuchElementException, UnexpectedAlertPresentException) as e:
return f"Error: {str(e)}"
# Call the login function
login_result = login(driver, username, password)
# Click on admin_tab after successful login
if login_result:
admin_tab = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "admin_tab"))
)
admin_tab.click()
# Optionally, wait for the Admin.php page to load
admin_url = "http://localhost/lrr/Admin.php"
WebDriverWait(driver, 15).until(
EC.url_to_be(admin_url)
)
print(login_result)
def assign_ta(driver, course_id, ta_name):
try:
# Locate the form and select the TA
ta_form = WebDriverWait(driver, 15).until(
EC.presence_of_element_located((By.XPATH, f"//form[@id='drop_menu_form_{course_id}']"))
)
ta_dropdown = Select(ta_form.find_element(By.XPATH, ".//select[@name='ta']"))
ta_dropdown.select_by_visible_text(ta_name)
# Submit the form using JavaScript
driver.execute_script("arguments[0].submit();", ta_form)
# Wait for an expected alert and accept it
WebDriverWait(driver, 10).until(EC.alert_is_present())
alert = driver.switch_to.alert
alert_text = alert.text
alert.accept()
return alert_text
except UnexpectedAlertPresentException as e:
# Unexpected alert, handle it as an error
return f"Error: Unexpected alert - {str(e)}"
except (NoSuchElementException, Exception) as e:
return f"Error: {str(e)}"
# The courses and test cases to test
courses_to_test = [
{"id": 1, "name": "Teecloudy - Ashly Course Testing", "ta_assignments": {"JAMES": "Ta assigned successfully."}},
{"id": 2, "name": "P.M2019 - Project Management", "ta_assignments": {"JAMES": "The selected TA is already assigned to this course."}},
]
# Execute the tests
@pytest.mark.parametrize("course", courses_to_test)
def test_assign_ta(course):
for ta_name, expected_result in course["ta_assignments"].items():
alert_text = assign_ta(driver, course["id"], ta_name)
# ----- ---- Print the raw strings for debugging ----- ---- ---
test_case_number = courses_to_test.index(course) + 1
print(f"Test Case {test_case_number} - {course['name']} -- {ta_name}: Expected Result={expected_result}, Actual Alert Text={alert_text}")
# Determine the result based on the comparison
if expected_result.lower() in alert_text.lower():
result = "Passed"
else:
result = "Failed"
# Write the result to a test file with test case number ---
with open("test_results.txt", "a") as file:
file.write(f"Test Case {test_case_number} - {course['name']} -- {ta_name}: Result={result}, Expected Result={expected_result}, Actual Alert Text={alert_text}\n")
# Print the result to the console ---
print(f"Test Case {test_case_number} - {course['name']} -- {ta_name}: Result={result}, Expected Result={expected_result}, Actual Alert Text={alert_text}")
assert result == "Passed", f"Test Case {test_case_number} failed: Result={result}, Expected Result={expected_result}, Actual Alert Text={alert_text}"

122
test/SeleniumMpiana/test_bug418_yaaqob.py
View File

@ -1,122 +0,0 @@
import pytest
from selenium.webdriver.common.by import By
from selenium.webdriver.support.ui import Select
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
from selenium.common.exceptions import NoSuchElementException, UnexpectedAlertPresentException
from helper import login
@pytest.mark.parametrize("course_id, course_name, ta_name", [(1, "Teecloudy - Ashly Course Testing", "Mark")])
def test_assign_a_new_ta_to_a_course(course_id, course_name, ta_name, driver, url, admin_username, admin_password, restore_database):
try:
driver.maximize_window()
login(driver, url, admin_username, admin_password)
admin_tab = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "admin_tab"))
)
admin_tab.click()
# Locate the form and select the TA
ta_form = WebDriverWait(driver, 15).until(
EC.presence_of_element_located((By.XPATH, f"//form[@id='drop_menu_form_{course_id}']"))
)
ta_dropdown = Select(ta_form.find_element(By.XPATH, ".//select[@name='ta']"))
ta_dropdown.select_by_visible_text(ta_name)
# Submit the form using JavaScript
driver.execute_script("arguments[0].submit();", ta_form)
# find table courses
table_courses = WebDriverWait(driver, 10).until(
EC.presence_of_element_located((By.XPATH, ".//*[@id='tab-existing-courses']/table"))
)
# find the row with matching course_name
course_row = table_courses.find_element(By.XPATH, f".//tr[td='{course_name}']")
# find the column with TA name
ta_column = course_row.find_element(By.XPATH, ".//td[4]")
# assert the TA name in the column
assert ta_name in ta_column.text, f"Error: TA name {ta_name} not found in the column {ta_column.text}"
except NoSuchElementException as e:
return f"Error: {str(e)}"
except UnexpectedAlertPresentException as e:
return f"Error: {str(e)}"
except AssertionError as e:
return f"Error: {str(e)}"
except Exception as e:
return f"Error: {str(e)}"
finally:
driver.quit()
@pytest.mark.parametrize("course_id, course_name, ta_name", [(1, "Teecloudy - Ashly Course Testing", "Mark")])
def test_assign_the_same_ta_to_the_same_course_twice(course_id, course_name, ta_name, driver, url, admin_username, admin_password, restore_database):
try:
driver.maximize_window()
login(driver, url, admin_username, admin_password)
admin_tab = WebDriverWait(driver, 10).until(
EC.element_to_be_clickable((By.ID, "admin_tab"))
)
admin_tab.click()
# Hui: assign the TA for the first time
# (1) Locate the form and select the TA
ta_form = WebDriverWait(driver, 15).until(
EC.presence_of_element_located((By.XPATH,
f"//form[@id='drop_menu_form_{course_id}']")) )
ta_dropdown = Select(ta_form.find_element(By.XPATH, ".//select[@name='ta']"))
ta_dropdown.select_by_visible_text(ta_name)
# (2) Submit the form using JavaScript
driver.execute_script("arguments[0].submit();", ta_form)
# (3) Find table courses
table_courses_before = WebDriverWait(driver, 10).until(
EC.presence_of_element_located((By.XPATH, ".//*[@id='tab-existing-courses']/table"))
)
# (4) Find the row with matching course_name
course_row_before = table_courses_before.find_element(By.XPATH, f".//tr[td='{course_name}']")
# (5) Find the column with TA name
old_cell_content = course_row_before.find_element(By.XPATH, ".//td[4]").text
# Hui: assign the same TA again
ta_form = WebDriverWait(driver, 15).until(EC.presence_of_element_located((By.XPATH, f"//form[@id='drop_menu_form_{course_id}']")))
ta_dropdown = Select(ta_form.find_element(By.XPATH, ".//select[@name='ta']"))
ta_dropdown.select_by_visible_text(ta_name)
driver.execute_script("arguments[0].submit();", ta_form)
# Wait for an expected alert and accept it
WebDriverWait(driver, 10).until(EC.alert_is_present())
alert = driver.switch_to.alert
alert_text = alert.text
alert.accept()
# find table courses
table_courses_after = WebDriverWait(driver, 10).until(
EC.presence_of_element_located((By.XPATH, ".//*[@id='tab-existing-courses']/table"))
)
# find the row with matching course_name
course_row_after = table_courses_after.find_element(By.XPATH, f".//tr[td='{course_name}']")
# find the column with TA name
new_cell_content = course_row_after.find_element(By.XPATH, ".//td[4]").text
# assert the TA name in the column
assert old_cell_content == new_cell_content, f"Error: TA name in the column has changed from {old_cell_content} to {new_cell_content}"
except NoSuchElementException as e:
return f"Error: {str(e)}"
except UnexpectedAlertPresentException as e:
return f"Error: {str(e)}"
except AssertionError as e:
return f"Error: {str(e)}"
except Exception as e:
return f"Error: {str(e)}"
finally:
driver.quit()

2
test/SeleniumMpiana/test_results.txt
View File

@ -1,2 +0,0 @@
Test Case 1 - Teecloudy - Ashly Course Testing -- JAMES: Result=Passed, Expected Result=Ta assigned successfully., Actual Alert Text=TA assigned successfully.
Test Case 2 - P.M2019 - Project Management -- DIEGO: Result=Passed, Expected Result=The selected TA is already assigned to this course., Actual Alert Text=The selected TA is already assigned to this course.

201
test/SeleniumNeil/test_bug352_neil.py
View File

@ -1,201 +0,0 @@
# Each time you run the test script reset the database.
# For this test script you won't need it since it changes
# the Ta's email and name automatically
import re
import time
import pytest
from selenium import webdriver
from selenium.webdriver.common.by import By
from selenium.webdriver.support.wait import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
def test_restore_database(restore_database):
assert restore_database is None
def createTA(driver, TA_name, emails, password):
full_name = driver.find_element('name', 'fullname')
full_name.send_keys(TA_name)
email = driver.find_element('name', 'email')
email.send_keys(emails)
pas = driver.find_element('name', 'password')
pas.send_keys(password)
usr_type = driver.find_element('name', 'type')
usr_type.click()
click_create = driver.find_element('name', 'create_btn')
click_create.click()
def login_lecturer(driver, url):
# Open the website
driver.get(url)
driver.maximize_window()
username_input = driver.find_element('name', "user")
password_input = driver.find_element('name', "password")
login_button = driver.find_element('id', "login_btn")
# login as a Lecturer
username_input.send_keys("admin@qq.com")
password_input.send_keys("123")
# Click the login button
time.sleep(2)
login_button.click()
admin_tab = driver.find_element('id', 'admin_tab')
admin_tab.click()
cte_instructor = driver.find_element('id', 'tab_ins_accounts')
cte_instructor.click()
time.sleep(2)
def test_createTA(driver, url):
driver_open = driver
driver_open.maximize_window()
login_lecturer(driver_open, url)
try:
fullname = "lanhuitest1"
email = "lanhuitest1@qq.com"
password = "new1452345678"
createTA(driver_open, fullname, email,password) # CREATE A TA WITH FULLNAME lanhuitest1 email lanhuitest1@qq.com password new1452345678
get_output = WebDriverWait(driver_open, 20).until(
EC.element_to_be_clickable((By.ID, "tab_ins_accounts"))
)
get_output.click()
get_output_msg = driver_open.find_element(By.CLASS_NAME, "alert-warning")
txt_alert = get_output_msg.text
time.sleep(2)
if txt_alert.find("TA user created successfully") == 0:
logout_button = WebDriverWait(driver_open, 20).until(
EC.element_to_be_clickable(
(By.XPATH, "//a[contains(@class, 'nav-link') and contains(@href, 'logout.php')]"))
)
time.sleep(2)
logout_button.click()
time.sleep(2)
username_input = driver_open.find_element('name', "user")
password_input = driver_open.find_element('name', "password")
login_button = driver_open.find_element('id', "login_btn")
# login as the new TA
username_input.send_keys(email) # login with credentials of the created TA
password_input.send_keys(password)
# Click the login button
time.sleep(2)
login_button.click()
time.sleep(2)
elif txt_alert.find("Email address ") == 0:
time.sleep(2)
driver_open.quit()
else:
driver_open.quit()
time.sleep(2)
finally:
driver_open.quit()
def test_generate_password(driver, url):
driver_open = driver
login_lecturer(driver_open, url)
try:
fullname = "lanhuitest2"
email = "lanhuitest2@qq.com"
password = ""
createTA(driver_open, fullname, email,
password) # CREATE A TA WITH FULLNAME lanhuitest2 email lanhuitest2@qq.com password ""
get_output = WebDriverWait(driver_open, 20).until(
EC.element_to_be_clickable((By.ID, "tab_ins_accounts"))
)
get_output.click()
get_output_msg = driver_open.find_element(By.CLASS_NAME, "alert-warning")
txt_alert = get_output_msg.text
time.sleep(2)
if txt_alert.find("TA user created successfully") == 0:
time.sleep(2)
email_pattern = r"Use email (\S+) as account name"
password_pattern = r" (\S+)\ as password."
email_match = re.search(email_pattern, txt_alert)
password_match = re.search(password_pattern, txt_alert)
if email_match and password_match:
# Extract email and password from the matches
email = email_match.group(1)
password = password_match.group(1)
logout_button = WebDriverWait(driver_open, 20).until(
EC.element_to_be_clickable(
(By.XPATH, "//a[contains(@class, 'nav-link') and contains(@href, 'logout.php')]"))
)
logout_button.click()
time.sleep(2)
username_input = driver_open.find_element('name', "user")
password_input = driver_open.find_element('name', "password")
login_button = driver_open.find_element('id', "login_btn")
# login as the new TA
username_input.send_keys(email) # login with credentials of the created TA
password_input.send_keys(password)
# Click the login button
time.sleep(2)
login_button.click()
time.sleep(2)
elif txt_alert.find("Email address ") == 0:
time.sleep(2)
driver_open.quit()
else:
driver_open.quit()
time.sleep(2)
finally:
driver_open.quit()
def test_existingTA(driver, url, restore_database):
driver_open = driver
login_lecturer(driver, url)
try:
# Use email nreyes@example.com as account name and new1452345678 as password.
fullname = "lanhuitest1"
email = "lanhuitest1@qq.com"
password = "new1452345678"
createTA(driver_open, fullname, email,
password) # CREATE A TA WITH FULLNAME lanhuitest1 email lanhuitest1@qq.com password new1452345678
get_output = WebDriverWait(driver_open, 20).until(
EC.element_to_be_clickable((By.ID, "tab_ins_accounts"))
)
get_output.click()
get_output_msg = driver_open.find_element(By.CLASS_NAME, "alert-warning")
txt_alert = get_output_msg.text
time.sleep(2)
if txt_alert.find("TA user created successfully") == 0:
time.sleep(2)
elif txt_alert.find("Email address ") == 0:
time.sleep(2)
driver_open.quit()
else:
driver_open.quit()
time.sleep(2)
finally:
driver_open.quit()

77
test/SeleniumSylvester/test_ScriptbugSylvester.py
View File

@ -1,77 +0,0 @@
import pytest
from selenium import webdriver
from selenium.webdriver.common.by import By
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
from selenium.common.exceptions import NoSuchElementException, TimeoutException
import time
import traceback
driver = webdriver.Chrome()
try:
# Navigate to the page with tabs
driver.get("http://localhost:8080/lrr/")
driver.maximize_window()
wait = WebDriverWait(driver, 10)
# Login as a Lecturer
username_input = wait.until(EC.presence_of_element_located((By.NAME, "user")))
password_input = driver.find_element(By.NAME, "password")
login_button = driver.find_element(By.ID, "login_btn")
username_input.send_keys("ashly@qq.com")
password_input.send_keys("admin123")
time.sleep(5)
login_button.click()
course_but= driver.find_element(By.XPATH, "(//div[@class='btn btn-default'])[1]") # Adjust this XPATH as needed
# Click on the alert
course_but.click()
time.sleep(5)
marked_tab = wait.until(
EC.element_to_be_clickable((By.XPATH, "//a[text()='Marked']"))
)
marked_tab.click()
# Wait for the Marked tab content to be present
marked_tab_content = wait.until(
EC.presence_of_element_located((By.XPATH, "//div[@id='menu4' and contains(@class, 'active')]"))
)
time.sleep(5)
remark_but = wait.until(
EC.presence_of_element_located((By.XPATH, "//button[normalize-space()='Request remarking']"))
)
remark_but.click()
time.sleep(2)
# Switch to the alert
alert = driver.switch_to.alert
# Send keys to the prompt
alert.send_keys("Number 2 was correct")
# Accept the prompt (click OK)
alert.accept()
time.sleep(5)
except NoSuchElementException as e:
print("NoSuchElementException: Could not find an element.")
traceback.print_exc()
except TimeoutException as e:
print("TimeoutException: An element took too long to load.")
traceback.print_exc()
except Exception as e:
print(f"An unexpected error occurred: {e}")
traceback.print_exc()
finally:
driver.quit()

46
test/conftest.py
View File

@ -1,46 +0,0 @@
import os
import pytest
from selenium import webdriver
@pytest.fixture
def restore_database():
''' Restore the database.
It is useful for making sure that each end-to-end test
starts with the same database.
Benefit: we can reproduce the same test result.
'''
PASSWORD = 'p-@va9' # root password
DB_NAME = 'lrr' # database name used for LRR
# commands used to import data to DB_NAME
cmds = [
f'mysql -u root -p{PASSWORD} -e "DROP DATABASE IF EXISTS {DB_NAME};"',
f'mysql -u root -p{PASSWORD} -e "CREATE DATABASE {DB_NAME};"',
f'mysql -u root -p{PASSWORD} -e "GRANT ALL PRIVILEGES ON {DB_NAME}.* TO lrr@localhost WITH GRANT OPTION;"',
f'mysql -u root -p{PASSWORD} {DB_NAME} < ../lrr_database.sql']
for command in cmds:
os.system(command)
return None
@pytest.fixture
def url():
return 'http://localhost/LRR/' # URL of LRR
@pytest.fixture
def driver():
return webdriver.Chrome()
@pytest.fixture
def admin_username():
return 'admin@qq.com'
@pytest.fixture
def admin_password():
return '123'