Merge branch 'Bug418-YAAQOB-MPIANA' of http://118.25.96.118:3000/mrlan/LRR into Bug418-YAAQOB-MPIANA

.gitignore

@@ -1,2 +1,2 @@
 .vscode
-
+.DS_Store

Admin.php

@@ -1,293 +1,261 @@
-<?php
-include 'NoDirectPhpAcess.php';
-?>
-
-<?php
-$page = "admin";
-include 'Header.php';
-?>
-
-
-<?php
-// Only Lecturer or Admin could access this page
-if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
-    die("Sorry.  Nothing to see here.");
-}
-?>
-
-
-<style>
-  .col-md-4 {
-    border-right: 1px solid skyblue;
-  }
-</style>
-
-<br>
-<div style="width: 80%;margin: auto;">
-  <h2> Administration Panel </h2>
-</div>
-
-<hr>
-<div class="row" style="width: 80%;margin: auto;">
-
-  <!--<h4>General system Settings</h4><hr>
-        <a href="" class="btn btn-lg btn-primary">View System Log </a>
-        <hr>
-     Lab Privacy Mode: (STUDENT VERIFICATION)
-        <hr>
-    -->
-  <div class="col-md-6">
-
-  <?php 
-  if ($_SESSION['user_type'] == "Lecturer") {
-           
-        echo " <h4> TA Account Management </h4> 
-        <hr> " ;
-        echo    "<b>TA Accounts </b><br>" ;
-      }
-  else if($_SESSION['user_type'] == "Admin"){
-        echo " <h4> Lecturer Account Management </h4> 
-        <hr> ";
-        echo "<b>Lecturer Accounts </b><br>";
-    }
-    
-  ?>
-
-    <div class="container">
-
-      <!-- Nav tabs -->
-      <ul class="nav nav-tabs" role="tablist">
-
-        <li class="nav-item">
-          <a class="nav-link active" data-toggle="tab" href="#home">Create New Account</a>
-        </li>
-
-        <li class="nav-item">
-          <a class="nav-link" data-toggle="tab" href="#menu2" id="batch_tab">Batch Create New Student Accounts</a>
-        </li>
-
-        <li class="nav-item">
-          <a class="nav-link" data-toggle="tab" href="#menu1" id="existing_accounts_tab">Existing Accounts</a>
-        </li>
-
-      </ul>
-
-      <!-- Tab panes -->
-      <div class="tab-content">
-
-        <div id="home" class="container tab-pane active"><br>
-
-      <?php 
-        if ($_SESSION['user_type'] == "Lecturer") {
-                
-            echo "<b>Create TA Accounts </b>";
-             
-          }
-        else if($_SESSION['user_type'] == "Admin"){
-           echo "<b>Create Lecturer Accounts </b>";
-          }
-    
-      ?>
-          <form method="post" action="Script.php" id="create_account_form">
-            <input type="hidden" name="frm_createlecturrer" value="true" required="" />
-            Full Name
-            <input type="text" name="fullname" placeholder="Full Name" class="form-control" required="">
-            Email
-            <input type="text" name="email" placeholder="Email / Student Number" class="form-control" required="">
-
-            Passport Number / ID (Used as Initial Password)
-            <input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required="">
-            <br> User Type :
-
-          <?php 
-
-              if ($_SESSION['user_type'] == "Lecturer") {
-                      
-                    echo ' <input type="radio" name="type" value="TA" required="" id="role_TA"> TA (Teaching Assistant) ';
-
-                }
-              else if($_SESSION['user_type'] == "Admin"){
-                    
-                    echo " <input type='radio' name = 'type' value = 'Lecturer' required = '' id='role_lecturer' > Lecturer ";
-                  
-                }
-
-            ?>  
-
-            <input type="submit" class="btn btn-primary" value="Create" id="create_btn"><br>
-            
-            <?php
-
-            error_reporting(E_ALL);
-            if (isset($_SESSION['info_Admin_Users'])) {
-              echo  '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>';
-              $_SESSION['info_Admin_Users'] = null;
-            }
-            if (isset($_SESSION['info_Admin_Users'])) {
-              echo  '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>';
-              $_SESSION['info_Admin_Users'] = null;
-            }
-
-            ?>
-
-          </form>
-
-          <hr>
-
-        </div>
-
-        <div id="menu1" class="container tab-pane fade"><br>
-
-          <table class="table-bordered" style="font-size: 10pt;">
-            <tr style="font-size:10pt;">
-              <th>ID</th>
-              <th>Name</th>
-              <th>Email</th>
-              <th>Passport / ID </th>
-              <th>Reset Password </th>
-              <th>Block/Activate </th>
-            </tr>
-            <?php
-
-          if ($_SESSION['user_type'] == "Lecturer") {
-                                  
-                $result = mysqli_query(
-                  $con,
-                  "SELECT * FROM Users_Table  WHERE UserType in ('TA')"
-                );
-            }
-
-          else if($_SESSION['user_type'] == "Admin"){
-                $result = mysqli_query(
-                  $con,
-                  "SELECT * FROM Users_Table  WHERE UserType in ('Lecturer')"
-                );
-            }
-
-            while ($row = mysqli_fetch_assoc($result)) {
-              $pass = $row['Passport_Number'];
-              $btn = "<button class='btn-primary' onclick=\"updatePass(" . $row['User_ID'] . ",'$pass')\">Reset</button>";
-              if ($row['Status'] == "Active") {
-                $newstatus = "Blocked";
-                $btnBlock = "<button class='btn-danger' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"block_account_1\">Block</button>";
-              } else {
-                $newstatus = "Active";
-                $btnBlock = "<button class='btn-success' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"activate_account_1\">Activate</button>";
-              }
-
-              echo "<tr><td>" . $row['User_ID'] . "</td><td>" . $row['Full_Name'] . "</td><td>" . $row['Email'] . "</td> <td>" . $row['Passport_Number'] . "</td><td>$btn</td><td>$btnBlock</td></tr>";
-            }
-            ?>
-          </table>
-
-        </div>
-
-        <!-- code contributed by Xu Xiaopeng (https://github.com/xxp1999) -->
-
-        <div id="menu2" class="container tab-pane fade" style="margin-top:10px">
-          <b>Separate two student numbers with a space.</b><br>
-          <form action="batch_insert.php" method="post" id="batch_form">
-            <p>
-              <textarea cols="80" rows="16" name="users" required=""></textarea>
-            </p>
-            <input type="submit" class="btn btn-primary" value="Register Students" id="register_btn"><br>
-          </form>
-        </div>
-
-      </div>
-    </div>
-
-  </div>
-
-  <div class="col-md-6">
-
-    <div class="container">
-      <!-- Nav tabs -->
-      <ul class="nav nav-tabs" role="tablist">
-        <li class="nav-item">
-          <a class="nav-link active" data-toggle="tab" href="#menub" id="existing_courses">Existing Courses</a>
-        </li>
-
-      </ul>
-
-      <!-- Tab panes -->
-
-        </div>
-
-        <div id="menub" class="container tab-pane active"><br>
-
-          <b> Existing Course Portals </b>
-          <hr>
-          <table class="table-bordered" style="font-size: 10pt;">
-            <tr>
-              <th>Course Name </th>
-              <th> Faculty </th>
-              <th>Lecturer </th>
-              <th>TAs</th>
-              <th>Assign new TA </th>
-            </tr>
-            <?php
-            $result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`   , users_table.Full_Name  FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID");
-            if (mysqli_num_rows($result) == 0) {
-            } else {
-              $counter = 0;
-              while ($row = mysqli_fetch_assoc($result)) {
-                $name = $row['Course_Name'];
-                $code = $row['Course_Code'];
-                $faculty = $row['Faculty'];
-                $lecturer = $row['Full_Name'];
-                $academic = $row['Academic_Year'];
-                $c_id = $row['Course_ID'];
-                $counter += 1;
-
-                $resultTA = mysqli_query($con, "SELECT `Course_ID`, `TA`,users_table.Full_Name as TA_NAME FROM `course_ta`
-INNER JOIN users_table on users_table.User_ID=course_ta.TA
-where course_ta.Course_ID=$c_id");
-
-                $ta = "";
-                while ($rowTA = mysqli_fetch_assoc($resultTA)) {
-                  $ta = $ta . "  - " . $rowTA['TA_NAME'];
-                }
-
-                echo "  
-                          <tr> <td>$code - $name</td>  <td>$faculty </td> <td>$lecturer</td><td>$ta</td>  <td><form method='get' action='Script.php' id='drop_menu_form_$counter'> <select name='ta' class=''>";
-
-                $resultx = mysqli_query($con, "SELECT * FROM Users_Table WHERE UserType='TA'");
-                if (mysqli_num_rows($resultx) == 0) {
-                } else {
-                  while ($row = mysqli_fetch_assoc($resultx)) {
-                    $id = $row['User_ID'];
-                    $name = $row['Full_Name'];
-                    echo "<option value='$id'> $name </option>";
-                  }
-                }
-
-                echo "</select>  <input type='hidden' name='assignTA' value='true'> <input type='hidden' name='id' value='$c_id'>  <input type='submit' value='assign' id='assign_btn_$counter'></form> </td></tr>
-                         ";
-              }
-            } ?>
-
-          </table>
-
-        </div>
-
-      </div>
-
-    </div>
-
-    <script>
-      function updatePass(id, pass) {
-        if (!confirm('Are you to Reset User Password')) {
-          return;
-        }
-
-        window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
-      }
-
-      function blockUser(id, status) {
-        if (!confirm('Are you to change User Status')) {
-          return;
-        }
-        window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status;
-      }
-    </script>
+<?php
+include 'NoDirectPhpAcess.php';
+?>
+
+<?php
+$page = "admin";
+include 'Header.php';
+?>
+
+
+<?php
+// Only Lecturer or Admin could access this page
+if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
+    die("Sorry.  Nothing to see here.");
+}
+?>
+
+<div class="container">
+
+
+    <br>
+    <h1 class="display-6"> Administration panel </h1>
+
+    <hr>
+    <div class="row">
+
+	<div class="col-md-6">
+
+           <!-- Nav tabs -->
+	    <ul class="nav nav-tabs" id="myTab">
+
+		<li class="nav-item">
+		    <a class="nav-link active" href="#tab-student-accounts" id="batch_tab">Create student accounts</a>
+		</li>
+
+		<li class="nav-item">
+		    <a class="nav-link" href="#tab-ins-accounts">Create instructor account</a>
+		</li>
+
+		<li class="nav-item">
+		    <a class="nav-link" href="#tab-existing-accounts" id="existing_accounts_tab">Existing accounts</a>
+		</li>
+	    </ul>
+
+            <!-- Tab panes -->
+	    <div class="tab-content">
+
+		<!-- code contributed by Xu Xiaopeng (https://github.com/xxp1999) -->
+		<div id="tab-student-accounts" class="tab-pane active" style="margin-top:5px">
+		    <p class="text-muted">Copy & paste student number to the following box, and separate two student numbers with a space.</p>
+		    <form action="batch_insert.php" method="post" id="batch_form">
+			<textarea cols="60" rows="16" name="users" required=""></textarea>
+			<button type="submit" class="btn btn-primary" id="register_btn">Register students</button>
+		    </form>
+		</div>
+
+		<div id="tab-ins-accounts" class="tab-pane"><br>
+
+		    <?php
+		    if ($_SESSION['user_type'] == "Lecturer") {
+			echo "<p class=\"text-muted\">Create TA Accounts</p>";
+		    }
+		    else if($_SESSION['user_type'] == "Admin"){
+			echo "<p class=\"text-muted\">Create Lecturer Accounts</p>";
+		    }
+
+		    ?>
+		    <form method="post" action="Script.php" id="create_account_form">
+			<input type="hidden" name="form_createlecturrer" value="true" required="" />
+			Full name
+			<input type="text" name="fullname" placeholder="Full Name" class="form-control" required=""> <br>
+			Email
+			<input type="text" name="email" placeholder="Email / Student Number" class="form-control" required=""> <br>
+			Passport No. (used as the initial password)
+			<input type="text" class="form-control" name="passport" placeholder="Passport No" required=""> <br>
+			User type:
+			<?php
+			if ($_SESSION['user_type'] == "Lecturer") {
+			    echo ' <input type="radio" name="type" value="TA" required="" id="role_TA"> TA (Teaching Assistant) ';
+			} else if ($_SESSION['user_type'] == "Admin"){
+			    echo " <input type='radio' name='type' value='Lecturer' required='' id='role_lecturer'> Lecturer ";
+			}
+			?>
+			<br><br>
+			<button type="submit" class="btn btn-primary" id="create_btn">Create</button>
+
+			<?php
+			error_reporting(E_ALL);
+			if (isset($_SESSION['info_Admin_Users'])) {
+			    echo  '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>';
+			    $_SESSION['info_Admin_Users'] = null;
+			}
+			if (isset($_SESSION['info_Admin_Users'])) {
+			    echo  '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>';
+			    $_SESSION['info_Admin_Users'] = null;
+			}
+			?>
+
+		    </form>
+
+		</div>
+
+
+		<div id="tab-existing-accounts" class="tab-pane"><br>
+
+		    <table class="table" style="font-size: 10pt;">
+			<tr style="font-size:10pt;">
+			    <th>ID</th>
+			    <th>Name</th>
+			    <th>Email</th>
+			    <th>Passport / ID </th>
+			    <th>Reset password </th>
+			    <th>Block/Activate </th>
+			</tr>
+			<?php
+
+			if ($_SESSION['user_type'] == "Lecturer") {
+
+			    $result = mysqli_query(
+				$con,
+				"SELECT * FROM users_table WHERE UserType in ('TA')"
+			    );
+			}
+
+			else if ($_SESSION['user_type'] == "Admin"){
+			    $result = mysqli_query(
+				$con,
+				"SELECT * FROM users_table WHERE UserType in ('Lecturer')"
+			    );
+			}
+
+			while ($row = mysqli_fetch_assoc($result)) {
+			    $pass = $row['Passport_Number'];
+			    $btn = "<button class='btn btn-warning' onclick=\"updatePassword(" . $row['User_ID'] . ",'$pass')\">Reset</button>";
+			    if ($row['Status'] == "Active") {
+				$newstatus = "Blocked";
+				$btnBlock = "<button class='btn btn-danger' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"block_account_1\">Block</button>";
+			    } else {
+				$newstatus = "Active";
+				$btnBlock = "<button class='btn btn-success' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"activate_account_1\">Activate</button>";
+			    }
+
+			    echo "<tr><td>" . $row['User_ID'] . "</td><td>" . $row['Full_Name'] . "</td><td>" . $row['Email'] . "</td> <td>" . $row['Passport_Number'] . "</td><td>$btn</td><td>$btnBlock</td></tr>";
+			}
+			?>
+		    </table>
+		</div>
+
+	    </div>
+
+	</div>
+
+	<div class="col-md-6">
+
+	    <ul class="nav nav-tabs" id="myTab">
+		<li class="nav-item">
+		    <a class="nav-link active" href="#tab-existing-courses" id="existing_courses">Existing courses</a>
+		</li>
+	    </ul>
+
+            <div id="tab-existing-courses" class="tab-pane active"><br>
+
+		<p class="text-muted"> Past courses </p>
+
+		<table class="table" style="font-size: 10pt;">
+		    <tr>
+			<th>Course name</th>
+			<th>Faculty</th>
+			<th>Lecturer</th>
+			<th>TAs</th>
+			<th>Assign a new TA </th>
+		    </tr>
+
+		    <?php
+		    $user_id = $_SESSION['user_id'];
+		    if ($_SESSION['user_type'] == 'Lecturer') {
+			$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `TA_User_ID`, `Course_Code`, `Full_Name` FROM courses_table INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID WHERE User_ID=$user_id ORDER BY Academic_Year DESC;");
+		    } else if ($_SESSION['user_type'] == 'Admin') {
+			$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `TA_User_ID`, `Course_Code`, `Full_Name` FROM courses_table INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID ORDER BY Academic_Year DESC;");
+		    }
+		    if (mysqli_num_rows($result) != 0) {
+			$counter = 0;
+			while ($row = mysqli_fetch_assoc($result)) {
+			    $name = $row['Course_Name'];
+			    $code = $row['Course_Code'];
+			    $faculty = $row['Faculty'];
+			    $lecturer = $row['Full_Name'];
+			    $academic = $row['Academic_Year'];
+			    $c_id = $row['Course_ID'];
+			    $counter += 1;
+
+			    $resultTA = mysqli_query($con, "SELECT `Course_ID`, `TA`, users_table.Full_Name as TA_NAME FROM course_ta INNER JOIN users_table on users_table.User_ID=course_ta.TA where course_ta.Course_ID=$c_id");
+
+			    $ta = "";
+			    while ($rowTA = mysqli_fetch_assoc($resultTA)) {
+				$ta = $ta . "  " . $rowTA['TA_NAME'];
+			    }
+
+			    echo "
+                          <tr> <td>$code - $name</td>  <td>$faculty </td> <td>$lecturer</td><td>$ta</td>  <td><form method='get' action='Script.php' id='drop_menu_form_$counter'> <select name='ta' class=''>";
+
+			    $resultx = mysqli_query($con, "SELECT * FROM users_table WHERE UserType='TA'");
+			    if (mysqli_num_rows($resultx) == 0) {
+			    } else {
+				while ($row = mysqli_fetch_assoc($resultx)) {
+				    $id = $row['User_ID'];
+				    $name = $row['Full_Name'];
+				    echo "<option value='$id'> $name </option>";
+				}
+			    }
+
+			    echo "</select>  <input type='hidden' name='assignTA' value='true'> <input type='hidden' name='id' value='$c_id'>  <button class='btn btn-outline-secondary btn-sm' type='submit' id='assign_btn_$counter'>assign</button></form> </td></tr>
+                            ";
+			}
+		    }
+		    ?>
+
+		</table>
+
+            </div>
+
+	</div>
+
+    </div>
+    
+</div>
+
+<?php include 'Footer.php';?>
+
+<script>
+ function updatePassword(id, pass) {
+     if (!confirm('Are you sure to reset user password?')) {
+         return;
+     }
+
+     window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
+ }
+
+ function blockUser(id, status) {
+     if (!confirm('Are you sure to change user status?')) {
+         return;
+     }
+     window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status;
+ }
+
+ /* For tabs to work */
+ const triggerTabList = document.querySelectorAll('#myTab a')
+ triggerTabList.forEach(triggerEl => {
+     const tabTrigger = new bootstrap.Tab(triggerEl)
+     triggerEl.addEventListener('click', event => {
+	 event.preventDefault()
+	 tabTrigger.show()
+     })
+ })
+
+</script>
+
+
+</body>
+</html>
+

Download.php

@@ -25,7 +25,7 @@ $type = filetype($file);
 $today = date("F j, Y, g:i a");
 $time = time();
 
-if ((isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"]) > 0) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA" ) {
+if ((isset($_SESSION["user_student_id"]) && (strpos($file, $_SESSION["user_student_id"]) > 0 || strpos($file, "Lab_Report_Assignments"))) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA" ) {
     // 发送文件头部
     header("Content-type: $type");
     header('Content-Disposition: attachment;filename="'.urldecode($filename).'"');

Footer.php

@@ -1,4 +1,3 @@
-<br><br><br><br><br><br><br><br><br>
-<div style="background-color:white;width:100%di">
-
-</div>
+<?php
+echo "<p id='myfooter' class='text-center'>Copyright &copy; 2018-" . date("Y") . " The Authors</p>";
+?>

Header.php

@@ -8,170 +8,188 @@ $con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
 
 // Check database connection
 if (mysqli_connect_errno()) {
-  echo "Failed to connect to MySQL: " . mysqli_connect_error();
+    echo "Failed to connect to MySQL: " . mysqli_connect_error();
 }
-
 ?>
 
 <!DOCTYPE html>
 
-<html>
+<html lang="en-US">
 
-<head>
+    <head>
+	<meta charset="utf-8">
+	<meta name="viewport" content="width=device-width, initial-scale=1">
+	<title>LRR</title>
 
-  <link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css" />
-  <link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" />
-  <link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css" />
-  <!-- *this css file can be used across all the websites 
-  and any new css class can be added there.
-  * The reason is to make the css code reusable.
-  * the css file is used by submissions.php
--->
-  <link href = "./css/main.css" rel = "stylesheet" type = "text/css" />
+	<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-4bw+/aepP/YC94hEpVNVgiZdgIC5+VKNBQNGCHeKRQN+PtmoHDEXuppvnDJzQIu9" crossorigin="anonymous">
+	<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/bootstrap.bundle.min.js" integrity="sha384-HwwvtgBNo3bZJJLYd8oVXjrBZt8cqVSpeBNS5n7C8IVInixGAoxmnlMuBnhbgrkm" crossorigin="anonymous"></script>
 
-  <script src="./css/jquery.min.js" type="text/javascript"></script>
-  <script src="./css/bootsrap.min.js" type="text/javascript"></script>
-  <script src="./css/jquery.datetimepicker.min.js" type="text/javascript"></script>
+	<link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" />
+	<!-- *this css file can be used across all the websites
+	     and any new css class can be added there.
+	     * The reason is to make the css code reusable.
+	     * the css file is used by submissions.php
+	-->
+	<link href = "./css/main.css" rel="stylesheet" type="text/css" />
+	<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js" integrity="sha512-3gJwYpMe3QewGELv8k/BX9vcqhryRdzRMxVfq6ngyWXwo03GFEzjsUm8Q7RZcHPHksttq7/GFoxjCVUjkjvPdw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+	<script src="./css/jquery.datetimepicker.min.js" type="text/javascript"></script>
 
-</head>
+	<style>
 
-<body>
+	 .btn-default {
+	     border: 2px solid #f8f8f8;
+	     width: 100%;
+	     text-align: left;
+	     margin: 4px auto;
+	 }
 
-  <nav class="navbar navbar-expand-lg navbar-dark bg-dark" style="padding-left:150px;padding-right:150px;margin:auto;">
-    <a class="navbar-brand" href="~\..\index.php"> <img src="logo.png" style="width:30px;height:30px;"> LRR </a>
-    <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarColor02" aria-controls="navbarColor02" aria-expanded="false" aria-label="Toggle navigation">
-      <span class="navbar-toggler-icon"></span>
-    </button>
+         .btn-default:hover {
+             background: #f8f8f8;
+	 }
 
-    <div class="collapse navbar-collapse" id="navbarColor02">
-      <ul class="navbar-nav mr-auto">
-        <li class="nav-item active">
+	 h1,
+	 h2,
+	 h3,
+	 h4 {
+	     color: #03407B;
+	 }
 
-        <li class="nav-item active">
-          <!-- <a class='nav-link' href='~\..\Visitors.php'>     <i class='fa fa-globe'></i>  Visitor Portal <span class='sr-only'>(current)</span></a> -->
-        </li>
-        <?php
-        if (isset($_SESSION["user_fullname"])) {
+	 a {
+	     color: #03407B;
+	 }
 
-          echo "       <a class='nav-link' href='~\..\Courses.php'><i class='fa fa-book'></i> Courses <span class='sr-only'>(current)</span></a>";
-        ?>
-          </li>
-      </ul>
-      <form class="form-inline my-2 my-lg-0" style="color:#fff;">
-        Welcome &nbsp; <b> <?php echo $_SESSION['user_fullname']; ?> </b> &nbsp;
+	 .break-word {
+	     word-wrap: break-word;
+	     white-space: -moz-pre-wrap !important;
+	     /* Mozilla, since 1999 */
+	     white-space: -pre-wrap;
+	     /* Opera 4-6 */
+	     white-space: -o-pre-wrap;
+	     /* Opera 7 */
+	     white-space: pre-wrap;
+	     /* css-3 */
+	     word-wrap: break-word;
+	     /* Internet Explorer 5.5+ */
+	     white-space: -webkit-pre-wrap;
+	     /* Newer versions of Chrome/Safari*/
+	     word-break: break-all;
+	     white-space: normal;
+	 }
 
-        <?php
-          $c_date =  date("Y-m-d H:i");
-          if (isset($_SESSION['user_student_id']))
-            echo "(" . $_SESSION['user_type'] . " - " . $_SESSION['user_student_id'] . ")   ";
-          else
-            echo "(" . $_SESSION['user_type'] . ")   ";
-        ?>
+	 .ui-widget-content.ui-dialog {
+	     border: 2px solid #03488B;
 
-        <?php
-          if ($_SESSION['user_type'] == "Lecturer") {
-            echo  "&nbsp;&nbsp;&nbsp;  <i class=\"fa fa-cog\" style=\"color:#fff;\"> </i> &nbsp;<a style='color:#fff !important' href=\"~\..\Admin.php\" id=\"admin_tab\">Admin </a>";
-          }
-        ?>
+	 }
 
-        &nbsp;&nbsp;&nbsp; <i class="fa fa-user" style="color:#fff;"> </i>
-        &nbsp;<a href="#" style='color:#fff !important' onclick="updatePass(<?php echo $_SESSION['user_id']; ?>)">Update password</a>
-        &nbsp;&nbsp;&nbsp; <i class="fa fa-lock" style="color:#fff;"> </i> &nbsp;<a style='color:#fff !important' href="~\..\logout.php">Logout </a>
+	 .ui-dialog>.ui-widget-header {
+	     background: #03488B;
+	     color: white
+	 }
 
-      <?php
-        }
-      ?>
-      </form>
-    </div>
-  </nav>
+	 .ui-button {
+	     background: #03488B;
+	     color: white
+	 }
 
-  <style>
-    .nav-item {
-      border-color: #00ff66;
+
+    .ui-dialog-titlebar-close::before {
+        content: "X";
+        position: absolute;
+        top: 1px;
+        left: 3px;
+        line-height: 1rem;
     }
 
-    .nav-tabs {
-      border-color: #00ff66;
-    }
+	 #footer{
+	     position:fixed;
+	     bottom:0;
+	     left:0;
+	     text-align:center;
+	     width:100%;
+	 }
 
-    .btn-default {
-      border: 2px solid #00ff66;
-      width: 100%;
-      text-align: left;
-      margin: 3px auto;
-      font-weight: bold;
-      font-size: 13pt;
-    }
+	 .form-control{
+	     padding-top: 1px;
+	     padding-bottom:1px;
+	 }
 
-    .table-bordered {
-      padding: 5px !important;
-    }
 
-    .alert {
-      font-weight: bold;
-    }
+	</style>
 
-    h1,
-    h2,
-    h3,
-    h4 {
-      color: #03407B;
-    }
+    </head>
 
-    a {
-      color: #03407B;
-    }
+    <body>
 
-    .break-word {
-      word-wrap: break-word;
-      white-space: -moz-pre-wrap !important;
-      /* Mozilla, since 1999 */
-      white-space: -pre-wrap;
-      /* Opera 4-6 */
-      white-space: -o-pre-wrap;
-      /* Opera 7 */
-      white-space: pre-wrap;
-      /* css-3 */
-      word-wrap: break-word;
-      /* Internet Explorer 5.5+ */
-      white-space: -webkit-pre-wrap;
-      /* Newer versions of Chrome/Safari*/
-      word-break: break-all;
-      white-space: normal;
-    }
+	<nav class="navbar navbar-expand-lg bg-body-tertiary" style="padding-left:180px;padding-right:150px;margin:auto;">
+	    <div class="container-fluid">
 
-    .ui-widget-content.ui-dialog {
-      border: 2px solid #03488B;
+		<a class="navbar-brand" href="~\..\index.php"> <img src="logo.png" style="width:30px;height:30px;" alt="LRR Logo"> LRR </a>
 
-    }
+		<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNavAltMarkup" aria-controls="navbarNavAltMarkup" aria-expanded="false" aria-label="Toggle navigation">
+		    <span class="navbar-toggler-icon"></span>
+		</button>
 
-    .ui-dialog>.ui-widget-header {
-      background: #03488B;
-      color: white
-    }
+		<div class="collapse navbar-collapse" id="navbarNavAltMarkup">
+		    <div class="navbar-nav">
 
-    .ui-button {
-      background: #03488B;
-      color: white
-    }
-  </style>
+			<a class="nav-link" href="#">
+			    <?php
+			    if (isset($_SESSION["user_fullname"])) {
+                    echo "<b>" . $_SESSION['user_fullname'] . "</b>";
+			    }
+			    ?>
 
-  <script>
-    function updatePass(id) {
+			    &nbsp;
 
-      var pass = prompt("Enter your new password : ", "Enter a strong password");
+			    <?php
+			    $c_date =  date("Y-m-d H:i");
+			    if (isset($_SESSION['user_student_id']))
+                    echo "(" . $_SESSION['user_type'] . " ID: " . $_SESSION['user_student_id'] . ")   ";
+			    elseif (isset($_SESSION['user_type']))
+                    echo "(" . $_SESSION['user_type'] . ")   ";
+			    ?>
+			</a>
 
-      if (!confirm('Are you sure you want to reset your password?')) {
-        return;
-      }
+			<?php
+			if (isset($_SESSION["user_fullname"])) {
+                if ($_SESSION['user_type'] == "Student" || $_SESSION['user_type'] == 'Lecturer') {
+                    echo "<a class='nav-link' href='~\..\Courses.php'><i class='fa fa-book'></i> My courses </a>";
+                }
+			?>
 
-      window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
-    }
 
-    function blockUser(id, status) {
-      if (!confirm('Are you sure you want to change user status?')) {
-        return;
-      }
-      window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status;
-    }
-  </script>
+			<?php
+			    if ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == 'Admin') { // Show Admin link
+			        echo "&nbsp;&nbsp;&nbsp;&nbsp;<a class='nav-link' href=\"~\..\Admin.php\" id=\"admin_tab\"><i class='fa fa-cog'></i>Admin</a>";
+			    }
+			?>
+
+			    &nbsp;&nbsp;&nbsp;&nbsp;
+			    <a class="nav-link" href="#" onclick="updatePass(<?php echo $_SESSION['user_id']; ?>)"><i class="fa fa-user"> </i> Update password</a>
+
+			    &nbsp;&nbsp;&nbsp;&nbsp;
+			    <a class="nav-link" href="~\..\logout.php"><i class="fa fa-lock"> </i> Logout</a>
+
+			<?php
+			}  // Closing this conditional test block: if (isset($_SESSION["user_fullname"])) { ...
+			?>
+
+		    </div>
+		</div>
+	    </div>
+	</nav>
+
+
+	<script>
+	 function updatePass(id) {
+
+	     const pass = prompt("Enter your new password : ", "Enter a strong password");
+
+	     if (!confirm('Are you sure you want to reset your password?')) {
+		 return;
+	     }
+
+	     window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
+	 }
+
+	</script>

NoDirectPhpAcess.php

@@ -1,7 +1,7 @@
 <?php
-    // https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file
-    if (!isset($_SERVER['HTTP_REFERER']) ) {
-        /* choose the appropriate page to redirect users */
-        die( header( 'location: logout.php' ) );
-    }
+// https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file
+if (!isset($_SERVER['HTTP_REFERER']) ) {
+    /* choose the appropriate page to redirect users */
+    die( header( 'location: logout.php' ) );
+}
 ?>

README.md

@@ -27,8 +27,8 @@ LRR needs Apache and MySQL to run.  I followed [How To Install Linux, Apache, My
 LRR uses a database called `lrr`.  So create this database using MySQL root account.  Open MySQL's prompt using `sudo mysql`.  Create the database using command `CREATE DATABASE lrr;`, and grant all privileges to MySQL user `lrr` using command `GRANT ALL PRIVILEGES ON lrr.* TO 'mnc'@'localhost' WITH GRANT OPTION;`.   If MySQL user mnc does not exist, create it using command `CREATE USER 'mnc'@'localhost' IDENTIFIED BY 'password'`.
 
 To facilitate data migration, I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server.
-The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.txt`, where mnc after -u is MySQL's username, and lrr after -p is the database name.
-The command for importing is `mysql -u mnc -p lrr < lrr_database_dump.txt`.  Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail. Do not have lrr_database_dump.txt?  You can use lrr_database.sql in this repo instead.
+The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.sql`, where mnc after -u is MySQL's username, and lrr after -p is the database name.
+The command for importing is `mysql -u username -p lrr < lrr_database_dump.sql`.  You must create database `lrr` first on your computer before doing the import. Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail. Do not have lrr_database_dump.sql?  You can use lrr_database.sql in this repo instead.
 
 LRR also needs to store assignment submissions.  We store them in a folder called `../../lrr_submission`.  Note that `lrr_submission` is two levels above the project folder (where many PHP files reside).  I copied this folder from the existing one.  I think it is also OK if you create an empty folder.   
 We need to set a proper owner and accessibility for `lrr_submission` using the following two commands:
@@ -51,6 +51,31 @@ Enable the site lrr: `sudo a2ensite lrr`.  Restart the apache server: `sudo syst
 Visit the LRR application by entering this URL in a web browser: http://121.4.94.30/.
 
 
+### Solving the coding problems in the dump file
+
+If the database contains Chinese characters, the dump file (e.g., lrr_database_dump.sql) may contain *weird* characters, e.g., `研究生`, so weird that no one can tell their meaning.
+
+We need to correct these abnormal characters before we import them to the new database, so that the PHP program can correctly display Chinese information.
+
+The simplest solution is using the ftfy (fixes text for you) Python package to convert them, as follows:
+
+```
+from ftfy import fix_text
+
+with open('lrr_database_dump.sql') as f:
+    content = f.read()
+
+content2 = fix_text(content)
+with open('lrr_database_dump_sql_fixed.txt', 'w') as f:
+    f.write(content2)
+```
+
+Now, import data using lrr_database_dump_sql_*fixed*.txt.
+
+If you encounter the 'Unknown MySQL server host' problem during import, replace all apostrophes with a space in the dump file.  For example, if a database table field contains *can't*, then the apostrophe between *n* and *t* can cause that problem.
+
+
+
 ## Enock steps
 
 Enock, a graduate student here, has made a tutorial about how he deployed LRR to a remote server (http://lanlab.org/course/2021s/spm/PuTTY-Server.txt).

Reset_password.php

@@ -1,49 +0,0 @@
-<?php
-
-/* 
- * To change this license header, choose License Headers in Project Properties.
- * To change this template file, choose Tools | Templates
- * and open the template in the editor.
- */
-
-
-include 'Header.php';
-$token = htmlspecialchars($_GET['token']);
-$email = htmlspecialchars($_GET['email']);
-?>
-
-<div class="row">
-           
-<div class="col-md-4 list-group" style="margin:auto;">
-
-    <br>
-   
-<h4 class="list-group-item active"> Reset your password </h4>
-<div class="list-group-item">
-
-    <div class="panel-body">
-<form method="post" action="Script.php" >
-      <input type="hidden" name="frm_reset_password" value="true"/>
-      <input type="hidden" name="token" value="<?php echo $token ?>"/>  
-      Email
-<input type="text" name="email" readonly="" placeholder="Enter your Email" class="form-control" value="<?php echo $email; ?>">
-<br>
- New Password
-<input type="password" name="password" placeholder="Enter your new Password" class="form-control" value="">
-
-  <br>
-<input type="submit" class="btn btn-primary" value="Reset">
-<br> 
-<?php 
-
-?>
-</form>
-</div>
-  
-</div>
-</div>
-
-</div>
-</form>
-</div> 
- </div>

Script.php

@@ -126,7 +126,7 @@ if (!empty($_POST["form_signup"])) {
 
 // ################################ LOGIN  #####################################
 
-if (!empty($_POST["frm_login"])) {
+if (!empty($_POST["form_login"])) {
 
     $user = mysqli_real_escape_string($con, $_POST["user"]); // user could be a 12-digit student number or an email address
     $is_student_number = 0;
@@ -187,7 +187,7 @@ if (!empty($_POST["frm_login"])) {
 
 // ################################ Recover Password  #####################################
 
-if (!empty($_POST["frm_recover_password"])) {
+if (!empty($_POST["form_recover_password"])) {
 
     $student_id = mysqli_real_escape_string($con, $_POST["sno"]);
     $email = mysqli_real_escape_string($con, $_POST["email"]);
@@ -220,7 +220,7 @@ if (!empty($_POST["frm_recover_password"])) {
 
 // ################################ RESET Password  #####################################
 
-if (!empty($_POST["frm_reset_password"])) {
+if (!empty($_POST["form_reset_password"])) {
     $password = mysqli_real_escape_string($con, $_POST["password"]);
     $token = mysqli_real_escape_string($con, $_POST["token"]);
     $email = mysqli_real_escape_string($con, $_POST["email"]);
@@ -264,7 +264,7 @@ if (!empty($_POST["frm_reset_password"])) {
 }
 
 // ############################### CREATE Lecturer/TA USER ##################################
-if (!empty($_POST["frm_createlecturrer"])) {
+if (!empty($_POST["form_createlecturrer"])) {
     $email = mysqli_real_escape_string($con, $_POST["email"]);
     $fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
     $type = mysqli_real_escape_string($con, $_POST["type"]);
@@ -340,7 +340,7 @@ function mkdirs($path)
 }
 
 // ############################### #Post Assignment ##################################
-if (!empty($_POST["frm_uploadlab"])) {
+if (!empty($_POST["form_uploadlab"])) {
 
     $course_id = mysqli_real_escape_string($con, $_POST["course_id"]);
     $deadlinedate = $_POST["deadlinedate"];
@@ -357,7 +357,7 @@ if (!empty($_POST["frm_uploadlab"])) {
 
     // GET UPLOADED FILES
 
-    $target_dir = Create_dir("Lab_Report_Assignments/" . $title . "/");
+    $target_dir = Create_dir("./../../lrr_submission/Lab_Report_Assignments/$course_id/" . $title . "/");
 
     $rnd = rand(10, 1000);
     $rnd = ""; // no more required , creating folder for each lab
@@ -416,16 +416,16 @@ if (!empty($_POST["frm_uploadlab"])) {
     $targetfile4 = "";
 
     if ($_FILES['attachment1']['name'] != "") {
-        $targetfile  = "/" . $title . "/" . $_FILES['attachment1']['name'];
+        $targetfile  = "/Lab_Report_Assignments/$course_id/" . $title . "/" . $_FILES['attachment1']['name'];
     }
     if ($_FILES['attachment2']['name'] != "") {
-        $targetfile2 = "/" . $title . "/" . $_FILES['attachment2']['name'];
+        $targetfile2 = "/Lab_Report_Assignments/$course_id" . $title . "/" . $_FILES['attachment2']['name'];
     }
     if ($_FILES['attachment3']['name'] != "") {
-        $targetfile3 = "/" . $title . "/" . $_FILES['attachment3']['name'];
+        $targetfile3 = "/Lab_Report_Assignments/$course_id" . $title . "/" . $_FILES['attachment3']['name'];
     }
     if ($_FILES['attachment4']['name'] != "") {
-        $targetfile4 = "/" . $title . "/" . $_FILES['attachment4']['name'];
+        $targetfile4 = "/Lab_Report_Assignments/$course_id" . $title . "/" . $_FILES['attachment4']['name'];
     }
 
     $sql = "INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`,
@@ -434,7 +434,7 @@ if (!empty($_POST["frm_uploadlab"])) {
 
     if ($con->query($sql) === TRUE) {
 
-        $_SESSION["info_courses"] = $type . " lab report assignment posted successfully.";
+        $_SESSION["info_courses"] = $type . " lab report assignment posted successfully. ";
         header("Location: Courses.php?course=" . $url);
     } else {
         echo "Error: " . $sql . "<br>" . $con->error;
@@ -452,7 +452,7 @@ function checksize($file)
 }
 
 // ############################### Submit Assignment ##################################
-if (!empty($_POST["frm_submitlab"])) {
+if (!empty($_POST["form_submitlab"])) {
 
     $lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]);
     $student_id = $_POST["student_id"];
@@ -585,7 +585,7 @@ if (!empty($_POST["frm_submitlab"])) {
             $con->query($sql = "UPDATE `lab_report_submissions` SET `Course_Group_id` = '0' WHERE `lab_report_submissions`.`Lab_Report_ID` = '$lab_id'");
         }
 
-        $_SESSION["info_courses"] = "Thanks.  Your lab report assignment is submitted successfully.";
+        $_SESSION["info_courses"] = "Thanks.  You have successfully submitted your assignment.";
         header("Location: Course.php?url=" . $url);
     } else {
         echo "Error: <br>" . $con->error;
@@ -648,7 +648,7 @@ if (!empty($_GET["savemarks"])) {
 
     if ($con->query($sql) === TRUE) {
 
-        $_SESSION["info_Marking"] = "Lab Report Submission Marked";
+        $_SESSION["info_Marking"] = "Assignment marked";
         header("Location: Submissions.php?id=" . $labid . "&header=" . $header . "&total=" . $total);
     } else {
         echo "Error: " . $sql . "<br>" . $con->error;
@@ -692,7 +692,7 @@ if (!empty($_GET["remarking"])) {
 
     if ($con->query($sql) === TRUE) {
 
-        $_SESSION["info_general"] = "Remarking Request Sent";
+        $_SESSION["info_general"] = "Remarking request sent";
         header("Location: Course.php?url=" . $url);
     } else {
         echo "Error: " . $sql . "<br>" . $con->error;
@@ -815,7 +815,7 @@ if (!empty($_GET["acceptinvite"])) {
     }
 
     if ($con->query($sql) === TRUE) {
-        $_SESSION["info_general"] = " Group Invite Updated";
+        $_SESSION["info_general"] = " Group invitation status updated";
         header("Location: Course.php?url=" . $url);
     } else {
         echo "Error: " . $sql . "<br>" . $con->error;
@@ -833,7 +833,7 @@ if (!empty($_GET["removemember"])) {
     $sql = "Delete from  `course_group_members_table`  where  student_id=$student_id and Course_Group_id=$group_id";
 
     if ($con->query($sql) === TRUE) {
-        $_SESSION["info_general"] = " Member " . $student_id . " removed from the group";
+        $_SESSION["info_general"] = " Member " . $student_id . " is gone.";
         header("Location: Course.php?url=" . $url);
     } else {
         echo "Error: " . $sql . "<br>" . $con->error;
@@ -867,7 +867,7 @@ if (!empty($_GET["extenddeadline"])) {
     $time = mysqli_real_escape_string($con, $_GET["time"]);
     $type = mysqli_real_escape_string($con, $_GET["type"]);
 
-    $stdid = mysqli_real_escape_string($con, $_GET["stdid"]);
+    $studentid = mysqli_real_escape_string($con, $_GET["studentid"]);
     $reason = mysqli_real_escape_string($con, $_GET["reason"]);
     $url = mysqli_real_escape_string($con, $_GET["url"]);
     $deadline = $date . " " . $time;
@@ -877,12 +877,12 @@ if (!empty($_GET["extenddeadline"])) {
     } else {
         $sql = "INSERT INTO `extended_deadlines_table`(`Student_ID`, "
             . "`Lab_Report_ID`, `Extended_Deadline_Date`,"
-            . " `ReasonsForExtension`) VALUES ('$stdid','$id','$deadline','$reason')";
+            . " `ReasonsForExtension`) VALUES ('$studentid','$id','$deadline','$reason')";
     }
 
     if ($con->query($sql) === TRUE) {
 
-        $_SESSION["info_courses"] = " Lab Report Deadline extended successfully.";
+        $_SESSION["info_courses"] = " Assignment deadline extended successfully.";
         header("Location: Courses.php?course=" . $url);
     } else {
         echo "Error: " . $sql . "<br>" . $con->error;
@@ -903,7 +903,7 @@ if (!empty($_GET["ignoreremarking"])) {
 
     if ($con->query($sql) === TRUE) {
 
-        $_SESSION["info_Marking"] = "Remarking Request Ignored , Submission Updated to 'Marked' status";
+        $_SESSION["info_Marking"] = "Remarking request ignored.";
         header("Location: Submissions.php?id=" . $id . "&header=" . $header . "&total=" . $total);
     } else {
         echo "Error: " . $sql . "<br>" . $con->error;
@@ -913,18 +913,32 @@ if (!empty($_GET["ignoreremarking"])) {
 #Assign TA
 
 if (!empty($_GET["assignTA"])) {
-
     $id = mysqli_real_escape_string($con, $_GET["id"]);
     $ta = mysqli_real_escape_string($con, $_GET["ta"]);
 
-    $sql = "INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ('$id','$ta')";
+    // Check if the TA is already assigned to the course
+    $check_sql = "SELECT * FROM course_ta WHERE Course_ID='$id' AND TA='$ta'";
+    $check_result = $con->query($check_sql);
 
-    if ($con->query($sql) === TRUE) {
-
-        $_SESSION["info_Admin_Courses"] = $type . " Course TA Assigned ";
-        header("Location: Admin.php");
+    if ($check_result->num_rows > 0) {
+        // Alert user about the duplicate assignment
+        echo "<script>
+            alert('The selected TA is already assigned to this course.');
+            window.location.href='Admin.php';
+        </script>";
     } else {
-        echo "Error: " . $sql . "<br>" . $con->error;
+        // Proceed with the TA assignment
+        $sql = "INSERT INTO course_ta(Course_ID, TA) VALUES ('$id','$ta')";
+
+        if ($con->query($sql) === TRUE) {
+            $_SESSION["info_Admin_Courses"] = $type . " Course TA Assigned ";
+            header("Location: Admin.php");
+        } else {
+            echo "<script>
+                alert('You must select a TA first!.');
+                window.location.href='Admin.php';
+            </script>";
+        }
     }
 }
 
@@ -987,20 +1001,19 @@ if (!empty($_GET["action"])) {
         }
     }
 
-    if ($action == "statuschange" && $_SESSION['user_id'] == $uid && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) {
+    if ($action == "statuschange" && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) {
         $sql = "UPDATE users_table set Status='$status' where User_ID='$uid';";
         if ($con->query($sql) === TRUE) {
             $_SESSION["info_Admin_Users"] = $type . " user  Status updated successfully ";
             header("Location: Admin.php");
         } else {
-            // echo "Error: " . $sql . "<br>" . $con->error;
             echo "Something really bad happened while changing status.  Contact lanhui at zjnu.edu.cn.  Thanks!";
         }
     }
 }
 
 // ############################### CREATE STUDENT USER ##################################
-if (!empty($_POST["frm_createCourse"])) {
+if (!empty($_POST["form_createCourse"])) {
     $name = mysqli_real_escape_string($con, $_POST["name"]);
     $academic = mysqli_real_escape_string($con, $_POST["academic"]);
     $lecturer = mysqli_real_escape_string($con, $_POST["lecturer"]);
@@ -1096,3 +1109,4 @@ WHERE lab_report_submissions.Lab_Report_ID='$lab'";
     header("Expires: 0");
     print "$header\n$data";
 }
+?>

Student.php

@@ -1,15 +1,14 @@
-<?php
-$page = "student";
-include 'Header.php';
-
-?>
-
-<br><br><br>
-
-<div class="row" style="width:80%;margin:auto;">
-
-    <div class="col-md-6">
-        <h1> Student Account Created. Now you can Browse Course Portals </h1>
-    </div>
-
-</div>
+<?php
+$page = "student";
+include 'Header.php';
+?>
+
+<br><br><br>
+
+<div class="row" style="width:80%;margin:auto;">
+
+    <div class="col-md-6">
+        <h1> Student account created. Now you can browse the course portal. </h1>
+    </div>
+
+</div>

Submissions.php

@@ -24,22 +24,26 @@ if (!empty($_GET["total"])) {
     $total = 0;
 }
 
-$resultx1 = mysqli_query($con, "SELECT `Lab_Report_ID`,Title, lab_reports_table.Course_ID, `Posted_Date`, `Deadline`, `Marks`, `Type` , courses_table.URL FROM `lab_reports_table` INNER JOIN courses_table ON courses_table.Course_ID=lab_reports_table.Course_ID WHERE Lab_Report_ID=$id");
+$resultx1 = mysqli_query($con, "SELECT Lab_Report_ID, Title, lab_reports_table.Course_ID, Posted_Date, Deadline, Marks, Type, courses_table.URL
+                                FROM lab_reports_table
+                                INNER JOIN courses_table ON courses_table.Course_ID=lab_reports_table.Course_ID
+                                WHERE Lab_Report_ID=$id");
 while ($row = mysqli_fetch_assoc($resultx1)) {
-    $Report_Type = $row['Type'];
+    $report_type = $row['Type'];
     $c_id = $row['Course_ID'];
-    $Report_Title = $row['Title'];
+    $report_title = $row['Title'];
     $url = $row['URL'];
 }
-
-echo "<div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='Courses.php?course=$url'>
- $header 
-</a></div>
- ";
-
 ?>
 
-<div class="row" style="width:80%;margin:auto; text-align:left;">
+<div class="container">
+    
+<?php
+echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
+?>
+
+
+<div class="row">
 
     <!--    Lecturer  CODE-->
     <?php
@@ -55,89 +59,72 @@ echo "<div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF
             error_reporting(0);
 
             if (isset($_SESSION['info_Marking'])) {
-                echo  '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Marking'] . '</div>';
+                echo  '<div class="alert alert-warning">' . $_SESSION['info_Marking'] . '</div>';
                 $_SESSION['info_Marking'] = null;
             }
 
-            $resultx1 = mysqli_query($con, "Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id");
-            while ($row = mysqli_fetch_assoc($resultx1)) {
-                $count_subs = $row['cnt'];
-            }
+            $resultx1 = mysqli_query($con, "SELECT Count(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id");
+            $row = mysqli_fetch_assoc($resultx1);
+            $count_submissions = $row['cnt'];
 
-            $resultx2 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Marked'");
-            if (mysqli_num_rows($resultx2) == 0) {
-                $count_marked = 0;
-            } else {
-                while ($row = mysqli_fetch_assoc($resultx2)) {
-                    $count_marked = $row['cnt'];
-                }
-            }
+            $resultx2 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id and Status='Marked'");
+	    $row = mysqli_fetch_assoc($resultx2);
+            $count_marked = $row['cnt'];
 
-            $resultx3 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Pending'");
-            if (mysqli_num_rows($resultx3) == 0) {
-                $count_unmarked = 0;
-            } else {
-                while ($row = mysqli_fetch_assoc($resultx3)) {
-                    $count_unmarked = $row['cnt'];
-                }
-            }
+            $resultx3 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id and Status='Pending'");
+            $row = mysqli_fetch_assoc($resultx3);
+            $count_unmarked = $row['cnt'];
 
-            $resultx4 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Remarking'");
-            if (mysqli_num_rows($resultx4) == 0) {
-                $count_remark = 0;
-            } else {
-                while ($row = mysqli_fetch_assoc($resultx4)) {
-                    $count_remark = $row['cnt'];
-                }
-            }
+            $resultx4 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id and Status='Remarking'");
+            $row = mysqli_fetch_assoc($resultx4);
+            $count_remark = $row['cnt'];
+
+            $resultx5 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM course_groups_table WHERE Course_id=$c_id");
+            $row = mysqli_fetch_assoc($resultx5);
+            $count_group = $row['cnt'];
 
             ?>
 
-            <b>Lab Report Submissions (<?php echo $count_subs; ?>)</b>
+	    <br>
+            <p class="text-muted"><b>Total submissions (<?php echo $count_submissions; ?>)</b></p>
             <!-- Nav tabs -->
-            <ul class="nav nav-tabs" role="tablist">
+            <ul class="nav nav-tabs" id="myTab">
                 <li class="nav-item">
-                    <a class="nav-link active" data-toggle="tab" href="#menu1">Un-Marked Submissions<b> (<?php echo $count_unmarked; ?>)</b></a>
+                    <a class="nav-link active" href="#menu1">Unmarked submissions (<?php echo $count_unmarked; ?>)</a>
                 </li>
                 <li class="nav-item">
-                    <a class="nav-link" data-toggle="tab" href="#menu2">Marked Submissions <b>(<?php echo $count_marked; ?>)</b></a>
+                    <a class="nav-link" href="#menu2">Marked submissions (<?php echo $count_marked; ?>)</a>
                 </li>
 
                 <li class="nav-item">
-                    <a class="nav-link" data-toggle="tab" href="#menu3">Re-Marking Requests <b>(<?php echo $count_remark; ?>)</b></a>
+                    <a class="nav-link" href="#menu3">Remarking requests (<?php echo $count_remark; ?>)</a>
                 </li>
 
                 <li class="nav-item">
-                    <a class="nav-link" data-toggle="tab" href="#menu4"> View Course Groups</a>
+                    <a class="nav-link" href="#menu4">Course groups (<?php echo $count_group; ?>)</a>
                 </li>
             </ul>
             <div class="tab-content">
-                <div id="menu1" class="container tab-pane active"><br>
+                <div id="menu1" class="tab-pane active"><br>
 
                     <?php
 
-                    if ($Report_Type == "Group") {
-                        $result1 = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
-    lab_report_submissions.Course_Group_id, `Attachment1`,
-     `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status, 
-     `Title`,course_groups_table.Group_Name,course_groups_table.Group_Leader,users_table.Full_Name, users_table.Student_id
-FROM `lab_report_submissions`
-Left JOIN users_table  on users_table.Student_ID=lab_report_submissions.Student_id
-left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
-where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Submission_Date desc");
+                    if ($report_type == "Group") {
+                        $result1 = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, course_groups_table.Group_Name, course_groups_table.Group_Leader, users_table.Full_Name, users_table.Student_id
+                                                       FROM lab_report_submissions
+                                                       LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id
+                                                       LEFT JOIN course_groups_table ON course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
+                                                       WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Pending' ORDER BY Submission_Date DESC");
                     } else {
-                        $result1 = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
-     lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
-     `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status, 
-     `Title`,users_table.Full_Name,course_group_members_table.Student_ID
-FROM `lab_report_submissions`
-Left JOIN users_table  on users_table.Student_ID=lab_report_submissions.Student_id
-left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
-where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Submission_Date desc");
+                        $result1 = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, users_table.Full_Name, course_group_members_table.Student_ID
+                                                       FROM lab_report_submissions
+                                                       LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id
+                                                       LEFT JOIN course_group_members_table ON course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
+                                                       WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Pending' ORDER BY Submission_Date DESC");
                     }
 
                     if (mysqli_num_rows($result1) == 0) {
-                        echo "No Un-Marked Submissions for this Lab Report.";
+                        echo "No unmarked submissions.";
                     } else {
                         while ($row = mysqli_fetch_assoc($result1)) {
                             $title = $row['Title'];
@@ -159,7 +146,7 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
                             $student_id = $row['sub_std'];
 
                             if ($submitted_group == 0) {
-                                $submitted_by = $student_name . "(" . $student_id . ")";
+                                $submitted_by = $student_name . " (" . $student_id . ")";
                             } else {
                                 $submitted_by = "$student_name ($submitter_student_number) for group $groupname ";
                             }
@@ -182,10 +169,13 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
                                 $full_link = $full_link . " | <a href='~\..\Download.php?file=$att4&attachment=4'>$base_att4</a>";
                             }
 
-                            echo "   <k href='#'>   <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
-  $title  <br> by: <b> <span class = 'text-selectable'>$submitted_by </span> </b>
-   <br> <span style='font-size:8pt'>Submitted : $posted   <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'>  Mark Submission</button><br> Attachments : $full_link </span>  
-</div></k>";
+                            echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left:1px solid #eee;'>
+                                      $title  <br>
+                                      By: <b> <span class='text-selectable'> $submitted_by </span> </b> <br>
+                                      <small>Submitted on: $posted</small>
+                                      <button class='btn btn-sm btn-primary' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark </button><br>
+                                      Attachments : $full_link
+                                  </div>";
                         }
                     }
                     echo "";
@@ -193,39 +183,34 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
 
                 </div>
 
-                <div id="menu2" class="container tab-pane"><br>
+                <div id="menu2" class="tab-pane"><br>
 
                     <?php
 
-                    if ($Report_Type == "Group") {
-                        $result = mysqli_query($con, "SELECT `Submission_ID`,Visibility, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
-    lab_report_submissions.Course_Group_id, `Attachment1`,
-     `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status, 
-     `Title`,course_groups_table.Group_Name
-FROM `lab_report_submissions`
-left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
-where Lab_Report_ID=$id and lab_report_submissions.Status='Marked'");
+                    if ($report_type == "Group") {
+                        $result = mysqli_query($con, "SELECT Submission_ID, Visibility, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, course_groups_table.Group_Name
+                                                      FROM lab_report_submissions
+                                                      LEFT JOIN course_groups_table ON course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
+                                                      WHERE Lab_Report_ID=$id and lab_report_submissions.Status='Marked'");
                     } else {
-                        $result = mysqli_query($con, "SELECT `Submission_ID`,Visibility, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
-     lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
-     `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status, 
-     `Title`,users_table.Full_Name,course_group_members_table.Student_ID
-FROM `lab_report_submissions`
-Left JOIN users_table  on users_table.Student_ID=lab_report_submissions.Student_id
-left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
-where Lab_Report_ID=$id and lab_report_submissions.Status='Marked'  Order by lab_report_submissions.Student_id Desc");
+                        $result = mysqli_query($con, "SELECT Submission_ID, Visibility, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, users_table.Full_Name, course_group_members_table.Student_ID
+                                                      FROM lab_report_submissions
+                                                      LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id
+                                                      LEFT JOIN course_group_members_table ON course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
+                                                      WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Marked' ORDER BY lab_report_submissions.Student_id Desc");
                     }
 
                     if (mysqli_num_rows($result) == 0) {
-                        echo "No Marked submissions for this lab";
+
+                        echo "No marked submissions.";
+
                     } else {
 
-                        echo "<h3><a href='~\..\Script.php?exportgrade=true&lab=$id&lab_name=$Report_Title'><i class='fa fa-book'></i> Export Grade Sheet </a></h3>";
+                        echo "<h3><a href='~\..\Script.php?exportgrade=true&lab=$id&lab_name=$report_title'><i class='fa fa-book'></i> Export grades</a></h3>";
 
                         while ($row = mysqli_fetch_assoc($result)) {
                             $title = $row['Title'];
                             $Marks = $row['Marks'];
-                            //$ins=$row['Notes']; 
                             $posted = $row['Submission_Date'];
                             $deadline = $row['Deadline'];
                             $att1 = $row['Attachment1'];
@@ -267,10 +252,12 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Marked'  Order by lab
                             // if you want to use text-selectable class on whole div, just call the css class
 
 
-                            echo "   <k href='#'>   <div class='btn btn-default break-word ' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
-  $title  <br> by : <b> <span class = 'text-selectable'>$submitted_by </span> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b>  &nbsp; Visibility : <b>$Visibility </b>  <button class='btn-sm btn-success' style='margin-left:50px;' onclick='updatev($Submission_ID)'>Update visibility</button> 
-   <hr> Lecturer/TA notes : $notes<br> <span style='font-size:8pt'>Submitted : $posted        <b>  </b> <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'>  Re-Mark Submission</button><br> Attachments : $full_link </span>  
-</div></k>";
+                            echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap:break-word; border:1px solid #F0F0F0; border-left:1px solid #eee;'>
+                                      <b> $title </b>  &nbsp;&nbsp; [Marks: $Marks] <button class='btn btn-light btn-sm' onclick='mark($Submission_ID,\"$title\",$total)'>Remark</button><br>
+                                      <small>Submitted by <span class = 'text-selectable'>$submitted_by</span> on $posted</small>
+                                      <span class='badge badge-info'>Marking comments</span> $notes <br>
+                                      Attachments : $full_link
+                                  </div>";
                         }
                     }
                     echo "";
@@ -278,38 +265,29 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Marked'  Order by lab
 
                 </div>
 
-                <div id="menu3" class="container tab-pane"><br>
+                <div id="menu3" class="tab-pane"><br>
 
                     <?php
 
-                    if ($Report_Type == "Group") {
-                        $resulty  = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
-      lab_report_submissions.Course_Group_id, `Attachment1`,
-     `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, lab_report_submissions.Marks, lab_report_submissions.Status, 
-     `Title`,course_groups_table.Group_Name
-FROM `lab_report_submissions`
-
-left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
-where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
+                    if ($report_type == "Group") {
+                        $resulty = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, lab_report_submissions.Marks, lab_report_submissions.Status, Title, course_groups_table.Group_Name
+                                                       FROM lab_report_submissions
+                                                       LEFT JOIN course_groups_table ON course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
+                                                       WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Remarking'");
                     } else {
-                        $resulty  = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID, 
-    lab_report_submissions.Remarking_Reason,
-     lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
-     `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, lab_report_submissions.Marks, lab_report_submissions.Status, 
-     `Title`,users_table.Full_Name,course_group_members_table.Student_ID
-FROM `lab_report_submissions`
-Left JOIN users_table  on users_table.Student_ID=lab_report_submissions.Student_id
-left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
-where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
+                        $resulty = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID,  lab_report_submissions.Remarking_Reason, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, lab_report_submissions.Marks, lab_report_submissions.Status, Title, users_table.Full_Name, course_group_members_table.Student_ID
+                                                       FROM lab_report_submissions
+                                                       LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id
+                                                       LEFT JOIN course_group_members_table ON course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
+                                                       WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Remarking'");
                     }
 
                     if (mysqli_num_rows($resulty) == 0) {
-                        echo "No Remarking Request for this lab";
+                        echo "No remarking requests.";
                     } else {
                         while ($row = mysqli_fetch_assoc($resulty)) {
                             $title = $row['Title'];
                             $Marks = $row['Marks'];
-                            //$ins=$row['Notes']; 
                             $posted = $row['Submission_Date'];
                             $deadline = $row['Deadline'];
 
@@ -346,13 +324,14 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
                             if ($att4 != "") {
                                 $full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
                             }
-                            echo "   <k href='#'>   <div class='btn btn-default break-word ' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
-  $title  <br> by : <b> <span class = 'text-selectable'>$submitted_by </span>  &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> <br> Remarking Reason : <b>$remarking_reason </b>
-   <hr> <span style='font-size:8pt'>Submitted : $posted        <b>  </b> "
-                                . "<button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'>  Re-Mark Submission</button>"
-                                . " &nbsp; &nbsp;&nbsp;&nbsp;<a href='~\..\Script.php?ignoreremarking=yes&id=$id&subid=$Submission_ID&header=$header&total=$total&status=Marked' class='btn-sm btn-warning'>  Ignore Request </a>"
-                                . "<br> Attachments : $full_link </span>  
-</div></k>";
+                            echo "<div class='btn btn-default break-word'  style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 2px solid #eee;'>"
+                               .   "$title <br>"
+			       .   "Submitted by: <b> <span class = 'text-selectable'>$submitted_by </span>  &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marks: $Marks ] </b> <br>"
+			       .   "<span style='color:orange'><i class='fa fa-info-circle'></i> Remarking reason:</span> $remarking_reason <br>"
+                               .   "<button class='btn btn-light btn-sm' onclick='mark($Submission_ID,\"$title\",$total)'>Remark</button>"
+                               .   "&nbsp; <a href='~\..\Script.php?ignoreremarking=yes&id=$id&subid=$Submission_ID&header=$header&total=$total&status=Marked' class='btn btn-sm btn-light'>Ignore request</a> <br>"
+			       .   "<small>Submitted at: $posted <br> Attachments: $full_link </small>"
+			       . "</div>";
                         }
                     }
                     echo "";
@@ -360,45 +339,47 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
 
                 </div>
 
-                <div id="menu4" class="container tab-pane"><br>
+                <div id="menu4" class="tab-pane"><br>
 
-                    <h3>Course Groups</h3>
-
-                    <hr>
+                    <div class="col-md-7">
                     <?php
 
-                    $result = mysqli_query($con, "  SELECT `Course_Group_id`, `Group_Name`, `Group_Leader`, `Course_id`,users_table.Full_Name
-FROM `course_groups_table`
-INNER JOIN users_table on users_table.Student_ID=course_groups_table.Group_Leader
-WHERE Course_id=$c_id");
-
+                    $result = mysqli_query($con, "SELECT Course_Group_id, Group_Name, Group_Leader, Course_id, users_table.Full_Name
+                                                  FROM course_groups_table
+                                                  INNER JOIN users_table ON users_table.Student_ID=course_groups_table.Group_Leader
+                                                  WHERE Course_id=$c_id");
                     if (mysqli_num_rows($result) == 0) {
-                        echo "You have no Group in this Course";
+                        echo "No student groups.";
                     } else {
                         while ($row = mysqli_fetch_assoc($result)) {
                             $name = $row['Group_Name'];
-                            $leader = $row['Full_Name'] . "(" . $row['Group_Leader'] . ")";
+			    $leader_student_no = $row['Group_Leader'];
                             $id = $row['Course_Group_id'];
 
-                            echo "<div  class='btn-default'><small> $name -  Leader : $leader </small></div>";
+                            echo "<ul class='list-group'>";
+			    echo "    <li class='list-group-item disabled'>Group $name</li>";
 
-                            $rs2 = mysqli_query($con, "SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID, 
-                            course_group_members_table.`Status`,users_table.Full_Name FROM `course_group_members_table` 
-INNER JOIN users_table on users_table.Student_ID=course_group_members_table.Student_ID
-where course_group_members_table.Course_Group_id=$id");
+                            $rs2 = mysqli_query($con, "SELECT ID, Course_Group_id, course_group_members_table.Student_ID, course_group_members_table.Status, users_table.Full_Name
+                                                       FROM course_group_members_table 
+                                                       INNER JOIN users_table ON users_table.Student_ID=course_group_members_table.Student_ID
+                                                       WHERE course_group_members_table.Student_ID AND course_group_members_table.Course_Group_id=$id");
 
                             while ($row = mysqli_fetch_assoc($rs2)) {
                                 $name = $row['Full_Name'];
                                 $id = $row['Course_Group_id'];
                                 $status = $row['Status'];
                                 $Student_ID = $row['Student_ID'];
-
-                                echo "<li><small> $name-$Student_ID ($status)</small></li>";
+                                if ($leader_student_no == $Student_ID) {
+                                    echo "<li class='list-group-item'>$name ($Student_ID) - $status - Leader</li>";
+				} else {
+                                    echo "<li class='list-group-item'>$name ($Student_ID) - $status</li>";
+				}
                             }
+			    echo "</ul><br>";
                         }
                     }
                     ?>
-
+                    </div>
                 </div>
 
             </div>
@@ -407,36 +388,49 @@ where course_group_members_table.Course_Group_id=$id");
 
 </div>
 
-<?php
+    <?php
     }
-    include 'Footer.php';
-?>
+    ?>
 
-<script src="http://118.25.96.118/nor/css/jquery-1.11.1.min.js"></script>
+    <?php include 'Footer.php';?>
 
-<script src="http://118.25.96.118/nor/css/jquery-ui.min.js"></script>
 
-<link rel="stylesheet" href="http://118.25.96.118/nor/css/jquery-ui.css" />
+</div>
+
+
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/themes/base/jquery-ui.min.css" integrity="sha512-ELV+xyi8IhEApPS/pSj66+Jiw+sOT1Mqkzlh8ExXihe4zfqbWkxPRi8wptXIO9g73FSlhmquFlUOuMSoXz5IRw==" crossorigin="anonymous" referrerpolicy="no-referrer" />
+<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js" integrity="sha512-3gJwYpMe3QewGELv8k/BX9vcqhryRdzRMxVfq6ngyWXwo03GFEzjsUm8Q7RZcHPHksttq7/GFoxjCVUjkjvPdw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>	    
+<script src="https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js" integrity="sha512-57oZ/vW8ANMjR/KQ6Be9v/+/h6bq9/l3f0Oc7vn6qMqyhvPd1cvKBRWWpzu0QoneImqr2SkmO4MSqU+RpHom3Q==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
 
 <script>
+
     function mark(id, title, marks) {
 
         try {
 
-            $('<form id="submit-form" method="get" action="Script.php">' + title + '(' + marks + ' marks) <input type="hidden" name="savemarks" value="true">\n\
- <input type="hidden" name="total" value="' + marks + '" > <input type="hidden" name="id" value="' + id + '" ><br> Marks <input type="text" name="marks">\n\
- Comments <textarea name="feedback"></textarea>  \n\
-<input type="hidden" name="labid" value="<?php echo $course_id; ?>"> <input type="hidden" name="header" value="<?php echo $header; ?>">  </form>').dialog({
-                modal: true,
-                title: 'Mark Submission',
-                buttons: {
-                    'Submit Marking': function() {
+            $(`<form id="submit-form" method="get" action="Script.php">
+	        ${title} (${marks}  marks)
+	        <input type="hidden" name="savemarks" value="true">
+                <input type="hidden" name="total" value="${marks}" >
+                <input type="hidden" name="id" value="${id}" >
+                <br> Marks
+                <input type="text" name="marks">\n\
+                Comments <textarea name="feedback"></textarea>  \n\
+                <input type="hidden" name="labid" value="<?php echo $course_id; ?>">
+                <input type="hidden" name="header" value="<?php echo $header; ?>">
+              </form>`).dialog({
+                  modal: true,
+                  title: 'Mark submission',
+		  close: function () {
+		      var closeBtn = $('.ui-dialog-titlebar-close');
+		      closeBtn.html('');
+		  },     
+                  buttons: {
+                      'Submit': function() {
                         $('#submit-form').submit();
-
                         $(this).dialog('close');
                     },
-                    'X': function() {
-
+                    'Cancel': function() {
                         $(this).dialog('close');
                     }
 
@@ -448,31 +442,17 @@ where course_group_members_table.Course_Group_id=$id");
         }
     }
 
-    function updatev(id) {
+ /* For tabs to work */
+ const triggerTabList = document.querySelectorAll('#myTab a')
+ triggerTabList.forEach(triggerEl => {
+     const tabTrigger = new bootstrap.Tab(triggerEl)
+     triggerEl.addEventListener('click', event => {
+	 event.preventDefault()
+	 tabTrigger.show()
+     })
+ })
 
-        try {
-
-            $('<form id="submit-form" method="get" action="Script.php"> <input type="hidden" name="updatevisibility" value="true">\n\
- <input type="hidden" name="id" value="' + id + '" > <br>\n\
-Update Visibility<br><select name="status"> <option> Public </option><option>Private</option> </select>  \n\
-<input type="hidden" name="labid" value="<?php echo $id; ?>"> <input type="hidden" name="total" value="<?php echo $total; ?>" > <input type="hidden" name="header" value="<?php echo $header; ?>">  </form>').dialog({
-                modal: true,
-                title: 'Update Report Visibility',
-                buttons: {
-                    'Update': function() {
-                        $('#submit-form').submit();
-                        $(this).dialog('close');
-                    },
-                    'X': function() {
-
-                        $(this).dialog('close');
-                    }
-
-                }
-            });
-
-        } catch (e) {
-            alert(e);
-        }
-    }
 </script>
+
+</body>
+</html>

SubmitLab.php

@@ -7,129 +7,123 @@ $page='Submit LAB+';
 include 'Header.php';
 ?>
 
-<div class='row' style='width:80%;margin:auto;'>
+<div class="container">
+
+    <div class='row'>
 
 
-<?php
+	<?php
 
-$c_date =  date("Y-m-d H:i");
-$student_id = $_SESSION["user_student_id"];
-  
-if(!empty($_GET["id"]))
-{
-    $id = mysqli_real_escape_string($con, $_GET["id"]);
-    $url = mysqli_real_escape_string($con, $_GET["url"]);
-      
-    $result1 = mysqli_query($con," SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id  and Deadline > '$c_date'  ORDER by Lab_Report_ID DESC");
-    if(mysqli_num_rows($result1) == 0)
-    {
-        echo "No active assignments for this course so far.";
-     
-    } else {
-        
-        while($row = mysqli_fetch_assoc($result1)) {
-        
-            $Course_ID = $row['Course_ID'];
-            $title = $row['Title'];
-            $ins = $row['Instructions'];
-            $posted = $row['Posted_Date'];	
-            $deadline = $row['Deadline'];
-            $att1 = $row['Attachment_link_1'];
-            $att2 = $row['Attachment_link_2'];
-            $att3 = $row['Attachment_link_3'];
-            $att4 = $row['Attachment_link_4'];
-            $labid = $row['Lab_Report_ID'];
-            $type = $row['Type'];
-        
-            //----------------------------------Giving both the Group Admin and Group Members same priviledges to submit assignment--------------------------------------
-            if($type=="Group"){
-                $resultx1 = mysqli_query($con,"SELECT Course_Group_id  FROM `course_groups_table` WHERE (Course_id=$Course_ID) and ((Group_Member=$student_id ) or (Group_Member2=$student_id ) or (Group_Member3=$student_id ) or (Group_Member4=$student_id ) or (Group_Leader=$student_id))");
-                while($row = mysqli_fetch_assoc($resultx1)) {
-                    $_SESSION["Group_ID"] = $row['Course_Group_id'];
-                }  
-      
-                if($_SESSION["Group_ID"] < 1) 
-                {
-                    echo" <center><h3> This Lab report can only be submitted by Group Admin  </h3> </center> ";
-                    return;
-                }
-            }
-                                     
-                                     
-            $full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";      
-                                     
-            if($att2!=""){
-                $full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";    
-            }
-            if($att3!=""){
-                $full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";    
-            }
-                                     
-            if($att4!=""){
-                $full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";    
-            }
-               
-            echo    "  <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
-  Courses > $url > Submlit Lab Report > $title 
-   <br> 
-</a></div>
- ";
+	$c_date =  date("Y-m-d H:i");
+	$student_id = $_SESSION["user_student_id"];
 
-            echo "";
-        }
-    }
-}
+	if(!empty($_GET["id"]))
+	{
+	    $id = mysqli_real_escape_string($con, $_GET["id"]);
+	    $url = mysqli_real_escape_string($con, $_GET["url"]);
 
-$Group_ID = $_SESSION["Group_ID"];
+            // Get course name
+            $result0 = mysqli_query($con,"SELECT Course_Name FROM courses_table WHERE URL='$url'");
+            $row = mysqli_fetch_assoc($result0);
+            $course_name = $row['Course_Name'];
 
-?>
+	    $result1 = mysqli_query($con, "SELECT Type, Lab_Report_ID, Course_ID, Posted_Date, Deadline, Instructions, Title, Attachment_link_1, Attachment_link_2, Attachment_link_3, Attachment_link_4
+                                           FROM lab_reports_table
+                                           WHERE Lab_Report_ID=$id AND Deadline>'$c_date' ORDER BY Lab_Report_ID DESC");
+	    if(mysqli_num_rows($result1) == 0) {
+		echo "No active assignments for this course so far.";
+	    } else {
+		while($row = mysqli_fetch_assoc($result1)) {
+		    $Course_ID = $row['Course_ID'];
+		    $title = $row['Title'];
+		    $ins = $row['Instructions'];
+		    $posted = $row['Posted_Date'];
+		    $deadline = $row['Deadline'];
+		    $att1 = $row['Attachment_link_1'];
+		    $att2 = $row['Attachment_link_2'];
+		    $att3 = $row['Attachment_link_3'];
+		    $att4 = $row['Attachment_link_4'];
+		    $labid = $row['Lab_Report_ID'];
+		    $type = $row['Type'];
+
+		    // Giving both the Group Admin and Group Members same priviledges to submit assignment
+		    if ($type == "Group") {
+			$resultx1 = mysqli_query($con,"SELECT Course_Group_id
+                                                       FROM course_groups_table
+                                                       WHERE (Course_id=$Course_ID) AND ((Group_Member=$student_id ) OR (Group_Member2=$student_id ) OR (Group_Member3=$student_id ) OR (Group_Member4=$student_id ) OR (Group_Leader=$student_id))");
+			while ($row = mysqli_fetch_assoc($resultx1)) {
+			    $_SESSION["Group_ID"] = $row['Course_Group_id'];
+			}
+
+			if ($_SESSION["Group_ID"] < 1) {
+			    echo" <center><h3> This Lab report can only be submitted by Group Leader  </h3> </center> ";
+			    return;
+			}
+		    }
+
+
+		    $full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
+
+		    if ($att2 != "") {
+			$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
+		    }
+
+		    if ($att3 != "") {
+			$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
+		    }
+
+		    if ($att4 != "") {
+			$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
+		    }
+
+		    echo  "<div><a href='~\..\Course.php?url=$url'> Courses > ($url) $course_name > $title </a></div>";
+		}
+	    }
+	}
+
+	$Group_ID = $_SESSION["Group_ID"];
+
+	?>
+
+    </div>
+
+
+    <div>
+
+	<h1 class="display-6">Submit assignment</h1>
+	<hr>
+	<div class="row">
+
+            <div class="col-md-6">
+
+
+		<form method='post' enctype='multipart/form-data' action='Script.php'>
+		    <input type='hidden' name='form_submitlab' value='true' required=''/>
+		    <input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/>
+		    <input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/>
+		    <input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required=''/>
+		    <input type='hidden' name='url' value='<?php echo $url; ?>' required=''/>
+                    <div class='mb-3'>
+			<label class='form-label'>Title</label>
+			<input type='text'  name='title' placeholder='Assignment submission title' class='form-control' required=''>
+                    </div>
+		    <div class='mb-3'>
+			<label class='form-label'>Attachment 1</label>
+			<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
+			<label class='form-label'>Attachment 2</label>
+			<input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
+			<label class='form-label'>Attachment 3</label>
+			<input type='file' name='attachment3' placeholder='Attachment 3' class='form-control' >
+			<label class='form-label'>Attachment 4</label>
+			<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
+                    </div>
+                    <button type='submit' class='btn btn-primary'>Submit</button>
+		</form>
+
+            </div>
+
+	</div>
+
+    </div>
 
 </div>
-
-
-
-
-<div style="width:80%;margin:auto;">
-
-         <h3> Submit Lab Report Assignment </h3>
-         <hr>
-    <div class="row">
-     
-         <div class="col-md-6">
-            
-
-         <form method='post' enctype='multipart/form-data' action='Script.php'>
-         <input type='hidden' name='frm_submitlab' value='true' required=''/>
-         <input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/>
-         <input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/>
-         <input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required=''/>
-         <input type='hidden' name='url' value='<?php echo $url; ?>' required=''/>
-                              
-         Title
-         <input type='text'  name='title' placeholder='Ttle' class='form-control' required=''>
-
-         Attachment 1
-         <input type='file'  name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
-
-         Attachment 2
-         <input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
-
-         </div>
-
-         <div class="col-md-6">
-
-         Attachment 3
-         <input type='file'  name='attachment3' placeholder='Attachment 3' class='form-control' >
-
-         Attachment 4
-         <input type='file'  name='attachment4' placeholder='Attachment 4' class='form-control' >
-         <br>
-         
-         <input type='submit' class='btn btn-primary' value='Submit Lab Assignment'><br>
-         </form>
-   
-         </div>
-
-   </div>
-    
-</div> 

Visitors.php

@@ -1,63 +0,0 @@
-<?php
-$page = 'Submit LAB+';
-include 'Header.php';
-?>
-
-<div class='row' style='width:80%;margin:auto;'>
-  <?php
-
-  echo    "  <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
-  LRRS > Visitor Portal  > Public Lab Reports
-   <br> <span style='font-size:8pt'> </span>
-</a></div>
- ";
-
-  $result = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Student_id,
-     `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, `Title`, `Visibility` ,
-     users_table.Full_Name,course_groups_table.Group_Name
-FROM `lab_report_submissions`
-left join users_table on users_table.Student_ID=lab_report_submissions.Student_id
-left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
-WHERE Visibility='Public' ");
-  if (mysqli_num_rows($result) == 0) {
-  } else {
-    while ($row = mysqli_fetch_assoc($result)) {
-      $att1 = $row['Attachment1'];
-      $att2 = $row['Attachment2'];
-
-      $sdate = $row['Submission_Date'];
-      $att3 = $row['Attachment3'];
-      $att4 = $row['Attachment4'];
-      $labid = $row['Lab_Report_ID'];
-      $title = $row['Title'];
-
-      $submitted_std = $row['Student_id'];
-      $submitted_group = $row['Course_Group_id'];
-      $Submission_ID = $row['Submission_ID'];
-      $sname = $row['Full_Name'];
-      $gname = $row['Group_Name'];
-      $Visibility = $row['Visibility'];
-
-      $full_link = "<a href='~\..\Lab_Report_Submisions\\$att1'>$att1</a>";
-
-      if ($att2 != "") {
-        $full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att2'>$att2</a>";
-      }
-      if ($att3 != "") {
-        $full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att3'>$att3</a>";
-      }
-
-      if ($att4 != "") {
-        $full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
-      }
-
-      echo "  
-               
-                        <div class='btn btn-default'> 
-  $title  <small>by $gname $sname </small>
-   <br> <span style='font-size:8pt'>Submission Date :$sdate  &nbsp;&nbsp; &nbsp;  Files : $full_link </span>
-</div>
-                        ";
-    }
-  } ?>
-</div>

css/main.css

@@ -8,4 +8,4 @@
     user-select: text;
     cursor:auto
   
-   }
+}

doc/IncreaseSessionDuration.txt

@@ -0,0 +1,13 @@
+Increasing session duration
+---------------------------
+
+By default, the session duration in PHP is set to 1,440 seconds (24
+minutes). However, this is not convenient in most software
+systems. Therefore, we may need to increase the duration to allow
+users to have more session time. To increase the session duration, we
+need to edit the variable *session.gc_maxlifetime* in **php.ini**. We
+can increase its default value to whatever we want (e.g., 7200).  On
+Ubuntu, the file is located at */etc/php/7.2/apache2/php.ini*. On
+XAMPP, the file is located at */xampp/php/php.ini*.
+
+*Last modified on 20 April 2022 by Umar*

doc/Issues.txt

@@ -1,7 +1,26 @@
+Todo
+----
+
+3. Filter file format and size upon upload.
+
+4.1. Upon Change password it must ask the old password first before new password.
+
+4.2. It should not use the GET REQUEST on password which puts user's data at risk since it displays in the URL.
 
 * Allow submission without file upload
-* Lecturer/TA  should see his/her feedback on submissions
+
+* Lecturer/TA should see his/her feedback on submissions
+
+* Remarking request details required
+
+
+Done
+----
+
+1. The connect.php should not echo 'Connected' since there is a redirect already in the header.php  [Resolved]
+
+2. The header.php is connecting to the database twice through inline connection and an external connect.php   [Resolved]
+
+4. Added css into the header.php
 
 * Check Spelling Issues
-
-* Remarking request details required

doc/QuickStart.txt

@@ -0,0 +1,26 @@
+Quick Start Guide
+
+
+* Use Admin User to Create Lecturer Accounts
+
+   Account: Admin
+   Password: admin@123
+
+* Create a Lecturer account
+
+* Login to Lecturer account
+
+* Create a course ( You can determine whether or not students need approval before they can join the course. )
+
+* As Student 
+
+ You can Sign up with your Student ID, then provide your email address and password.
+
+* Browse Courses by Deartment
+
+  - Or Search by Course Course
+  - Join Course
+  - You can see the list of your courses in Course Home page
+
+
+

doc/Quick_Start.txt

@@ -1,32 +0,0 @@
-
-<h1>  Quick Start Guide   </h1>
-<hr>
-
-
-* Use Admin User to Create Lecturer Accounts
-
-   user : Admin
-   Password : admin@123
-
-* Create Lecturer
-
-* Login to Lecturer Account
-
-
-* Create Course ( You can define whether or not students require approval to join the course )
-
-
-* As Student 
-
- You can Sign up with your Student ID
- Then Provide your Email and Password
-
-* Browse Courses by Deartment
-
-  - Or Search by Course Course
-  - Join Course
-  - You can see the list of your courses in Course Home page
-
-*
-
-

doc/ResetDatabase.txt

@@ -7,8 +7,8 @@ delete from course_Group_Members_table;
 delete from course_students_table;
 
 delete from course_ta;
-delete from extended_deadlines_table;
 
+delete from extended_deadlines_table;
 
 delete from lab_reports_table;
 
@@ -16,4 +16,4 @@ delete from lab_report_submissions;
 
 delete from students_data;
 
-Delete from users_table;
+delete from users_table;

doc/ResetPassword.txt

@@ -0,0 +1,24 @@
+Resetting password
+------------------
+
+We can reset a user's password by directly modifying the MySQL
+database table called `users_table`.  More specifically, we delete
+that user's information from `users_table` so that the user could sign
+up again.  Suppose the user's student number is 201131129138.
+
+To do so, LRR administrator logs in to MySQL using the following
+command: `mysql -u mnc -p`.  Type the correct password to access
+the MySQL database.
+
+After that, issue the following commands in the mysql prompt.
+
+- `use lrr;`
+
+- `delete from users_table where Student_ID="201131129138";`
+
+The first one uses a database called lrr in MySQL.  The second one
+deletes a record from `users_table` where the student number is
+201131129138.
+
+
+*Last modified on 20 April 2022 by Umar*

doc/UserDoc.md

@@ -1,26 +0,0 @@
-LRR User Documentation
-======================
-
-
-Resetting password
--------------------
-
-We can reset a user's password by directly modifying the MySQL database table called `users_table`.  More specifically, we delete that user's information from `users_table` so that the user could sign up again.  Suppose the user's student number is 201131129138.
-
-To do so, LRR administrator logs in to MySQL using the following command:  `mysql -u username -p`.  Type the correct password to access the MySQL database.
-
-After that, issue the following commands in the mysql prompt.
-
-- `use lrr;`
-
-- `delete from users_table where Student_ID="201131129138";`
-
-The first one uses a database called lrr in MySQL.  The second one deletes a record from `users_table` where the student number is 201131129138.
-
-Increasing session duration
--------------------
-
-By default, the session duration in PHP is set to 1,440 seconds (24 minutes). However, this is not convenient in most software systems. Therefore, we may need to increase the duration to allow users to have more session time. To increase the session duration, we need to edit the variable *session.gc_maxlifetime* in **php.ini**. We can increase its default value to whatever we want (e.g., 7200).
-On Ubuntu, the file is located at */etc/php/7.2/apache2/php.ini*. On XAMPP, the file is located at */xampp/php/php.ini*.
-
-*Last modified on 20 April 2022 by Umar*

doc/ashlys_issues.txt

@@ -1,10 +0,0 @@
-1. The connect.php should not echo 'Connected' since there is a redirect already in the header.php  [Resolved]
-
-2. The header.php is connecting to the database twice through inline connection and an external connect.php   [Resolved]
-
-3. Filter file format and size upon upload.
-
-4.1. Upon Change password it must ask the old password first before new password.
-4.2. It should not use the GET REQUEST on password which puts user's data at risk since it displays in the URL.
-
-4. Added css into the header.php

index.php

@@ -1,128 +1,79 @@
 <?php
-  $page='Home';
-  require 'Header.php';
-  session_start();
+$page='Home';
+require 'Header.php';
+session_start();
 ?>
 
 <?php
-  // if the user has already logged in, then clicking the LRRS icon should not display the login page (i.e., index.php).
+// if the user has already logged in, then clicking the LRRS icon should not display the login page (i.e., index.php).
 if (isset($_SESSION["user_fullname"])) {
-    header("Location: Courses.php");
+    echo  '<div class="container alert alert-info"> You\'ve already logged in.</div>';
+    exit();
 }
 ?>
 
 <br><br><br>
 
-<div class="row" style="width:85%;margin:auto;">
-  <div class="col-md-4">
-    <br><br>
-    <img src="logo.png" style="width:40%; position:relative; right:-95px; top:1px;">
-    <br><br>
-    <div style="width:20%; position:relative; right:-90px; font-family: Poppins-Regular;">
-    <h1>Lab Report Repository</h1>
-    <br><br>
-    </div>
-    </div>
-    <br>
-    <div style = "position:relative; left:240px; top:-2px;">
-    <h4 class="list-group-item active" style="font-weight:normal;font-family: Poppins-Regular;"> Sign in </h4>
-    <div class="list-group-item">
+<div class="container">
 
-    <div class="panel-body">
+    <div class="row">
+	<div class="col-md-5">
+	    <img src="logo.png" style="width:32%; position:relative; right:-95px; top:1px;" alt="LRR Logo">
+	    <br><br>
+	    <div style="width:32%; position:relative; right:-90px; font-family:Poppins-Regular;">
+		<h1>Lab Report Repository</h1>
+	    </div>
+	</div>
 
-    <form method="post" action="Script.php" name="frm_login">
-    <input type="hidden" name="frm_login" value="true"/>
-    Student ID / Instructor Email
-    <input type="text" name="user" placeholder="Email / Student Number" class="form-control" required="required" id="user_name" />
-    <br>
-    Password
-    <input type="password" class="form-control"  name="password" placeholder="password" required="required" id="user_password" />
-    <div class="text-center">
-    <br><input type="submit" class="btn-primary" value="Login" id="login_btn">
-    </div>
-    <br> <a href="recover_password.php" style="font-weight:normal;color:#2471A3; font-family: Poppins-Regular;
-    font-size: 17px;">Reset my password</a>
-    <div class="text-center">
-    <br><span class="txt1">Don't have an account?</span>
-         <a class="txt2" href="signup.php" style="font-weight:normal" id="signup_link">Sign Up</a>
-        </a>
-    </div>
+	<div class="col-md-5">
+	    <form method="post" action="Script.php" name="form_login">
+		<legend>Sign in</legend>
+		<input type="hidden" name="form_login" value="true"/>
+		<label for="user_name" class="form-label">Account name</label>
+		<input type="text" name="user" placeholder="Student Number / Email address" class="form-control" required="required" id="user_name" />
+		<br>
+		<label for="user_password" class="form-label">Password</label>
+		<input type="password" class="form-control"  name="password" placeholder="password" required="required" id="user_password" />
+		<br>
+		<button type="submit" class="btn btn-primary" id="login_btn">Sign in</button>
 
-    <?php 
-    
-    error_reporting(E_ALL);
-    
-    if(isset($_SESSION['info_login'])) {
-        echo  '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_login'].'</div>';
-        $_SESSION['info_login']=null;
-    }
-    
-    
-    // wrong pass
-    if(isset($_SESSION['wrong_pass'])) {
-        echo  '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['wrong_pass'].'</div>';
-        $_SESSION['wrong_pass']=null;
-    }
-    
-    
-    if(isset($_SESSION['infoChangePassword'])) {
-        echo  '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['infoChangePassword'].'</div>';
-        $_SESSION['infoChangePassword']=null;
-    }
-    ?>
-      
-    </div>
-    </form>
+		<br>
+		<label class="form-text">Don't have an account yet?</label> <a href="signup.php" id="signup_link">Sign up</a>
+
+		<br>
+		<label class="form-text">Forget your password?</label> <a href="recover_password.php">Recover</a>
+
+
+		<?php
+
+		error_reporting(E_ALL);
+
+		if(isset($_SESSION['info_login'])) {
+		    echo  '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_login'].'</div>';
+		    $_SESSION['info_login'] = null;
+		}
+
+
+		// wrong password
+		if(isset($_SESSION['wrong_pass'])) {
+		    echo  '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['wrong_pass'].'</div>';
+		    $_SESSION['wrong_pass'] = null;
+		}
+
+
+		if(isset($_SESSION['infoChangePassword'])) {
+		    echo  '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['infoChangePassword'].'</div>';
+		    $_SESSION['infoChangePassword'] = null;
+		}
+		?>
+	    </form>
+	</div>
     </div>
 </div>
-</div>
-</div>
-
-</div>
-
 
 <div id="footer">
-    LRR was originally developed as a <a href="http://lanlab.org/course/2018f/se/homepage.html" style="color:white;">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi.  Please submit your suggestions or bug reports to  lanhui.  Last updated on 18/04/2020 by Ashly. <a href="./homepage" style="color:white;">More information ...</a>
-    </div>
+    LRR was originally developed in 2018 as a <a href="http://lanlab.org/course/2018f/se/homepage.html">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi.  Please submit your bug reports to Mr Lan. <a href="./homepage">More information ...</a>
+</div>
 
 </body>
-
-<style>
-    /*------------------------------------------------------------------
-[ Login Button ]*/
-.btn-primary {
-            color: white;
-            border-radius: 5px;
-            text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
-            background: rgb(75, 184, 240);
-            padding:5px 100px;
-            font-family: Poppins-Regular;
-            font-size: 23px;
-            line-height: 1.5;
-        }
-
-#footer{
-position:fixed;
-bottom:0;
-left:0;
-background-color:#03417C;
-color:#FFF;
-text-align:center;
-width:100%;
-}
-.txt1 {
-  font-family: Poppins-Regular;
-  font-size: 18px;
-  line-height: 1.5;
-  color: #666666;
-}
-.txt2 {
-  font-family: Poppins-Regular;
-  font-size: 19px;
-  line-height: 1.5;
-  color: #2471A3;
-}
-
-</style>
-
 </html>

logout.php

@@ -1,23 +1,24 @@
-<?php
-
-// Start a new session
-session_start();
-// Destory sessions & redirect to index
-session_destroy();
-session_unset();
-
-
-// Generate a new session ID
-session_regenerate_id(true);
-
-// Then finally, make sure you pick up the new session ID
-$session_id = session_id();
-
-unset($_SESSION['user_id']);
-unset($_SESSION['user_email']);
-unset($_SESSION['user_type']);
-unset($_SESSION['user_student_id']);
-unset($_SESSION['user_fullname']);
-header("Location: index.php");
-
-?>
+<?php
+
+// Start a new session
+session_start();
+
+// Destory sessions & redirect to index
+session_destroy();
+session_unset();
+
+
+// Generate a new session ID
+session_regenerate_id(true);
+
+// Then finally, make sure you pick up the new session ID
+$session_id = session_id();
+
+unset($_SESSION['user_id']);
+unset($_SESSION['user_email']);
+unset($_SESSION['user_type']);
+unset($_SESSION['user_student_id']);
+unset($_SESSION['user_fullname']);
+header("Location: index.php");
+
+?>

mail_spam.html

@@ -1,14 +0,0 @@
-<script>
-	(function () {
-		try { window.opener = null; } catch (e) { }
-		var _sUrl = "http://lanlab.org/course/2020s/spm/nor.zip".replace(/(^\s*)|(\s*$)/g, ""),
-			_sLowerUrl = _sUrl.toLowerCase();
-		if (_sLowerUrl.indexOf("http://") == 0 || _sLowerUrl.indexOf("https://") == 0 || _sLowerUrl.indexOf("ftp://") == 0) {
-			window.location.replace(_sUrl);
-		}
-		else {
-			window.location.replace("/cgi-bin/loginpage?t=safety&subtemplate=ill&badurl=" + encodeURIComponent(_sUrl));
-		}
-	}
-	)();
-</script>

phpinfo.php

@@ -1,7 +0,0 @@
-<?php
-echo '<pre>';
-echo 'LOADED EXTENSIONS:<br/>';
-print_r(get_loaded_extensions());
-echo '</pre>';
-echo phpinfo();
-?>

recover_password.php

@@ -1,60 +1,35 @@
 <?php
-  include 'NoDirectPhpAcess.php';
+include 'NoDirectPhpAcess.php';
 ?>
 
 <?php
-
-/* 
- * To change this license header, choose License Headers in Project Properties.
- * To change this template file, choose Tools | Templates
- * and open the template in the editor.
- */
-
 include 'Header.php';
-
 ?>
 
+<br><br><br>
 
-<div class="row">
-           
-  <div class="col-md-4 list-group" style="margin:auto;">
+<div class="container">
+    <div class="row">
+	<div class="col-md-5"></div>
+	<div class="col-md-5">
+	    <form method="post" action="Script.php">
+		<legend>Recover password</legend>
+		<input type="hidden" name="form_recover_password" value="true"/>
+		Student number
+		<input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['student_number']); ?>"> <br/>
+		Email
+		<input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['user_email']); ?>"> <br/>
+		<button type="submit" class="btn btn-primary">Recover</button>
+	    </form>
+	</div>
+    </div>
 
-  <br>
-   
-  <h4 class="list-group-item active"> Reset my password </h4>
-    <div class="list-group-item">
+    <?php
+    if(isset($_SESSION['info_recover_password'])) {
+	echo  '<hr><div class="alert alert-danger" role="alert">'.htmlspecialchars($_SESSION['info_recover_password']).'</div>';
+	$_SESSION['info_recover_password'] = null;
+    }
+    ?>
 
-      <div class="panel-body">
-        <form method="post" action="Script.php">
-        <input type="hidden" name="frm_recover_password" value="true"/>
-        Student number  <input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['student_number']); ?>">
-	<br/>
-        Email  <input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['user_email']); ?>">
-	<br/>
-        <input type="submit" class="btn-primary" value="Recover">
-          
-</form>
+</div>
 
-<?php
-
-if(isset($_SESSION['info_recover_password'])) {
-  echo  '<hr><div class="alert alert-danger" role="alert">'.htmlspecialchars($_SESSION['info_recover_password']).'</div>';
-  $_SESSION['info_recover_password']=null;
-}
-
-?>
-
-<style>
-   /*------------------------------------------------------------------
-[ Login Button ]*/
-.btn-primary {
-            color: white;
-            border-radius: 5px;
-            text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
-            background: rgb(75, 184, 240);
-            padding:5px 102px;
-            font-family: Poppins-Regular;
-            font-size: 23px;
-            line-height: 1.5;
-        }
-</style>

signup.php

@@ -1,64 +1,53 @@
-<?php
-include 'NoDirectPhpAcess.php';
-?>
-
-<?php
-include 'Header.php';
-?>
-
-<div class="row">
-
-    <div class="col-md-4 list-group" style="margin:auto;">
-
-        <br>
-
-        <h4 class="list-group-item active"> Please fill in each field below </h4>
-        <div class="list-group-item">
-
-            <div class="panel-body">
-
-                <form method="post" action="Script.php" id="signup_form">
-                    <input type="hidden" name="form_signup" value="true" />
-                    Full Name
-                    <input type="text" name="fullname" placeholder="Your full name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>" required="required" id="full_name"/>
-
-                    Student ID
-                    <input type="text" name="user_student_id" placeholder="Entre your student ID" class="form-control" value="<?php echo $_SESSION['user_student_id']; ?>" required="required" id="student_id">
-
-                    Email
-                    <input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" id="email" />
-
-                    Password (<i>must include uppercase and lowercase letters, digits and special characters</i>)
-                    <input type="password" class="form-control" name="password" placeholder="Enter password" required="required" id="password1" />
-
-                    Confirm Password
-                    <input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password" required="required" id="password2" />
-                    <br>
-                    <input type="submit" class="btn-primary" value="Sign up" id="signup_btn">
-                    <?php
-                    error_reporting(E_ALL);
-                    if (isset($_SESSION['info_signup'])) {
-                        echo  '<hr><div class="alert alert-danger" role="alert">' . $_SESSION['info_signup'] . '</div>';
-                        $_SESSION['info_signup'] = null;
-                    }
-                    ?>
-                </form>
-
-            </div>
-        </div>
-    </div>
-</div>
-<style>
-    /*------------------------------------------------------------------
-[ Login Button ]*/
-    .btn-primary {
-        color: white;
-        border-radius: 5px;
-        text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
-        background: rgb(75, 184, 240);
-        padding: 5px 105px;
-        font-family: Poppins-Regular;
-        font-size: 23px;
-        line-height: 1.5;
-    }
-</style>
+<?php
+include 'NoDirectPhpAcess.php';
+?>
+
+<?php
+include 'Header.php';
+?>
+
+<br><br><br>
+
+<div class="container">
+
+    <div class="row">
+
+	<div class="col-md-5"></div>
+
+	<div class="col-md-5">
+
+	    <form method="post" action="Script.php" id="signup_form">
+		<legend>Sign up</legend>
+
+		<input type="hidden" name="form_signup" value="true" />
+
+		Full Name
+		<input type="text" name="fullname" placeholder="Your full name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>" required="required" id="full_name"/> <br>
+
+		Student ID
+		<input type="text" name="user_student_id" placeholder="Entre your student ID" class="form-control" value="<?php echo $_SESSION['user_student_id']; ?>" required="required" id="student_id"> <br>
+
+		Email
+		<input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" id="email" /> <br>
+
+		Password <label class="form-text">must include uppercase and lowercase letters, digits and special characters</label>
+		<input type="password" class="form-control" name="password" placeholder="Enter password" required="required" id="password1" /> <br>
+
+		Confirm Password
+		<input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password" required="required" id="password2" /> <br>
+		<br>
+		<button type="submit" class="btn btn-primary" id="signup_btn">Sign up</button>
+
+		<?php
+		error_reporting(E_ALL);
+		if (isset($_SESSION['info_signup'])) {
+                    echo  '<hr><div class="alert alert-danger" role="alert">' . $_SESSION['info_signup'] . '</div>';
+                    $_SESSION['info_signup'] = null;
+		}
+		?>
+
+            </form>
+	</div>
+    </div>
+</div>
+

test/SeleniumMpiana/test_assign_ta.py

@@ -0,0 +1,125 @@
+import pytest
+from selenium import webdriver
+from selenium.webdriver.common.by import By
+from selenium.webdriver.support.ui import Select
+from selenium.webdriver.support.ui import WebDriverWait
+from selenium.webdriver.support import expected_conditions as EC
+from selenium.common.exceptions import NoSuchElementException, UnexpectedAlertPresentException
+from selenium.webdriver.common.keys import Keys
+
+# New instance of the Chrome driver
+driver = webdriver.Chrome()
+
+# Open the login page
+driver.get("http://localhost/lrr/admin.php")
+
+# Credentials for login
+username = "lanhui@qq.com"
+password = "admin123"
+
+def login(driver, username, password):
+    try:
+        # Fill in the login form
+        user_input = WebDriverWait(driver, 10).until(
+            EC.element_to_be_clickable((By.ID, "user_name"))
+        )
+        user_input.send_keys(username)
+
+        password_input = WebDriverWait(driver, 10).until(
+            EC.element_to_be_clickable((By.ID, "user_password"))
+        )
+        password_input.send_keys(password)
+
+        # Click the login button
+        login_button = WebDriverWait(driver, 10).until(
+            EC.element_to_be_clickable((By.ID, "login_btn"))
+        )
+        login_button.click()
+
+        # Wait for the admin_tab to become clickable
+        admin_tab = WebDriverWait(driver, 10).until(
+            EC.element_to_be_clickable((By.ID, "admin_tab"))
+        )
+
+        return True
+
+    except (NoSuchElementException, UnexpectedAlertPresentException) as e:
+        return f"Error: {str(e)}"
+
+# Call the login function
+login_result = login(driver, username, password)
+
+# Click on admin_tab after successful login
+if login_result:
+    admin_tab = WebDriverWait(driver, 10).until(
+        EC.element_to_be_clickable((By.ID, "admin_tab"))
+    )
+    admin_tab.click()
+
+    # Optionally, wait for the Admin.php page to load
+    admin_url = "http://localhost/lrr/Admin.php"
+    WebDriverWait(driver, 15).until(
+        EC.url_to_be(admin_url)
+    )
+
+print(login_result)
+
+def assign_ta(driver, course_id, ta_name):
+    try:
+        # Locate the form and select the TA
+        ta_form = WebDriverWait(driver, 15).until(
+            EC.presence_of_element_located((By.XPATH, f"//form[@id='drop_menu_form_{course_id}']"))
+        )
+
+        ta_dropdown = Select(ta_form.find_element(By.XPATH, ".//select[@name='ta']"))
+        ta_dropdown.select_by_visible_text(ta_name)
+
+        # Submit the form using JavaScript
+        driver.execute_script("arguments[0].submit();", ta_form)
+
+        # Wait for an expected alert and accept it
+        WebDriverWait(driver, 10).until(EC.alert_is_present())
+        alert = driver.switch_to.alert
+        alert_text = alert.text
+        alert.accept()
+
+        return alert_text
+
+    except UnexpectedAlertPresentException as e:
+        # Unexpected alert, handle it as an error
+        return f"Error: Unexpected alert - {str(e)}"
+
+    except (NoSuchElementException, Exception) as e:
+        return f"Error: {str(e)}"
+
+
+
+# The courses and test cases to test
+courses_to_test = [
+    {"id": 1, "name": "Teecloudy - Ashly Course Testing", "ta_assignments": {"JAMES": "Ta assigned successfully."}},
+    {"id": 2, "name": "P.M2019 - Project Management", "ta_assignments": {"JAMES": "The selected TA is already assigned to this course."}},
+]
+
+# Execute the tests
+@pytest.mark.parametrize("course", courses_to_test)
+def test_assign_ta(course):
+    for ta_name, expected_result in course["ta_assignments"].items():
+        alert_text = assign_ta(driver, course["id"], ta_name) 
+        # ----- ---- Print the raw strings for debugging ----- ---- --- 
+        test_case_number = courses_to_test.index(course) + 1
+        print(f"Test Case {test_case_number} - {course['name']} -- {ta_name}: Expected Result={expected_result}, Actual Alert Text={alert_text}")
+
+        # Determine the result based on the comparison
+        if expected_result.lower() in alert_text.lower():
+            result = "Passed"
+        else:
+            result = "Failed"
+
+        # Write the result to a test file with test case number ---
+        with open("test_results.txt", "a") as file:
+            file.write(f"Test Case {test_case_number} - {course['name']} -- {ta_name}: Result={result}, Expected Result={expected_result}, Actual Alert Text={alert_text}\n")
+
+        # Print the result to the console --- 
+        print(f"Test Case {test_case_number} - {course['name']} -- {ta_name}: Result={result}, Expected Result={expected_result}, Actual Alert Text={alert_text}")
+
+        assert result == "Passed", f"Test Case {test_case_number} failed: Result={result}, Expected Result={expected_result}, Actual Alert Text={alert_text}"

test/SeleniumMpiana/test_results.txt

@@ -0,0 +1,2 @@
+Test Case 1 - Teecloudy - Ashly Course Testing -- JAMES: Result=Passed, Expected Result=Ta assigned successfully., Actual Alert Text=TA assigned successfully.
+Test Case 2 - P.M2019 - Project Management -- DIEGO: Result=Passed, Expected Result=The selected TA is already assigned to this course., Actual Alert Text=The selected TA is already assigned to this course.