Merge branch 'master' into Bug37-Dmytro

Fixed merge commits
Fixed merge commits Added password pattern: https://www.w3schools.com/howto/howto_js_password_validation.asp Validating to make password one and two similar: https://stackoverflow.com/questions/9142527/can-you-require-two-form-fields-to-match-with-html5 Fixed Button and HTML Tags for text in login and registration form
2021-12-01 09:22:55 +08:00 · 2021-12-01 00:03:37 +01:00 · 2021-11-22 10:46:49 +08:00 · 2021-11-16 22:20:40 +08:00
27 changed files with 1762 additions and 2141 deletions
--- a/.htaccess
+++ b/.htaccess
@ -1 +0,0 @@
 allow from all
--- a/Admin.php
+++ b/Admin.php
@ -7,15 +7,14 @@ $page = "admin";
 include 'Header.php';
 ?>
 <?php
-// Only Lecturer or Admin could access this page
+if ($_SESSION['user_type'] != "Lecturer") {
-if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
+  $_SESSION["info_login"] = "You must log in first.";
-    die("Sorry.  Nothing to see here.");
+  echo $_SESSION["info_login"];
  header("Location: index.php");
 }
 ?>
 <style>
  .col-md-4 {
    border-right: 1px solid skyblue;
@ -37,21 +36,10 @@ if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
        <hr>
    -->
  <div class="col-md-6">
    <h4> User Account Management </h4>
    <hr>
-  <?php 
+    <b>Lecturer / TA Accounts </b><br>
  if ($_SESSION['user_type'] == "Lecturer") {
        echo " <h4> TA Account Management </h4> 
        <hr> " ;
        echo    "<b>TA Accounts </b><br>" ;
      }
  else if($_SESSION['user_type'] == "Admin"){
        echo " <h4> Lecturer Account Management </h4> 
        <hr> ";
        echo "<b>Lecturer Accounts </b><br>";
    }
  ?>
    <div class="container">
@ -63,11 +51,11 @@ if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
        </li>
        <li class="nav-item">
-          <a class="nav-link" data-toggle="tab" href="#menu2" id="batch_tab">Batch Create New Student Accounts</a>
+          <a class="nav-link" data-toggle="tab" href="#menu2">Batch Create New Student Accounts</a>
        </li>
        <li class="nav-item">
-          <a class="nav-link" data-toggle="tab" href="#menu1" id="existing_accounts_tab">Existing Accounts</a>
+          <a class="nav-link" data-toggle="tab" href="#menu1">Existing Accounts</a>
        </li>
      </ul>
@ -77,45 +65,20 @@ if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
        <div id="home" class="container tab-pane active"><br>
-      <?php 
+          <b>Create Lecturer/TA Accounts </b>
-        if ($_SESSION['user_type'] == "Lecturer") {
+          <form method="post" action="Script.php">
            echo "<b>Create TA Accounts </b>";
          }
        else if($_SESSION['user_type'] == "Admin"){
           echo "<b>Create Lecturer Accounts </b>";
          }
      ?>
          <form method="post" action="Script.php" id="create_account_form">
            <input type="hidden" name="frm_createlecturrer" value="true" required="" />
-            Full Name
+            Full_Name
            <input type="text" name="fullname" placeholder="Full Name" class="form-control" required="">
            Email
            <input type="text" name="email" placeholder="Email / Student Number" class="form-control" required="">
-            Passport Number / ID (Used as Initial Password)
+            Passport_Number / ID (Used as Intial Password)
            <input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required="">
            <br> User Type :
-
+            <input type="radio" name="type" value="Lecturer" required=""> Lecturer
-          <?php 
+            <input type="radio" name="type" value="TA" required=""> T/A
-
+            <input type="submit" class="btn btn-primary" value="Create"><br>
              if ($_SESSION['user_type'] == "Lecturer") {
                    echo ' <input type="radio" name="type" value="TA" required="" id="role_TA"> TA (Teaching Assistant) ';
                }
              else if($_SESSION['user_type'] == "Admin"){
                    echo " <input type='radio' name = 'type' value = 'Lecturer' required = '' id='role_lecturer' > Lecturer ";
                }
            ?>  
            <input type="submit" class="btn btn-primary" value="Create" id="create_btn"><br>
            <?php
            error_reporting(E_ALL);
@ -149,30 +112,19 @@ if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
            </tr>
            <?php
          if ($_SESSION['user_type'] == "Lecturer") {
            $result = mysqli_query(
              $con,
-                  "SELECT * FROM Users_Table  WHERE UserType in ('TA')"
+              "SELECT * FROM Users_Table  WHERE UserType in ('Lecturer','TA')"
            );
            }
          else if($_SESSION['user_type'] == "Admin"){
                $result = mysqli_query(
                  $con,
                  "SELECT * FROM Users_Table  WHERE UserType in ('Lecturer')"
                );
            }
            while ($row = mysqli_fetch_assoc($result)) {
              $pass = $row['Passport_Number'];
              $btn = "<button class='btn-primary' onclick=\"updatePass(" . $row['User_ID'] . ",'$pass')\">Reset</button>";
              if ($row['Status'] == "Active") {
                $newstatus = "Blocked";
-                $btnBlock = "<button class='btn-danger' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"block_account_1\">Block</button>";
+                $btnBlock = "<button class='btn-danger' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\">Block</button>";
              } else {
                $newstatus = "Active";
-                $btnBlock = "<button class='btn-success' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"activate_account_1\">Activate</button>";
+                $btnBlock = "<button class='btn-success' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\">Activate</button>";
              }
              echo "<tr><td>" . $row['User_ID'] . "</td><td>" . $row['Full_Name'] . "</td><td>" . $row['Email'] . "</td> <td>" . $row['Passport_Number'] . "</td><td>$btn</td><td>$btnBlock</td></tr>";
@ -186,11 +138,11 @@ if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
        <div id="menu2" class="container tab-pane fade" style="margin-top:10px">
          <b>Separate two student numbers with a space.</b><br>
-          <form action="batch_insert.php" method="post" id="batch_form">
+          <form action="batch_insert.php" method="post">
            <p>
              <textarea cols="80" rows="16" name="users" required=""></textarea>
            </p>
-            <input type="submit" class="btn btn-primary" value="Register Students" id="register_btn"><br>
+            <input type="submit" class="btn btn-primary" value="Register Students"><br>
          </form>
        </div>
@ -205,7 +157,7 @@ if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
      <!-- Nav tabs -->
      <ul class="nav nav-tabs" role="tablist">
        <li class="nav-item">
-          <a class="nav-link active" data-toggle="tab" href="#menub" id="existing_courses">Existing Courses</a>
+          <a class="nav-link active" data-toggle="tab" href="#menub">Existing Courses</a>
        </li>
      </ul>
@ -230,7 +182,6 @@ if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
            $result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`   , users_table.Full_Name  FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID");
            if (mysqli_num_rows($result) == 0) {
            } else {
              $counter = 0;
              while ($row = mysqli_fetch_assoc($result)) {
                $name = $row['Course_Name'];
                $code = $row['Course_Code'];
@ -238,7 +189,6 @@ if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
                $lecturer = $row['Full_Name'];
                $academic = $row['Academic_Year'];
                $c_id = $row['Course_ID'];
                $counter += 1;
                $resultTA = mysqli_query($con, "SELECT `Course_ID`, `TA`,users_table.Full_Name as TA_NAME FROM `course_ta`
 INNER JOIN users_table on users_table.User_ID=course_ta.TA
@ -250,7 +200,7 @@ where course_ta.Course_ID=$c_id");
                }
                echo "  
-                          <tr> <td>$code - $name</td>  <td>$faculty </td> <td>$lecturer</td><td>$ta</td>  <td><form method='get' action='Script.php' id='drop_menu_form_$counter'> <select name='ta' class=''>";
+                          <tr> <td>$code - $name</td>  <td>$faculty </td> <td>$lecturer</td><td>$ta</td>  <td><form method='get' action='Script.php'> <select name='ta' class=''>";
                $resultx = mysqli_query($con, "SELECT * FROM Users_Table WHERE UserType='TA'");
                if (mysqli_num_rows($resultx) == 0) {
@ -262,7 +212,7 @@ where course_ta.Course_ID=$c_id");
                  }
                }
-                echo "</select>  <input type='hidden' name='assignTA' value='true'> <input type='hidden' name='id' value='$c_id'>  <input type='submit' value='assign' id='assign_btn_$counter'></form> </td></tr>
+                echo "</select>  <input type='hidden' name='assignTA' value='true'> <input type='hidden' name='id' value='$c_id'>  <input type='submit' value='assign'></form> </td></tr>
                         ";
              }
            } ?>
--- a/Course.php
+++ b/Course.php
@ -2,7 +2,6 @@
 include 'NoDirectPhpAcess.php';
 ?>
 <?php
 $page = 'Courses+';
 include 'Header.php';
@ -10,10 +9,8 @@ $student_id = $_SESSION["user_student_id"];
 $group_id = $_SESSION["user_group_id"];
 $c_date = date("Y-m-d H:i");
-
+if (!empty($_GET["url"])) {
-if(!empty($_GET["url"]))
+    $course_url = $_GET["url"];
 {
    $course_url = mysqli_real_escape_string($con, $_GET["url"]);
    $result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
        . " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`  "
        . " , users_table.Full_Name  FROM `courses_table` INNER JOIN users_table"
@ -22,7 +19,6 @@ if(!empty($_GET["url"]))
    if (mysqli_num_rows($result) == 0) {
        echo "No course matching the given course URL: " . $course_url;
    } else {
        while ($row = mysqli_fetch_assoc($result)) {
            $name = $row['Course_Name'];
@ -57,9 +53,9 @@ if(!empty($_GET["url"]))
    <?php
-if (isset($_SESSION['info_general'])) {
+    if (isset($_SESSION['info_ReMarking'])) {
-    echo '<hr><div class="alert alert-info" role="alert" style="float:left;">' . $_SESSION['info_general'] . '</div>';
+        echo '<hr><div class="alert alert-info" role="alert" style="float:left;">' . $_SESSION['info_ReMarking'] . '</div>';
-    $_SESSION['info_general']=null;
+        $_SESSION['info_ReMarking'] = null;
    }
    if (isset($_SESSION['info_courses'])) {
@ -70,12 +66,9 @@ if (isset($_SESSION['info_courses'])) {
 </div>
 <?php
-if( $_SESSION['user_type'] == "Student")
+if ($_SESSION['user_type'] == "Student") {
 {
 ?>
    <hr>
@ -99,6 +92,87 @@ if( $_SESSION['user_type'] == "Student")
                <li class="nav-item">
                    <a class="nav-link" data-toggle="tab" href="#menu4">Marked</a>
                </li>
                <!----------Delete Course Button----------->
                <li>
                    <html>
                    <body>
                        <div class="modal fade" id="delcourse">
                            <div class="modal-dialog">
                                <div class="modal-content">
                                    <div class="modal-header">
                                        <h2 class="modal-title">Please confirm!</h2>
                                        <button type="button" class="close red" data-dismiss="modal">
                                            <span>&times;</span>
                                        </button>
                                    </div>
                                    <div class="modal-body">
                                        <p>Are you sure about deleting this course? This action can not be reversed!</p>
                                    </div>
                                    <div class="modal-footer">
                                        <form method="POST" action="">
                                            <button type="button" class="btn action-button blue" data-dismiss="modal">Cancel</button>
                                            <input type="submit" name="submit" class="btn action-button red" value="Delete" />
                                        </form>
                                    </div>
                                </div>
                            </div>
                        </div>
        </div>
        <div class="row">
            <div class="col">
                <button type="button" class="btn action-button red" data-toggle="modal" data-target="#delcourse">Delete Course</button>
            </div>
        </div>
    </div>
    </div>
    <?php
    // Connect to MySQL database
    $con = mysqli_connect("localhost",  $mysql_username, $mysql_password, "lrr");
    // Check connection
    if (mysqli_connect_errno()) {
        echo "Failed to connect to MySQL: " . mysqli_connect_error();
    }
    if (isset($_POST['submit'])) {
        header("Location: Courses.php");
        $result = mysqli_query($con, "DELETE FROM course_students_table WHERE Course_ID='$course_id'");
    }
    ?>
    <script src="https://code.jquery.com/jquery-3.2.1.slim.min.js" integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN" crossorigin="anonymous"></script>
    <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>
    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>
    <style>
        /*--------------------[ Delete Course Button ]*/
        .action-button {
            font-family: 'Pacifico', cursive;
            font-size: 18px;
            color: #FFF;
            text-decoration: none;
        }
        .red {
            background-color: #E74C3C;
            border-bottom: 5px solid #BD3E31;
            text-shadow: 0px -2px #BD3E31;
        }
        .blue {
            background-color: #4d4dff;
            border-bottom: 5px solid #4d4dff;
            text-shadow: 0px -2px #4d4dff;
        }
    </style>
    </body>
    </html>
    </li>
    </ul>
    <div class="tab-content">
@ -110,15 +184,13 @@ if( $_SESSION['user_type'] == "Student")
            $sql = "SELECT course_group_members_table.Course_Group_id FROM course_group_members_table INNER JOIN course_groups_table ON course_group_members_table.Course_Group_id = course_groups_table.Course_Group_id WHERE course_group_members_table.Student_ID=$student_id and course_groups_table.Course_id=$course_id";
            $resultx1 = mysqli_query($con, $sql);
-    while($row = mysqli_fetch_assoc($resultx1))
+            while ($row = mysqli_fetch_assoc($resultx1)) {
    {
                $_SESSION['group_id'] = $row['Course_Group_id'];
            }
            $group_id = $_SESSION['group_id'];
-    if($group_id == "")
+            if ($group_id == "") {
    {
                $group_id = 0; // no group.  If the student has a group, the group number should be greater than 0.
            }
@ -127,17 +199,16 @@ if( $_SESSION['user_type'] == "Student")
            // (3) none of the student's group members have already submitted
            // the assignment.
-    $sql_stmt = "SELECT Type, Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`".
+            $var = "SELECT Type, Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`" .
                " FROM `lab_reports_table`" .
                " WHERE Course_ID=$course_id" .
                " AND (Deadline > '$c_date' OR Lab_Report_ID IN (SELECT `Lab_Report_ID` FROM `extended_deadlines_table` WHERE Student_ID=$student_id AND Extended_Deadline_Date > '$c_date' AND Lab_Report_ID IN (SELECT Lab_Report_ID FROM lab_reports_table WHERE Course_ID=$course_id)))" .
                " AND Lab_Report_ID NOT IN (SELECT Lab_Report_ID FROM lab_report_submissions WHERE Course_Group_id IN (SELECT Course_Group_id FROM course_group_members_table WHERE Student_ID=$student_id))" .
                " ORDER BY Lab_Report_ID DESC";
-    $result1 = mysqli_query($con, $sql_stmt);
+            $result1 = mysqli_query($con, $var);
-    if(mysqli_num_rows($result1)==0)
+            if (mysqli_num_rows($result1) == 0) {
    {
                echo "No active assignments for this course so far.";
            } else {
@ -170,21 +241,20 @@ if( $_SESSION['user_type'] == "Student")
  $title ($type) <br> <span style='font-size:8pt'> $ins</span> 
   <br> <span style='font-size:8pt'>Posted : $posted &nbsp;&nbsp;&nbsp;&nbsp; Deadline :   $deadline   &nbsp;&nbsp;&nbsp;&nbsp;($Marks Marks)  &nbsp; &nbsp;&nbsp;&nbsp; &nbsp;<a href='~\..\SubmitLab.php?id=$labid&url=$url' class='btn-sm btn-info' style='margin-left:50px;'> Submit Lab Report</a><br> Attachments : $full_link </span>  
 </div></k>";
-                
+                }
-        }}
+            }
            echo "";
            ?>
        </div>
        <div id="menu2" class="container tab-pane"><br>
            <?php
            $group_id = $_SESSION['group_id'];
-    if($group_id == ""){$group_id = -1;} // Individual assignment does not require the student to have a group id.  Therefore, the group is an empty string. To make the following SQL statement work properly, initialize the group id to -1.
+            if ($group_id == "") {
                $group_id = -1;
            } // Individual assignment does not require the student to have a group id.  Therefore, the group is an empty string. To make the following SQL statement work properly, initialize the group id to -1.
            $result  = mysqli_query($con, "SELECT Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
          FROM `lab_reports_table`
          WHERE 
@ -197,12 +267,8 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
                . ""
                . "ORDER by Lab_Report_ID DESC");
-
+            if (mysqli_num_rows($result) == 0) {
    if(mysqli_num_rows($result)==0)
    {
                echo "You missed no lab reports in this course.";
            } else {
                while ($row = mysqli_fetch_assoc($result)) {
                    $title = $row['Title'];
@ -216,9 +282,6 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
                    $att4 = $row['Attachment_link_4'];
                    $id = $row['Lab_Report_ID'];
                    $full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
                    if ($att2 != "") {
@ -230,28 +293,25 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
                    if ($att4 != "") {
                        $full_link = $full_link . "| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
-            }
+                    };
            ;   
                    echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'><span class='btn-sm btn-warning' style='margin-left:0px;'>MISSED</span> $title ($marks Marks) <br> <span style='font-size:8pt'> $ins</span> 
   <br> <span style='font-size:8pt'>Posted: $posted<br> Deadline: $deadline  &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;<br> Attachments : $full_link </span>
 </div>";
-                
+                }
-        }}
+            }
            echo "";
            ?>
        </div>
        <div id="menu3" class="container tab-pane"><br>
            <?php
            $group_id = $_SESSION['group_id'];
-    if($group_id==""){$group_id=-1;}  // This fixes "Submitted report not shown" http://118.25.96.118/bugzilla/show_bug.cgi?id=176
+            if ($group_id == "") {
-
+                $group_id = -1;
            }  // This fixes "Submitted report not shown" http://118.25.96.118/bugzilla/show_bug.cgi?id=176
            $sql_stmt = "SELECT Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
         FROM `lab_reports_table`
@ -260,11 +320,8 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
            $resultx  = mysqli_query($con, $sql_stmt);
-
+            if (mysqli_num_rows($resultx) == 0) {
    if(mysqli_num_rows($resultx)==0)
    {
                echo "You have no lab report submissions in this course.";
            } else {
                while ($row = mysqli_fetch_assoc($resultx)) {
                    $lab_repo_id = $row['Lab_Report_ID'];
@ -278,8 +335,7 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
                    $att3 = $row['Attachment_link_3'];
                    $att4 = $row['Attachment_link_4'];
                    $id = $row['Lab_Report_ID'];
-            if( $c_date < $deadline)
+                    if ($c_date < $deadline) {
            {
                        $submittedx = "<a  href='~\..\SubmitLab.php?id=$id&url=$url' class='btn-sm btn-default'><i class='fa fa-check-circle'></i> Re-Submit </a>";
                    }
@ -301,7 +357,6 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
   <br> <span style='font-size:8pt'>Posted : $posted  Deadline :   $deadline  ($marks Marks) &nbsp; &nbsp;  $submittedx&nbsp; <span class='btn-sm btn-success' style='margin-left:50px;'><i class='fa fa-Edit-circle'></i>  Submitted </span>
 <br> Submitted files: ";
                    $Sub_result = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
 lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
 `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status, 
@ -311,10 +366,8 @@ Left JOIN users_table  on users_table.Student_ID=lab_report_submissions.Student_
 left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
 where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$student_id')");
-            if(mysqli_num_rows($Sub_result) == 0)
+                    if (mysqli_num_rows($Sub_result) == 0) {
            {
                        echo "No Attachments found.";
                    } else {
                        while ($row = mysqli_fetch_assoc($Sub_result)) {
                            $at1 = $row['Attachment1'];
@ -341,32 +394,21 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
                            }
                            echo $full_link;
                        }
                    }
                    echo "</span></div></k>";
-
+                }
-  
+            }
        }}
            echo "";
            ?>
        </div>
        <?php
        $sqli = mysqli_query($con, "SELECT * from course_groups_table WHERE Course_Group_id=$group_id and Course_id=$course_id");
-    while($row = mysqli_fetch_assoc($sqli)) 
+        while ($row = mysqli_fetch_assoc($sqli)) {
-    { $Group_Leader=$row['Group_Leader'];
+            $Group_Leader = $row['Group_Leader'];
            $Group_Member = $row['Group_Member'];
            $Group_Member2 = $row['Group_Member2'];
            $Group_Member3 = $row['Group_Member3'];
@ -374,8 +416,6 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
        }
        ?>
        <div id="menu4" class="container tab-pane"><br>
            <?php
            $resultx  = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_reports_table.`Lab_Report_ID`, `Student_id`, "
@ -396,14 +436,10 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
                . " lab_reports_table.Lab_Report_ID  in (select Lab_Report_ID from lab_report_submissions"
                . " where  (Status='Marked' or Status='Remarking') and (Student_id=$student_id or Course_Group_id=$group_id)  and Course_ID=$course_id) ORDER by Submission_ID DESC");
-    
+            if (mysqli_num_rows($resultx) == 0) {
    if(mysqli_num_rows($resultx)==0)
    {
                echo "You have no marked submissions in this course";
-     
+            } else {
-    } else { while($row = mysqli_fetch_assoc($resultx)) {
+                while ($row = mysqli_fetch_assoc($resultx)) {
                    $title = $row['Lab_Title'];
                    $marks = $row['Marks'];
                    $Originalmarks = $row['Original_marks'];
@ -419,23 +455,17 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
                    $notes = $row['Notes'];
                    $status = $row['Status'];
                    $remarking_reason = $row['Remarking_Reason'];
-            if($status=='Marked')
+                    if ($status == 'Marked') {
            {
                        $rm_data = "\Script.php?remarking=yes&id=$Submission_ID&url=$url&status=Remarking";
                        $remarking = "<button  onclick='remarking(\"$rm_data\")' class='btn-sm btn-success'>  Request Remarking </button>";
                    }
-            if($status=='Remarking')
+                    if ($status == 'Remarking') {
            {
                        $remarking = "<span  style='color:orange'><i class='fa fa-info-circle'></i> Remarking Request sent </span> <br> Remarking Reason:<i>$remarking_reason </i> <br>";
                    }
                    echo "   <k href='#'>   <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
  $title  <b> ($marks Marks out of $Originalmarks)</b><br><small> Lecturer Feedback : $notes </small> &nbsp; $remarking   <br> Submission files :";
                    $Sub_result = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
  lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
  `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status, 
@ -445,11 +475,10 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
  left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
  where Lab_Report_ID=$id and lab_report_submissions.Student_id='$student_id'");
-            if(mysqli_num_rows($Sub_result)==0)
+                    if (mysqli_num_rows($Sub_result) == 0) {
            {
                        echo "No Attachments found.";
-       
+                    } else {
-            } else { while($row = mysqli_fetch_assoc($Sub_result)) {
+                        while ($row = mysqli_fetch_assoc($Sub_result)) {
                            $at1 = $row['Attachment1'];
                            $at2 = $row['Attachment2'];
                            $at3 = $row['Attachment3'];
@ -469,21 +498,13 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
                            }
                            echo $full_link;
                        }
                    }
-
+                }
-
+            }
        }}
            echo "</div></k>";
            ?>
        </div>
    </div>
@ -495,15 +516,14 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
        <?php
        $resultx1 = mysqli_query($con, "SELECT `Course_Group_id`  FROM `course_groups_table` WHERE  Course_id=$course_id");
-    while($row = mysqli_fetch_assoc($resultx1)) {$count_groups=$row['Course_Group_id'];} 
+        while ($row = mysqli_fetch_assoc($resultx1)) {
-
+            $count_groups = $row['Course_Group_id'];
        }
        echo " <button onclick='CreateGroup()' class='btn btn-primary'> Create Group</button>";
        ?>
        <hr>
        <?php
@ -512,96 +532,56 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
 FROM `course_group_members_table`  INNER JOIN course_groups_table on 
 course_groups_table.Course_Group_id=course_group_members_table.Course_Group_id WHERE Student_id=$student_id and course_groups_table.Course_id=$course_id");
-    if(mysqli_num_rows($result)==0)
+        if (mysqli_num_rows($result) == 0) {
    {
            echo "You have no Group in this Course";
-    } else { while($row = mysqli_fetch_assoc($result)) {
+        } else {
            while ($row = mysqli_fetch_assoc($result)) {
                $name = $row['Group_Name'];
                $id = $row['Course_Group_id'];
                $status = $row['Status'];
                $extra = " -  <a href='#' class='' onclick='invite($id)'> Invite Others</a></small>";
-            if($status=="Invited")
+                if ($status == "Invited") {
            {
                    $extra2 = "   <a href='#' class='' onclick='accept($id,1)'>Accept</a></small>";
                    $extra3 = "   <a href='#' class='' onclick='accept($id,0)'>Decline</a></small>";
                }
-
+                echo "<div  class='btn-default'><small> $name ($status)  $extra  $extra2  $extra3</small></div>";
            # Add "delete group" button and allow only group creator to delete it
            $extra4 = "<button onclick='delete_group($id)' class='btn btn-danger' style='height: 25px; width: 90px; 
                        line-height: 10px; font-size: 10px'>DELETE GROUP</button>";
            echo "<div  class='btn-default'><small> $name ($status)  $extra  $extra2  $extra3" . 
            (($status == "Created")? "$extra4": "")
            ."</small></div>";
                $rs2 = mysqli_query($con, "SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID, 
                            course_group_members_table.`Status`,users_table.Full_Name FROM `course_group_members_table` 
 INNER JOIN users_table on users_table.Student_ID=course_group_members_table.Student_ID
 where course_group_members_table.Course_Group_id=$id");
            #Check whether the current user in session is the creator of the group
            $rs3 = mysqli_query($con, "SELECT `Status` from course_group_members_table where Student_ID = $student_id");
            $flag = mysqli_fetch_assoc($rs3)['Status'] == "Created";
                while ($row = mysqli_fetch_assoc($rs2)) {
                    $name = $row['Full_Name'];
                    $id = $row['Course_Group_id'];
                    $status = $row['Status'];
                    $Student_ID = $row['Student_ID'];
-                #Show group members + remove button next to each member except the creator of the group
+                    echo "<li><small> $name-$Student_ID ($status)</small></li>";
                if($flag){
                    echo "<li><small> $name-$Student_ID ($status)</small>".(($status != "Created")?"<button onclick='remove_member($Student_ID, $id)' 
                class='btn btn-danger' style='height: 25px; width: 80px; line-height: 10px;'>remove</button>":"")."</li>";
                }else{
                    echo "<li><small> $name-$Student_ID ($status)</small>";
                }
            }
            }
        }
        ?>
    </div>
    </div>
 <?php
 }
 include 'Footer.php';
 ?>
 <script src="./css/jquery-1.11.1.min.js"></script>
 <script src="./css/jquery-ui.min.js"></script>
 <link rel="stylesheet" href="./css/jquery-ui.css" />
 <script>
    function CreateGroup() {
-    
+        try {
    try
    {
            $('<form id="frm" method="get" action="Script.php"><input type="hidden" name="creategroup" value="true">\n\
 <input type="hidden" name="student_id" value="<?php echo $student_id; ?>" > Group Name  <input type="text" name="name">\n\
@ -622,18 +602,14 @@ function CreateGroup() {
                }
            });
-    } catch(e){ alert(e); }
+        } catch (e) {
            alert(e);
        }
    }
    function invite(id) {
-    
+        try {
    try
    {
            $('<form id="frm" method="get" action="Script.php"><input type="hidden" name="groupinvite" value="true">\n\
 <input type="hidden" name="groupid" value="' + id + '" > Enter Student_ID to Invite  <input type="text" name="student_id">\n\
@ -654,21 +630,14 @@ function invite(id) {
                }
            });
-    } catch(e){ alert(e); }
+        } catch (e) {
            alert(e);
        }
    }
    function accept(id, val) {
-    try
+        try {
    {
            $('<form id="frm" method="get" action="Script.php"><input type="hidden" name="acceptinvite" value="true">\n\
 <input type="hidden" name="groupid" value="' + id + '" > \n\  <input type="hidden" name="action" value="' + val + '" > \n\
@ -691,75 +660,15 @@ function accept(id,val) {
                }
            });
-    } catch(e){ alert(e); }
+        } catch (e) {
            alert(e);
        }
    }
-
+    function remarking(data) {
 function remarking(data)
 {
        var details = prompt("Please enter your remarking reasons", "");
        window.location.href = data + "&details=" + details;
    }
 function remove_member(student_id, group_id) {
    try
    {
        $('<form id="frm" method="get" action="Script.php"><input type="hidden" name="removemember" value="true">\n\
 <input type="hidden" name="student_id" value="'+student_id+'" > \n\
 <input type="hidden" name="group_id" value="'+group_id+'">\n\
 <input type="hidden" name="url" value="<?php echo $url; ?>"></form>').dialog({
    modal: true,
    title:'Remove '+student_id+'?',
    buttons: {
        'Confirm': function () {
            $('#frm').submit();
            $(this).dialog('close');
        },
        'X': function () {
            $(this).dialog('close');
        }
    }
 });
    } catch(e){ alert(e); }
 }
 function delete_group(id) {
    try
    {
        $('<form id="frm" method="get" action="Script.php"><input type="hidden" name="deletegroup" value="true">\n\
 <input type="hidden" name="group_id" value="'+id+'" > \n\
 <input type="hidden" name="url" value="<?php echo $url; ?>"></form>').dialog({
    modal: true,
    title:'Delete this group?',
    buttons: {
        'Confirm': function () {
            $('#frm').submit();
            $(this).dialog('close');
        },
        'X': function () {
            $(this).dialog('close');
        }
    }
 });
    } catch(e){ alert(e); }
 }
 </script>
--- a/Courses.php
+++ b/Courses.php
@ -2,42 +2,29 @@
 include 'NoDirectPhpAcess.php';
 ?>
 <?php
 $page = 'Courses';
 include 'Header.php';
 echo "<main role='main' class='container bg-white' style='margin-top: 20px;'>";
 $user_d = $_SESSION['user_id'];
-if( $_SESSION['user_type']=="Lecturer" || $_SESSION['user_type']=="TA")
+if ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA") {
 {
    ?>
        <!--    FOR LECTURER-->
        <div class="row" style="width:80%;margin:auto; text-align:left;">
    <script src="./css/jquery-1.11.1.min.js"></script>
    <script src="./css/jquery-ui.min.js"></script>
    <link rel="stylesheet" href="./css/jquery-ui.css" />
                <script>
                function extend_deadline(id) {
                    var dropstudents = $("#dropstudents").html();
-        try
+                    try {
        {
                        $('<form id="frm" method="get" action="Script.php">\n\
                            <input type="hidden" name="extenddeadline" value="true" >\n\
@ -64,23 +51,23 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
                                }
                            });
-        }catch(e){ alert(e); }
+                        } catch (e) {
                            alert(e);
                        }
                    }
                </script>
                <?php
-    if(!empty($_GET["course"]))
+                if (!empty($_GET["course"])) {
-    {
+                    $course_url = $_GET["course"];
        $course_url = mysqli_real_escape_string($con, $_GET["course"]);
                    $result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
                        . " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`  "
                        . " , users_table.Full_Name  FROM `courses_table` INNER JOIN users_table"
                        . " ON users_table.User_ID=courses_table.Lecturer_User_ID where URL='$course_url' ");
-        if(mysqli_num_rows($result)==0)
+                    if (mysqli_num_rows($result) == 0) {
-        {} else { while($row = mysqli_fetch_assoc($result)) {
+                    } else {
                        while ($row = mysqli_fetch_assoc($result)) {
                            $name = $row['Course_Name'];
                            $code = $row['Course_Code'];
                            $faculty = $row['Faculty'];
@ -103,9 +90,8 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
                // ------------------------------Editing Lab Assignment by Lecturer ------------------------------------
                        if ($_GET['act'] == "edit") {
-                $getid = mysqli_real_escape_string($con, $_GET["cid"]);
+                            $getid = $_GET["cid"];
                            $result1 = mysqli_query($con, "SELECT * from lab_reports_table WHERE Lab_Report_ID = '$getid'");
                            while ($row1 = mysqli_fetch_assoc($result1)) {
@ -119,19 +105,18 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
                            }
                            if (isset($_POST['frm_uploadlab'])) {
-                    $deadlinedate = trim(mysqli_real_escape_string($con, $_POST["deadlinedate"])); // remove spaces
+                        $deadlinedate = trim($_POST["deadlinedate"]); // remove spaces
-                    $deadlinetime = trim(mysqli_real_escape_string($con, $_POST["deadlinetime"])); // remove spaces
+                        $deadlinetime = trim($_POST["deadlinetime"]); // remove spaces
-                    $instructions = mysqli_real_escape_string($con, $_POST["instructions"]);
+                        $instructions = $_POST["instructions"];
-                    $title = mysqli_real_escape_string($con, $_POST["title"]);
+                        $title = $_POST["title"];
-                    $marks = mysqli_real_escape_string($con, $_POST["marks"]);
+                        $marks = $_POST["marks"];
-                    $type  = mysqli_real_escape_string($con, $_POST["type"]);
+                        $type  = $_POST["type"];
                        $Deadline = $deadlinedate . " " . $deadlinetime;
                        $date =  date("Y-m-d H:i");
                        $sql = "UPDATE `lab_reports_table` SET `Deadline` = ('" . $Deadline . "'), `Instructions` = ('" . $instructions . "'), `Title` = ('" . $title . "'), `Marks` = ('" . $marks . "'), `Type` = ('" . $type . "') WHERE `lab_reports_table`.`Lab_Report_ID` = '$getid'";
                            if ($con->query($sql) === TRUE) {
                                $_SESSION["info_Updated"] = "Assignment information updated successfully.";
                            } else {
                            // echo "Error: " . $sql . "<br>" . $con->error;
                                echo "Serious error happened whiling updating assignment information.";
@ -153,14 +138,14 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
                                <input type='hidden' name='course_id' value='<?php echo "$id" ?>' required='' />
                                <input type='hidden' name='url' value='<?php echo ".$course_url." ?>' required='' />
-                    Deadline Date/Time
+                                Dealine Date/Time
                                <div class='row'>
                                    <div class='col-md-7'><input type='date' id='date' name='deadlinedate' placeholder='' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act'] == "edit" ? $Date : ""; ?>"> </div>
                                    <div class='col-md-5'> <input type='text' id='time' class='form-control' name='deadlinetime' value="<?php echo isset($_GET['act']) && $_GET['act'] == "edit" ? $Time : ""; ?>"> </div>
                                </div>
                                Title
-                        <input type='text'  name='title' placeholder='Title' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Title : ""; ?>">
+                                <input type='text' name='title' placeholder='Ttle' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act'] == "edit" ? $Title : ""; ?>">
                                Instructions
                                <textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required=''><?php echo isset($_GET['act']) && $_GET['act'] == 'edit' ? $Instructions : ''; ?></textarea>
                                Marks
@ -174,7 +159,6 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
                                Attachment 3
                                <input type='file' name='attachment3' placeholder='Attachment 1' class='form-control'>
                                Attachment 4
                                <input type='file' name='attachment4' placeholder='Attachment 4' class='form-control'>
                                <br>
@ -187,12 +171,12 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
                                }
                                ?>
                                <hr>
                                <input type='submit' class='btn btn-primary' value='Post Lab Assignment'><br>
                            </form><br><br><br><br>
                            <?php
-                }}else{
+                        }
                    } else {
                    // ------------------------------Posting New Lab Assignment------------------------------------
@ -213,14 +197,14 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
                                <input type='hidden' name='course_id' value='<?php echo "$id" ?>' required='' />
                                <input type='hidden' name='url' value='<?php echo ".$course_url." ?>' required='' />
-                    Deadline Date/Time
+                                Dealine Date/Time
                                <div class='row'>
                                    <div class='col-md-7'><input type='date' id='date' name='deadlinedate' placeholder='' class='form-control' required='' value=""> </div>
                                    <div class='col-md-5'> <input type='time' class='form-control' name='deadlinetime' value=""> </div>
                                </div>
                                Title
-                        <input type='text'  name='title' placeholder='Title' class='form-control' required='' value="">
+                                <input type='text' name='title' placeholder='Ttle' class='form-control' required='' value="">
                                Instructions
                                <textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required='' value=""></textarea>
                                Marks
@ -234,7 +218,6 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
                                Attachment 3
                                <input type='file' name='attachment3' placeholder='Attachment 1' class='form-control'>
                                Attachment 4
                                <input type='file' name='attachment4' placeholder='Attachment 4' class='form-control'>
                                <br>
@ -247,7 +230,6 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
                            <?php
                        }
                    }
                }
                echo "</div>";
@ -267,22 +249,17 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
                    $_SESSION['info_courses'] = null;
                }
                $result = mysqli_query($con, " SELECT `Lab_Report_ID`,Type,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, "
                    . "`Attachment_link_4` FROM `lab_reports_table` WHERE Course_ID=$id ORDER by Lab_Report_ID DESC");
-           
+                if ($_SESSION['user_type'] == "TA") {
        if( $_SESSION['user_type']=="TA")
        {
                    echo "<b style='color:gray'>*Only Lecturer can post a new lab report assignment</b><br>";
                }
-        if(mysqli_num_rows($result)==0)
+                if (mysqli_num_rows($result) == 0) {
        {
                    echo "No assignments posted so far.";
-     
+                } else {
-        } else { while($row = mysqli_fetch_assoc($result)) {
+                    echo "<div class='row'><div class='col-sm-6'>";
                    while ($row = mysqli_fetch_assoc($result)) {
                        $marks = $row['Marks'];
                        $title = $row['Title'];
                        $ins = $row['Instructions'];
@ -298,56 +275,71 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
                        $full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
                        if ($att2 != "") {
-                    $full_link= $full_link." &nbsp|&nbsp <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";    
+                            $full_link = $full_link . " <a class='card-link' href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
                        }
                        if ($att3 != "") {
-                    $full_link= $full_link." &nbsp|&nbsp <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";    
+                            $full_link = $full_link . " <a class='card-link' href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
                        }
                        if ($att4 != "") {
-                    $full_link= $full_link." &nbsp; | &nbsp <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";    
+                            $full_link = $full_link . " <a class='card-link' href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
                        }
                        $resultx1 = mysqli_query($con, "Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id");
-                while($row = mysqli_fetch_assoc($resultx1)) {$count_subs=$row['cnt'];}    
+                        while ($row = mysqli_fetch_assoc($resultx1)) {
                            $count_subs = $row['cnt'];
                        }
                        $resultx2 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Marks is not null");
-                if(mysqli_num_rows($resultx2)==0){$count_marked=0;} else { while($row = mysqli_fetch_assoc($resultx2)) {$count_marked =$row['cnt'];}}     
+                        if (mysqli_num_rows($resultx2) == 0) {
-                            
+                            $count_marked = 0;
                        } else {
                            while ($row = mysqli_fetch_assoc($resultx2)) {
                                $count_marked = $row['cnt'];
                            }
                        }
                        $header = "Courses > " . $name . "($code) > Assignments > " . $title;
                echo "      <div class='break-word btn btn-default' style='word-wrap: break-word;border-color:grey;'>
  $title ($as_type) <br> $ins
   <br> <span style='font-size:8pt'>Posted : $posted  Deadline :  <b> $deadline </b> &nbsp; ($marks Marks)      &nbsp;    &nbsp; &nbsp; &nbsp; &nbsp;   "
                . "<br>"
                      . "<span class='btn-default'> &nbsp;&nbsp; $count_subs Submissions ( $count_marked Marked ) &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href='Courses.php?course=".$url."&act=edit&cid=".$id."'>Edit</a>&nbsp;&nbsp; |&nbsp;&nbsp;<a href='~\..\Submissions.php?id=$id&header=$header&total=$marks' onclick=''> View </a>     &nbsp;&nbsp; |&nbsp;&nbsp;         <a href='#'  onclick='extend_deadline($id)'> Extend Deadline </a>  </span>         <hr> Attachments : $full_link </span>"
                      . "&nbsp;&nbsp;</div>
                        ";
            }}
        echo "</div>";
                        echo"<div class='card' style='width: 18rem;'> 
                              <div class='card-body'>
                                <h5 class='card-title'>$title ($as_type)</h5>
                                <p class='card-text'>$ins</p>
                              </div>
                              <ul class='list-group list-group-flush'>
                                <li class='list-group-item'>Posted : $posted</li>
                                <li class='list-group-item'>Deadline : <b> $deadline </b></li>
                                <li class='list-group-item'>
                                <div class='dropdown show'>
                                  <a class='btn btn-secondary dropdown-toggle'  id='dropdownMenuLink' data-toggle='dropdown'  >
                                    Action
                                  </a>
                                  <div class='dropdown-menu' aria-labelledby='dropdownMenuLink'>
                                    <a class='dropdown-item' href='Courses.php?course= $url &act=edit&cid= $id' >Edit</button>
                                    <a class='dropdown-item' href='~\..\Submissions.php?id=$id&header=$header&total=$a' onclick='' >View action</a>
                                    <a class='dropdown-item' href='#' onclick='extend_deadline($id)'>Extend Deadline</a>
                                  </div>
                                </div>
                                </li>  
                              </ul>
                              <div class='card-body'>
                                $full_link
                              </div>
                            </div> ";
                    }
                }
                echo "</div></div></div>";
                $resultx1 = mysqli_query($con, "SELECT course_students_table.Student_ID,users_table.Full_Name FROM 
                    `course_students_table`
                    INNER JOIN users_table on users_table.Student_ID=course_students_table.Student_ID
                    WHERE Course_ID=$course_id");
                echo "<span id='dropstudents' style='display:none;'> <select name='stdid'>";
-        while($row = mysqli_fetch_assoc($resultx1)) 
+                while ($row = mysqli_fetch_assoc($resultx1)) {
        {
                    $stdid = $row['Student_ID'];
                    $stdname = $row['Full_Name'];
@ -357,17 +349,11 @@ WHERE Course_ID=$course_id");
                . "<input type='hidden' name='url' value='$course_url'>"
                . " </span>";
                return;
            }
            ?>
            <div class="col-md-8">
                <?php
@ -379,23 +365,22 @@ WHERE Course_ID=$course_id");
                </a></div>
                ";
                $result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, "
                    . "`Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`   , users_table.Full_Name  FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID where courses_table.Lecturer_User_ID=$user_d");
-    if($_SESSION['user_type']=="TA")
+                if ($_SESSION['user_type'] == "TA") {
    {
                    $result = mysqli_query($con, "SELECT course_ta.Course_ID, `Course_Name`, 
                      `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`   FROM `courses_table` 
                      INNER JOIN 
                      course_ta ON course_ta.Course_ID=courses_table.Course_ID where course_ta.TA=$user_d");
                }
            // $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`   , users_table.Full_Name  FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID");
                if (mysqli_num_rows($result) == 0) {
                } else {
-    if(mysqli_num_rows($result)==0)
+                        echo "<div class='list-group'>";
-    {} else { while($row = mysqli_fetch_assoc($result)) {
+                    while ($row = mysqli_fetch_assoc($result)) {
                        $id = $row['Course_ID'];
                        $name = $row['Course_Name'];
                        $code = $row['Course_Code'];
@ -413,24 +398,22 @@ where course_ta.Course_ID=$id");
                            $ta = $ta . "  - " . $rowTA['TA_NAME'];
                        }
                        echo "    
                        <a href='~\..\Courses.php?course=$url' class='list-group-item list-group-item-action flex-column align-items-start'>
                            <div class='d-flex w-100 justify-content-between'>
                              <h5 class='mb-1'>($code) - $name </h5> 
                            </div>
                            <p class='mb-1'>Faculty : $faculty   Year :  $academic   Lecturer  :$lecturer    TA:$ta </p> 
                        </a> ";
                    }
-                         <a href='~\..\Courses.php?course=$url'>   <div class='btn btn-default'>
+                } ?>
-  ($code) - $name 
+            </div>
   <br> <span style='font-size:8pt'>Faculty : $faculty &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Year :  $academic  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;  Lecturer  :$lecturer  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;  TA:$ta </span>
 </div></a>
                        ";
        }}?>
            </div>
            <div class="col-md-4">
                <br>
                <b> Course Joining Requests </b>
                <?php
                $lecturer_id = $_SESSION['user_id'];
                $result = mysqli_query($con, "SELECT  course_students_table.ID,users_table.Full_Name,  courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table` 
@ -438,11 +421,11 @@ INNER JOIN course_students_table on  course_students_table.Course_ID=courses_tab
                    INNER JOIN users_table on users_table.Student_ID=course_students_table.Student_ID
                    WHERE  Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'");
-    if(mysqli_num_rows($result)==0)
+                if (mysqli_num_rows($result) == 0) {
    {
                    echo "<br>  <i class='fa fa-info-circle'></i> No Course joining request so far for all your courses <hr>";
-    } else { while($row = mysqli_fetch_assoc($result)) {
+                } else {
                    while ($row = mysqli_fetch_assoc($result)) {
                        $id = $row['ID'];
                        $name = $row['Course_Name'];
@ -455,21 +438,12 @@ WHERE  Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'"
                        $std_name is Requesting to join <br> [($code) - $name ] &nbsp;&nbsp;&nbsp;&nbsp; <br><a href='~\..\Script.php?AcceptStudent=y&id=$id&rs=yes' class='btn-sm btn-success' onclick=return confirm(\"are you sure to join this course?\")' > Accept </a>
                        &nbsp;&nbsp;<a href='~\..\Script.php?AcceptStudent=y&id=$id&rs=no' class='btn-sm btn-danger' onclick=return confirm(\"are you sure to join this course?\")' > Decline </a>                     
                        </div>";
                    }
                }
                ?>
                <?php
-    if( $_SESSION['user_type']=="TA")
+                if ($_SESSION['user_type'] == "TA") {
    {
                    echo "<center>Only Lecturers can Post new Lab report Assignments</center>";
                }
                if ($_SESSION['user_type'] == "Lecturer") { ?>
@ -494,10 +468,8 @@ WHERE  Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'"
                        Faculty <br>
                        <input type="text" name="faculty" placeholder="Faculty" class="form-control" required="">
                        <input type="hidden" name="lecturer" value="<?php echo $_SESSION['user_id'];  ?>">
                        Verify Joining Students
                        <input type="radio" name="verify" value="1"> Yes
                        <input type="radio" name="verify" value="0" checked=""> No
@ -511,80 +483,99 @@ WHERE  Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'"
            </div>
            <!--   END LECTURER   -->
            <?php
        }
-       
+        if ($_SESSION['user_type'] == "Student") {
 if( $_SESSION['user_type']=="Student")
 {
            ?>
            <!--STUDENT CODE-->
-        <div class="row" style="width:80%;margin:auto; text-align:left;">
+            <div class="row">
                <div class='col-md-1'></div> 
                <div class="col-md-6">
                    <br> Course Portal > Students <br>
                    <?php
                    error_reporting(0);
                    if (isset($_SESSION['info_Courses_student'])) {
-        echo '<hr><span class="alert alert-success" role="alert">' . $_SESSION['info_Courses_student'] . '</span>';
+                        echo '<hr><p class="alert alert-success" role="alert">' . $_SESSION['info_Courses_student'] . '</p>';
                        $_SESSION['info_Courses_student'] = null;
                    }
                    ?>
                    <br><br>
                </div>
-    <div class="col-md-6"></div>
+                <div class="col-md-5"></div>
            </div> 
            <div class="p-4 my-4 bg-purple rounded shadow-sm"> 
                <div class="col-md-12">
                <?php
                    echo " 
                    <form method='get' action='Courses.php'>
                    <div class='form-row'>
                        <div class='form-group col-md-6'>
                            <input type='text' class='form-control' name='search'  aria-label='Enter Course Code' placeholder='Enter Course Code'>
                        </div>
                        <div class='form-group col-md-4'> 
                            <select name='faculty' class='form-control' aria-label='Search by'><option selected value='' >Search by Faculty</option>";
                            $result = mysqli_query($con, "SELECT   DISTINCT(Faculty) as Faculty FROM `courses_table`");
                            if (mysqli_num_rows($result) == 0) {
                            } else {
                                while ($row = mysqli_fetch_assoc($result)) {
                                    $fname = $row['Faculty'];
                                    echo "<option value='$fname'>Faculty $fname </option>";
                                }
                            }
                            echo "</select>
                        </div>
                        <div class='form-group col-md-2'>
                            <button class='btn btn-primary' type='submit' >Find</button> 
                        </div>  
                    </div> 
                    </form>";
                }
-
+                ?>
-    <div class="row" style="width:80%;margin:auto; text-align:left;">
+                </div>
-    <div class="col-md-6">
+            </div>
                    <?php
                    error_reporting(0);
                    $student_id = $_SESSION['user_student_id'];
-    // current academic year - i.e 2021 - 2022 , so we will show in search result:
+                    if (!empty($_GET["search"]) || !empty($_GET["faculty"])) {
-    // course containing either 2021 or 2022 as academic year.
+                        $search = trim($_GET["search"]);
-    $oldest_academic_year = date('Y') - 1;
+                        $faculty = $_GET["faculty"];
    if(!empty($_GET["search"]) || !empty($_GET["faculty"]))
    {
        $search = trim(mysqli_real_escape_string($con, $_GET["search"]));
        $search = strtoupper($_GET['search']);
        $faculty = mysqli_real_escape_string($con, $_GET["faculty"]);
-        // the user has not entered something under "Find course by Code"
+                        if ($faculty == "") {
-        if($faculty=="")
+                            echo "<div class='my-3 p-3 bg-body rounded shadow-sm'>  <div class='row' >    <div class='col-md-12'> ";
-        {
+                            echo "<h4 class='border-bottom pb-2 mb-0'> Search Results for Course Code $search</h4>";
            echo "<h4> Search Results for Course Code $search</h4><hr>";
                            $result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
                                . " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`  "
                                . " , users_table.Full_Name  FROM `courses_table` INNER JOIN users_table"
-                                   . " ON users_table.User_ID=courses_table.Lecturer_User_ID where Academic_Year >= $oldest_academic_year and Course_Code like '%{$search}%'  and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id) order by Academic_Year desc");
+                                . " ON users_table.User_ID=courses_table.Lecturer_User_ID where Course_Code like '%{$search}%' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)");
-        } 
+                        } else {
-        // the user has entered something under "Find course by Code"
+                            echo "<div class='my-3 p-3 bg-body rounded shadow-sm'>  <div class='row' >    <div class='col-md-12'> ";
-        else
+                            echo "<h3 class='border-bottom pb-2 mb-0'> Find Courses under faculty $faculty</h3>";
        {
            echo "<h3> Find Courses under faculty $faculty</h3>";
                            $result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,
                             `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` 
                             , users_table.Full_Name  FROM `courses_table` INNER JOIN users_table
-         ON users_table.User_ID=courses_table.Lecturer_User_ID where Academic_Year >= $oldest_academic_year  and Faculty='$faculty'  and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id) order by Academic_Year desc");
+                             ON users_table.User_ID=courses_table.Lecturer_User_ID where Faculty='$faculty'  and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)");
                        }
-
+               echo "<div class='row row-cols-1 row-cols-sm-2 row-cols-md-3 g-3'>";
-        if(mysqli_num_rows($result)==0)
+                        if (mysqli_num_rows($result) == 0) {
-        {
+                            echo "<h5>No results found for your Search <h5><hr>";
            echo "No results found for your Search <hr>";
                        } else {
                            while ($row = mysqli_fetch_assoc($result)) {
@ -597,32 +588,57 @@ if( $_SESSION['user_type']=="Student")
                                $id = $row['Course_ID'];
                                $v = $row['Verify_New_Members'];
                                $msg2 = "Join Course";
-                if($v>0)
+                                if ($v > 0) {
                {
                                    $msg = "<i class='fa fa-exclamation-circle'></i> Lecturer verification required";
                                    $msg2 = "Send Joining Request";
                                }
-                echo "<div class='btn btn-default' style='word-wrap:break-word'>
+                                 echo "<div class='col'> 
-  [$code] $name <br>($url) <br>  <a href='~\..\Script.php?JoinCourse=y&id=$id&std=$student_id&joining=$v' class='btn-sm btn-success' onclick=return confirm(\"Are you sure to join this course?\")' > $msg2 </a>
+                                        <div class='card'>  
-   <br> <span style='font-size:10pt'>Faculty: $faculty | Year: $academic | Lecturer: $lecturer </span><br>$msg</div>
+                                            <div class='card-header'>
-                        ";
+                                                <ul class='nav nav-pills card-header-pills'>
                                                  <li class='nav-item'>
                                                    <h5 class='nav-link'> $name </h5>
                                                  </li>
                                                  <li class='nav-item'>
                                                    <p class='nav-link'>$msg</p>
                                                  </li> 
                                                </ul> 
                                            </div>
                                            <div class='card-body'>
                                              <h5 class='card-title'>$code</h5> 
                                              <p class='card-text'> $academic</p>
                                              <p class='card-text'>$faculty</p>
                                              <p class='card-text'>$lecturer</p>
                                              <a href='~\..\Script.php?JoinCourse=y&id=$id&std=$student_id&joining=$v' onclick=return confirm(\"Are you sure to join this course?\")' class='btn btn-success'>Open</a>
                                            </div>
                                        </div>
                                      </div>";
                            }
                        }
               echo "</div>";
                    }
-    // Otherwise, list the student's joined courses (already done), in reverse chronological order
+                    ?>
-    echo "<h4> My Courses </h4>";
+</div>
 </div>
 </div>
 <div class="my-3 p-3 bg-body rounded shadow-sm">
    <h4 class="border-bottom pb-2 mb-0"> My Courses </h4>
        <div class="row row-cols-1 row-cols-sm-2 row-cols-md-3 g-3"> 
                    <?php 
                    $result = mysqli_query($con, "SELECT users_table.Full_Name, course_students_table.Status, courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table`
                        INNER JOIN users_table
                        ON users_table.User_ID=courses_table.Lecturer_User_ID
                        INNER JOIN course_students_table on course_students_table.Course_ID=courses_table.Course_ID
-                  where course_students_table.Student_ID=$student_id order by Academic_Year desc");
+                        where course_students_table.Student_ID=$student_id");
-    if(mysqli_num_rows($result)==0)
+                    if (mysqli_num_rows($result) == 0) {
-    {
+                        echo "<h4><i class='fa fa-exclamation-circle'></i> You are not Enrolled in any Course</h4>";
        echo "<i class='fa fa-exclamation-circle'></i> You are not Enrolled in any Course";
                    } else {
                        while ($row = mysqli_fetch_assoc($result)) {
                            $name = $row['Course_Name'];
@ -634,161 +650,62 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tabl
                            $id = $row['Course_ID'];
                            $Status = $row['Status'];
-            if($Status=="Joined")
+                    ?>
            {
 	         echo "<a href='~\..\Course.php?url=$url'>   <div class='btn btn-default' style='word-wrap:break-word'>
  ($code) - $name <br>($url)       &nbsp;&nbsp;&nbsp; <i class='fa fa-check-circle'></i> $Status   &nbsp;&nbsp;&nbsp;&nbsp; <a href='~\..\Course.php?url=$url' class='btn-sm btn-primary'> Open</a>
   <br> <span style='font-size:8pt'>Faculty : $faculty  Year :   $academic  Lecturer  :$lecturer </span></div></a>
                        ";  
            }
            else
            {
                echo "<div class='btn btn-default'>
  ($code) - $name  <i class='btn-sm btn-danger'> $Status</i>
   <br> <span style='font-size:8pt'>Faculty : $faculty  Year :   $academic  Lecturer  :$lecturer </span></div>
                        "; 
            }
        }
    } 
    echo "</div><div class='col-md-6'>
        <form method='get' action='Courses.php'>
            <div class='row'> 
            <div class='col-md-10'> 
            <div class='row'><div class='col-md-6'> Find course by Code
            <input  type='text' class='form-control' name='search' maxlength='11' placeholder='Enter Course Code'>
            </div><div class='col-md-6'>
 List courses by faculty
 <select name='faculty' class='form-control'>";
        $result = mysqli_query($con,"SELECT   DISTINCT(Faculty) as Faculty FROM `courses_table`");
        if(mysqli_num_rows($result)==0){
             <?php 
                            if ($Status == "Joined") {
                                echo "<div class='col'> 
                                        <div class='card'>  
                                            <div class='card-header'>
                                                <ul class='nav nav-pills card-header-pills'>
                                                  <li class='nav-item'>
                                                    <h5 class='nav-link'> $name </h5>
                                                  </li>
                                                  <li class='nav-item'>
                                                    <p class='nav-link bg-success'><i class='fa fa-check-circle'></i> $Status</p>
                                                  </li> 
                                                </ul> 
                                            </div>
                                            <div class='card-body'>
                                              <h5 class='card-title'>$code</h5> 
                                              <p class='card-text'> $academic</p>
                                              <p class='card-text'>$faculty</p>
                                              <p class='card-text'>$lecturer</p>
                                              <a href='~\..\Course.php?url=$url' class='btn btn-primary'>Open</a>
                                            </div>
                                            </div>
                                      </div>";
                            } else { 
            echo"<option value=''> Search by faculty </option>";
            while($row = mysqli_fetch_assoc($result)) {
                $fname=$row['Faculty'];
                echo " <option value='$fname'> $fname </option>";
            }}
        echo "</select></div></div>
                               echo "<div class='col'> 
                                        <div class='card'>  
                                            <div class='card-header'>
                                                <ul class='nav nav-pills card-header-pills'>
                                                  <li class='nav-item'>
                                                    <h5 class='nav-link'> $name </h5>
                                                  </li>
                                                  <li class='nav-item'>
                                                    <p class='nav-link btn-danger'><i class='fa fa-check-circle'></i> $Status</p>
                                                  </li> 
                                                </ul> 
                                            </div>
-                 <div class='col-md-1'> <br>
+                                            <div class='card-body'>
-            <input type='submit' class='btn btn-primary' value='Find'>
+                                              <h5 class='card-title'>$code</h5> 
                                              <p class='card-text'> $academic</p>
                                              <p class='card-text'>$faculty</p>
                                              <p class='card-text'>$lecturer</p> 
                                            </div>
                                        </div>
-        </form>
+                                      </div>";
    </div></div>"; 
                            }
                        }
                    }
                    ?>
        </div>
    </div>
 </div>
-
+</main>
 <style>
 .form-control{
    padding-top: 1px;
    padding-bottom:1px;
 }
 </style>
--- a/Download.php
+++ b/Download.php
@ -7,11 +7,6 @@ session_start();
 // 修改这一行设置你的文件下载目录
 // IMPORTANT: Do not delete the following conditional test
 if (strpos($_GET['file'], "../") !== false) { // 检查是否有 ../，防止用户构造路径，访问某个他不应该访问的目录
    die("Sorry.  Nothing to download.");
 }
 $file = "./../../lrr_submission".$_GET['file'];
 $filename = basename($file);
@ -25,7 +20,7 @@ $type = filetype($file);
 $today = date("F j, Y, g:i a");
 $time = time();
-if ((isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"]) > 0) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA" ) {
+if ( (isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"])) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA") {
    // 发送文件头部
    header("Content-type: $type");
    header('Content-Disposition: attachment;filename="'.urldecode($filename).'"');
--- a/Footer.php
+++ b/Footer.php
@ -1,4 +1,9 @@
 <br><br><br><br><br><br><br><br><br>
 <div style="background-color:white;width:100%di">
 <footer class="footer bg-primary">
      <div class="container text-light"> 
        <p >LRR was originally developed as a <a href="http://lanlab.org/course/2018f/se/homepage.html" style="color:white;">Software engineering course project</a> by Mohamed Nor and Elmahdi Houzi.  Please submit your suggestions or bug reports to  lanhui _at_ zjnu.edu.cn.  Last updated on 18/04/2020 by Ashly. <a href="./homepage" style="color:white;">More information ...</a></p> 
      <small>© 2018 Copyright: <a href="http://lanlab.org/">lanlab.org</a></small>
      </div>
    </footer>
--- a/Header.php
+++ b/Header.php
@ -19,143 +19,37 @@ if (mysqli_connect_errno()) {
 <head>
-  <link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css" />
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"/>
-  <link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" />
+  <link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" /><!-- Font-awesome CSS -->
-  <link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css" />
+  <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css" integrity="sha384-MCw98/SFnGE8fJT3GXwEOngsV7Zt27NXFoaoApmYm81iuXoPkFOJwJ8ERdknLPMO" crossorigin="anonymous"><!-- Bootstrap CSS -->
-  <!-- *this css file can be used across all the websites 
+
-  and any new css class can be added there.
+  <link href="./css/Styles.css" rel="stylesheet" type="text/css" />
  * The reason is to make the css code reusable.
  * the css file is used by submissions.php
 -->
  <link href = "./css/main.css" rel = "stylesheet" type = "text/css" />
  <script src="./css/jquery.min.js" type="text/javascript"></script>
-  <script src="./css/bootsrap.min.js" type="text/javascript"></script>
+  <script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
    <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js" integrity="sha384-ZMP7rVo3mIykV+2+9J3UJ46jBk0WLaUAdn689aCwoqbBJiSnjAK/l8WvCWPIPm49" crossorigin="anonymous"></script>
    <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js" integrity="sha384-ChfqqxuZUCnJSK3+MXmPNIyE6ZbWh2IMqE241rYiqJxyMiZ6OW/JmZQ5stwEULTy" crossorigin="anonymous"></script>
  <script src="./css/jquery.datetimepicker.min.js" type="text/javascript"></script>
-
+  <script src="./js/CustomDropdown.js" type="text/javascript"></script>
 </head>
 <body>
  <nav class="navbar navbar-expand-lg navbar-dark bg-dark" style="padding-left:150px;padding-right:150px;margin:auto;">
    <a class="navbar-brand" href="~\..\index.php"> <img src="logo.png" style="width:30px;height:30px;"> LRR </a>
    <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarColor02" aria-controls="navbarColor02" aria-expanded="false" aria-label="Toggle navigation">
      <span class="navbar-toggler-icon"></span>
    </button>
    <div class="collapse navbar-collapse" id="navbarColor02">
      <ul class="navbar-nav mr-auto">
        <li class="nav-item active">
        <li class="nav-item active">
          <!-- <a class='nav-link' href='~\..\Visitors.php'>     <i class='fa fa-globe'></i>  Visitor Portal <span class='sr-only'>(current)</span></a> -->
        </li>
        <?php
        if (isset($_SESSION["user_fullname"])) {
          echo "       <a class='nav-link' href='~\..\Courses.php'><i class='fa fa-book'></i> Courses <span class='sr-only'>(current)</span></a>";
        ?>
          </li>
      </ul>
      <form class="form-inline my-2 my-lg-0" style="color:#fff;">
        Welcome &nbsp; <b> <?php echo $_SESSION['user_fullname']; ?> </b> &nbsp;
        <?php
          $c_date =  date("Y-m-d H:i");
          if (isset($_SESSION['user_student_id']))
            echo "(" . $_SESSION['user_type'] . " - " . $_SESSION['user_student_id'] . ")   ";
          else
            echo "(" . $_SESSION['user_type'] . ")   ";
        ?>
        <?php
          if ($_SESSION['user_type'] == "Lecturer") {
            echo  "&nbsp;&nbsp;&nbsp;  <i class=\"fa fa-cog\" style=\"color:#fff;\"> </i> &nbsp;<a style='color:#fff !important' href=\"~\..\Admin.php\" id=\"admin_tab\">Admin </a>";
          }
        ?>
        &nbsp;&nbsp;&nbsp; <i class="fa fa-user" style="color:#fff;"> </i>
        &nbsp;<a href="#" style='color:#fff !important' onclick="updatePass(<?php echo $_SESSION['user_id']; ?>)">Update password</a>
        &nbsp;&nbsp;&nbsp; <i class="fa fa-lock" style="color:#fff;"> </i> &nbsp;<a style='color:#fff !important' href="~\..\logout.php">Logout </a>
      <?php
        }
      ?>
      </form>
    </div>
  </nav>
    <style>
-    .nav-item {
+      .bd-placeholder-img {
-      border-color: #00ff66;
+        font-size: 1.125rem;
        text-anchor: middle;
        -webkit-user-select: none;
        -moz-user-select: none;
        user-select: none;
      }
-    .nav-tabs {
+      /*Rule to include a block of CSS properties only if a certain condition is true.*/
-      border-color: #00ff66;
+      /*https://www.w3schools.com/css/css_rwd_mediaqueries.asp*/
      @media (min-width: 768px) {
        .bd-placeholder-img-lg {
          font-size: 3.5rem;
        }
    .btn-default {
      border: 2px solid #00ff66;
      width: 100%;
      text-align: left;
      margin: 3px auto;
      font-weight: bold;
      font-size: 13pt;
    }
    .table-bordered {
      padding: 5px !important;
    }
    .alert {
      font-weight: bold;
    }
    h1,
    h2,
    h3,
    h4 {
      color: #03407B;
    }
    a {
      color: #03407B;
    }
    .break-word {
      word-wrap: break-word;
      white-space: -moz-pre-wrap !important;
      /* Mozilla, since 1999 */
      white-space: -pre-wrap;
      /* Opera 4-6 */
      white-space: -o-pre-wrap;
      /* Opera 7 */
      white-space: pre-wrap;
      /* css-3 */
      word-wrap: break-word;
      /* Internet Explorer 5.5+ */
      white-space: -webkit-pre-wrap;
      /* Newer versions of Chrome/Safari*/
      word-break: break-all;
      white-space: normal;
    }
    .ui-widget-content.ui-dialog {
      border: 2px solid #03488B;
    }
    .ui-dialog>.ui-widget-header {
      background: #03488B;
      color: white
    }
    .ui-button {
      background: #03488B;
      color: white
      }
    </style>
  <script>
    function updatePass(id) {
@ -175,3 +69,72 @@ if (mysqli_connect_errno()) {
      window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status;
    }
  </script>
 </head>
 <body>
 <nav class="navbar navbar-expand-md navbar-dark bg-primary sticky-top">
  <div class="container-fluid"> 
    <a class="navbar-brand" href="~\..\index.php"> <img src="logo.png" width="30" height="30"> LRR </a>
        <?php  
          if (isset($_SESSION["user_fullname"])) 
          { 
        ?>
            <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarResponsive">
            <span class="navbar-toggler-icon"></span>
            </button>
        <?php
          }
        ?>
    <div class="collapse navbar-collapse" id="navbarResponsive">
        <?php
        if (isset($_SESSION["user_fullname"])) {
          echo "<ul class=\"navbar-nav mr-auto\">";
          echo "<li class=\"nav-item active\">";
          echo "<a class='nav-link' href='~\..\Courses.php'><i class='fa fa-book'></i> Courses</a>";
          echo "</li></ul>"; 
        ?>
    <ul class="nav navbar-nav navbar-right">
        <li class="nav-item">
          <a class="nav-link text-light" href="#">Welcome <b> <?php echo $_SESSION['user_fullname']; ?> </b>
          <?php
            $c_date =  date("Y-m-d H:i");
            if (isset($_SESSION['user_student_id']))
              echo "(" . $_SESSION['user_type'] . " - " . $_SESSION['user_student_id'] . ")   ";
            else
              echo "(" . $_SESSION['user_type'] . ")   ";
          ?>
          </a>
        </li>
        <li class="nav-item dropdown">
          <a class="nav-link dropdown-toggle text-light"  id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> Menu </a>
          <div class="dropdown-menu" aria-labelledby="navbarDropdown">
            <a href="#" class="dropdown-item" onclick="updatePass(<?php echo $_SESSION['user_id']; ?>)"><i class="fa fa-user ">Update passwor</i></a>
            <?php
                if ($_SESSION['user_type'] == "Lecturer") {
                  echo  "<a class=\"dropdown-item\" href=\"~\..\Admin.php\"><i class=\"fa fa-cog\" >Admin</i> </a>";
                }
              ?>  
          </div>
        </li>
        <li class="nav-item">
            <a class="nav-link text-light" href="~\..\logout.php"><i class="fa fa-lock" > Logout</i> </a>
        </li>
      </ul>
      <?php
        }
      ?>
    </div>
  </div>
 </nav> 
--- a/NoDirectPhpAcess.php
+++ b/NoDirectPhpAcess.php
@ -2,6 +2,6 @@
    // https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file
    if (!isset($_SERVER['HTTP_REFERER']) ) {
        /* choose the appropriate page to redirect users */
-        die( header( 'location: logout.php' ) );
+        die( header( 'location: index.php' ) );
    }
 ?>
--- a/README.md
+++ b/README.md
@ -18,17 +18,15 @@ Our mission is to make the experience of submitting assignments great for tens o
 # Installation Instructions
-## Hui steps
+## Hui's steps
 I spent about two hours installing LRR to a bare, remote Ubuntu server (Ubuntu 20.04 LTS).
-LRR needs Apache and MySQL to run.  I followed [How To Install Linux, Apache, MySQL, PHP (LAMP) stack on Ubuntu 20.04](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-20-04) to set up these server applications.  [How to install and configure PHP](https://ubuntu.com/server/docs/programming-php) is also a good guide.
+LRR needs Apache and MySQL to run.  I followed [How To Install Linux, Apache, MySQL, PHP (LAMP) stack on Ubuntu 20.04](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-20-04) to set up these server applications.
-LRR uses a database called `lrr`.  So create this database using MySQL root account.  Open MySQL's prompt using `sudo mysql`.  Create the database using command `CREATE DATABASE lrr;`, and grant all privileges to MySQL user `lrr` using command `GRANT ALL PRIVILEGES ON lrr.* TO 'mnc'@'localhost' WITH GRANT OPTION;`.   If MySQL user mnc does not exist, create it using command `CREATE USER 'mnc'@'localhost' IDENTIFIED BY 'password'`.
+LRR uses a database called `lrr`.  I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server.
-
+The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.txt`.
-To facilitate data migration, I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server.
+The command for importing is `mysql -u mnc -p lrr < lrr_database_dump.txt`.  Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail.
 The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.txt`, where mnc after -u is MySQL's username, and lrr after -p is the database name.
 The command for importing is `mysql -u mnc -p lrr < lrr_database_dump.txt`.  Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail. Do not have lrr_database_dump.txt?  You can use lrr_database.sql in this repo instead.
 LRR also needs to store assignment submissions.  We store them in a folder called `../../lrr_submission`.  Note that `lrr_submission` is two levels above the project folder (where many PHP files reside).  I copied this folder from the existing one.  I think it is also OK if you create an empty folder.   
 We need to set a proper owner and accessibility for `lrr_submission` using the following two commands:
@ -51,7 +49,7 @@ Enable the site lrr: `sudo a2ensite lrr`.  Restart the apache server: `sudo syst
 Visit the LRR application by entering this URL in a web browser: http://121.4.94.30/.
-## Enock steps
+## Enock's steps
 Enock, a graduate student here, has made a tutorial about how he deployed LRR to a remote server (http://lanlab.org/course/2021s/spm/PuTTY-Server.txt).
@ -173,49 +171,49 @@ We can also communicate through pull requests.  You make a pull request, I revie
 GitHub Account - Full Name - Student number
-CODEwithZAKI - Omar Mohamud Mohamed - 2020041
+CODEwithZAKI - Omar Mohamud Mohamed - 202025800041
-BloudYoussef - Khayat Youssef - 2020042 
+BloudYoussef - Khayat Youssef - 202025800042 
-TanakaMichelle - Tanaka Michelle Sandati - 2017134
+TanakaMichelle - Tanaka Michelle Sandati - 201732120134
-WhyteAsamoah  - Yeboah Martha Asamoah   - 2017135
+WhyteAsamoah  - Yeboah Martha Asamoah   - 201732120135
-xiaoyusoil - ZhengXiaoyu - 2017110
+xiaoyusoil - ZhengXiaoyu - 201732120110
-Benny123-cell - ZhangBin - 2017127
+Benny123-cell - ZhangBin - 201732120127
-421281726 - LiJiaxing - 2017118
+421281726 - LiJiaxing - 201732120118
-zhenghongyu-david - ZhengHongyu - 2017128
+zhenghongyu-david - ZhengHongyu - 201732120128
-wkytz - YeHantao - 2017125
+wkytz - YeHantao - 201732120125
-zego000 - GaoZeng - 2017117
+zego000 - GaoZeng - 201732120117
-Richard1427 - XieJiacong - 2017123
+Richard1427 - XieJiacong - 201732120123
-yutengYing - YingYuteng - 2017126
+yutengYing - YingYuteng - 201732120126
-Samrusike  - Samantha Rusike  - 2016140
+Samrusike  - Samantha Rusike  - 201632120140
 *enockkays* <enockkhondowe94@yahoo.com>
-*Teecloudy*  - Ashly Tafadzwa Dhani - 201150
+*Teecloudy*  - Ashly Tafadzwa Dhani - 201632120150
-GuedaliaBonheurSPM - Guedalia Youma - 2019221
+GuedaliaBonheurSPM - Guedalia Youma - 201925800221
-ACorneille - Alimasi Corneille - 2019168
+ACorneille - Alimasi Corneille - 201925800168
-Tabithakipanga - Kipanga Dorcas - 2019170
+Tabithakipanga - Kipanga Dorcas - 201925800170
-Mary-AK  - Mary Akussah Doe - 2019173
+Mary-AK  - Mary Akussah Doe - 201925800173
-pkkumson  - Kumson Princewill Kum - 2019166
+pkkumson  - Kumson Princewill Kum - 201925800166
-Twizere  -  Twizere Pacifique  -  2019174
+Twizere  -  Twizere Pacifique  -  201925800174
-Nicole-Rutagengwa  - Nicole Rutagengwa  - 2019169
+Nicole-Rutagengwa  - Nicole Rutagengwa  - 201925800169
 *hema-001* - Ibrahim Mohamed Ibrahim Ismail - omitted
--- a/Reset_password.php
+++ b/Reset_password.php
@ -8,8 +8,8 @@
 include 'Header.php';
-$token = htmlspecialchars($_GET['token']);
+$token=$_GET['token'];
-$email = htmlspecialchars($_GET['email']);
+$email=$_GET['email'];
 ?>
 <div class="row">
--- a/Script.php
+++ b/Script.php
@ -34,37 +34,39 @@ function is_valid_student_number($student_id)
 }
 // ############################### SIGN UP ##################################
-if (!empty($_POST["form_signup"])) {
+if (!empty($_POST["frm_signup_1"])) {
-    $student_id = trim(mysqli_real_escape_string($con, $_POST["user_student_id"]));
+
    $student_id = trim(mysqli_real_escape_string($con, $_POST["student_id"]));
    // validate student number
    if (!is_valid_student_number($student_id)) {
-        $_SESSION["info_signup"] = "Invalid student number.";
+        $_SESSION["info_signup1"] = "Invalid student number.";
-        header("Location: signup.php");
+        header("Location: index.php");
        return;
    }
    // Check if this student number is a legal one
    $result = mysqli_query($con, "SELECT * FROM `students_data` WHERE Student_ID='$student_id'");
    if (mysqli_num_rows($result) == 0) {
-        $_SESSION["info_signup"] = "Your entered student number could not be verified.  Please contact Student Management Office <lanhui at zjnu.edu.cn>.  Thanks.";
+        $_SESSION["info_signup1"] = "Your entered student number could not be verified.  Please contact Student Management Office <lanhui at zjnu.edu.cn>.  Thanks.";
-        header("Location: signup.php");
+        header("Location: index.php");
        return;
    }
-
+    $result98 = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
-    // Check if the student number isn't already registered
+    if (mysqli_num_rows($result98) == 0) {
-
+        $_SESSION['user_student_id'] = $student_id;
    $student_result = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
    if (mysqli_num_rows($student_result) > 0) {
        $_SESSION["info_signup"] = "This Student ID is already in use! Please contact Student Management Office <lanhui at zjnu.edu.cn> for help.";
        header("Location: signup.php");
        return;
    } else {
        $_SESSION["info_signup1"] = "This Student ID is already in use! Please contact Student Management Office <lanhui at zjnu.edu.cn> for help.";
        header("Location: index.php");
        return;
    }
 }
 // ############################### CREATE STUDENT USER ##################################
-if (!empty($_POST["form_signup"])) {
+if (!empty($_POST["frm_signup_2"])) {
    $fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
    $student_id = mysqli_real_escape_string($con, $_POST["user_student_id"]);
    $email = mysqli_real_escape_string($con, $_POST["email"]);
@ -77,7 +79,7 @@ if (!empty($_POST["form_signup"])) {
    // check confirmed password
    if (strcasecmp($password, $confirmpassword) != 0) {
-        $_SESSION['info_signup'] = "Password confirmation failed.";
+        $_SESSION['info_signup2'] = "Password confirmation failed.";
        $_SESSION['user_fullname'] = null;  // such that Header.php do not show the header information.        
        header("Location: signup.php");
        return;
@ -85,7 +87,7 @@ if (!empty($_POST["form_signup"])) {
    // validate email
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
-        $_SESSION['info_signup'] = "Invalid email address.";
+        $_SESSION['info_signup2'] = "Invalid email address.";
        header("Location: signup.php");
        return;
    }
@ -98,15 +100,16 @@ if (!empty($_POST["form_signup"])) {
    // check for strong password
    if (!$containsAll) {
-        $_SESSION['info_signup'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and special characters (e.g., !?.,*^).";
+        $_SESSION['info_signup2'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and sepcial characters (e.g., !?.,*^).";
        header("Location: signup.php");
        return;
    }
    // check if email is taken
    $result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
-    if (mysqli_num_rows($result) != 0) {
+    if(mysqli_num_rows($result) != 0)
-        $_SESSION["info_signup"] = "Email address " . $email . "  is already in use.";
+    {
        $_SESSION["info_signup2"]="Email address ".$email."  is already in use.";
        $_SESSION['user_fullname'] = null;
        header("Location: signup.php");
        return;
@ -146,7 +149,7 @@ if (!empty($_POST["frm_login"])) {
    $password = mysqli_real_escape_string($con, $_POST["password"]);
    $result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')");
    if (mysqli_num_rows($result) == 0) {
-        $_SESSION["info_login"] = "Invalid user name information.";
+        $_SESSION["info_login"] = "Inavlid user name information.";
        echo $_SESSION["info_login"];
        header("Location: index.php");
    } else {
@ -195,6 +198,7 @@ if (!empty($_POST["frm_recover_password"])) {
    // validate student number
    if (strlen($student_id) != 12  || is_numeric($student_id) == FALSE) {
        $_SESSION["info_recover_password"] = "Invalid student number.";
        #echo "Invalid student number.";
        header("Location: recover_password.php");
        return;
    }
@ -246,7 +250,7 @@ if (!empty($_POST["frm_reset_password"])) {
                // Password Update
                $hashed_password = hash('sha512', $password);
-                $sql = "UPDATE users_table set HashPassword='$hashed_password' where User_ID='$userid';";
+                $sql = "UPDATE users_table set HashPassword='$hashed_password' where User_ID=$userid;";
                if ($con->query($sql) === TRUE) {
                    error_reporting(0);
@ -268,22 +272,20 @@ if (!empty($_POST["frm_createlecturrer"])) {
    $email = mysqli_real_escape_string($con, $_POST["email"]);
    $fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
    $type = mysqli_real_escape_string($con, $_POST["type"]);
-    $password = mysqli_real_escape_string($con, $_POST["passport"]);
+    $password = $passport;
    // check if email is taken
-    $result = mysqli_query(
+    $result = mysqli_query($con,
-        $con,
+                           "SELECT * FROM Users_Table WHERE email='$email'");
-        "SELECT * FROM Users_Table WHERE email='$email'"
+    if(mysqli_num_rows($result)!=0)
-    );
+    {
    if (mysqli_num_rows($result) != 0) {
        $_SESSION["info_Admin_Users"]="Email address : ".$email." is already in use.";
        header("Location: Admin.php");        
    }
    $password_hash = password_hash("$password", PASSWORD_DEFAULT);
    $sql= "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
-        . "('$email','$password_hash','$fullname','$type')";
+        . "('$email','$password','$fullname','$type')";
    if ($con->query($sql) === TRUE) {
-        $_SESSION["info_Admin_Users"] = $type . " user created successfully. Use email " . $email . " as account name and $password as password.";
+        $_SESSION["info_Admin_Users"] = $type . " user Created successfully : email " . $email . " and $password as Password.";
        header("Location: Admin.php");
    } else {
        echo "Error: " . $sql . "<br>" . $con->error;
@ -300,7 +302,7 @@ function is_valid_file_format($file)
        'cvc', 'c', 'class', 'cpp', 'h', 'java', 'sh', 'swift', 'zip', 'rar', 'ods', 'xlr', 'bak', 'ico', 'swf'
    );
-    $filename = $_FILES[$file]['name'];
+    utf8_encode($filename = $_FILES[$file]['name']);
    $ext = pathinfo($filename, PATHINFO_EXTENSION);
    $result = in_array($ext, $allowed);
    return $result;
@ -430,7 +432,7 @@ if (!empty($_POST["frm_uploadlab"])) {
    $sql = "INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`,
                     `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`,Marks,Type) 
-                     VALUES ('$course_id','$date','$deadline','$instructions','$title','$targetfile','$targetfile2','$targetfile3','$targetfile3','$marks','$type')";
+                     VALUES ('$course_id','$date','$deadline','$instructions','$title','$targetfile','$targetfile2','$targetfile3','$targetfile3',$marks,'$type')";
    if ($con->query($sql) === TRUE) {
@ -452,8 +454,10 @@ function checksize($file)
 }
 // ############################### Submit Assignment ##################################
 if (!empty($_POST["frm_submitlab"])) {
    /* Posting values to database */
    $lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]);
    $student_id = $_POST["student_id"];
    $group_id = $_POST["group_id"];
@ -467,7 +471,7 @@ if (!empty($_POST["frm_submitlab"])) {
    $date = date("Y-m-d H:i:s");
    // GET UPLOADED FILES
-    $labName = mysqli_query($con, "SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID='$lab_id'");
+    $labName = mysqli_query($con, "SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID=$lab_id");
    while ($row = mysqli_fetch_assoc($labName)) {
        $lab_name = $row['Title'];
        $_SESSION['Sub_Type'] = $row['Type']; // submission type, either Individual or Group
@ -550,19 +554,19 @@ if (!empty($_POST["frm_submitlab"])) {
    $targetfile4 = "";
    if (strlen($_FILES['attachment1']['name']) > 2) { // why greater than 2???
-        $targetfile = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment1']['name']);
+        $targetfile = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment1']['name'];
    }
    if (strlen($_FILES['attachment2']['name']) > 2) {
-        $targetfile2 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment2']['name']);
+        $targetfile2 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment2']['name'];
    }
    if (strlen($_FILES['attachment3']['name']) > 2) {
-        $targetfile3 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment3']['name']);
+        $targetfile3 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment3']['name'];
    }
    if (strlen($_FILES['attachment4']['name']) > 2) {
-        $targetfile4 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment4']['name']);
+        $targetfile4 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment4']['name'];
    }
    // When $group_id is not properly initialized, use integer 0 as its value.
@ -571,13 +575,13 @@ if (!empty($_POST["frm_submitlab"])) {
        $group_id = 0; // FIXME
    }
-    $sql1 = "DELETE FROM lab_report_submissions where Lab_Report_ID='$lab_id' and Student_id='$student_id' and Course_Group_id='$group_id'";
+    $sql1 = "DELETE FROM lab_report_submissions where Lab_Report_ID=$lab_id and Student_id=$student_id and Course_Group_id=$group_id";
    if ($con->query($sql1) === TRUE) {
    }
    $sql = "INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`,"
        . " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)"
-        . " VALUES ('$date','$lab_id','$student_id','$group_id','$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4',"
+        . " VALUES ('$date',$lab_id,$student_id,$group_id,'$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4',"
        . "'Pending','$title','')";
    if ($con->query($sql) === TRUE) {
@ -595,9 +599,9 @@ if (!empty($_POST["frm_submitlab"])) {
 // JOIN COURSE
 if (!empty($_GET["JoinCourse"])) {
-    $id = mysqli_real_escape_string($con, $_GET["id"]);
+    $id = $_GET["id"];
-    $student_id = mysqli_real_escape_string($con, $_GET["std"]);
+    $student_id = $_GET["std"];
-    $joining = mysqli_real_escape_string($con, $_GET["joining"]);
+    $joining = $_GET["joining"];
    $status = "Pending";
    if ($joining == 0) {
@ -624,12 +628,12 @@ if (!empty($_GET["JoinCourse"])) {
 if (!empty($_GET["savemarks"])) {
-    $id = mysqli_real_escape_string($con, $_GET["id"]);
+    $id = $_GET["id"];
-    $marks = mysqli_real_escape_string($con, $_GET["marks"]);
+    $marks = $_GET["marks"];
-    $total = mysqli_real_escape_string($con, $_GET["total"]);
+    $total = $_GET["total"];
-    $feedback = mysqli_real_escape_string($con, $_GET["feedback"]);
+    $feedback = $_GET["feedback"];
-    $header = mysqli_real_escape_string($con, $_GET["header"]);
+    $header = $_GET["header"];
-    $labid = mysqli_real_escape_string($con, $_GET["labid"]);
+    $labid = $_GET["labid"];
    $status = "Marked";
    if ($marks > $total) {
@ -658,14 +662,14 @@ if (!empty($_GET["savemarks"])) {
 #Update Report Visibility  
 if (!empty($_GET["updatevisibility"])) {
-    $id = mysqli_real_escape_string($con, $_GET["id"]);
+    $id = $_GET["id"];
-    $marks = mysqli_real_escape_string($con, $_GET["marks"]);
+    $marks = $_GET["marks"];
-    $total = mysqli_real_escape_string($con, $_GET["total"]);
+    $total = $_GET["total"];
-    $status = mysqli_real_escape_string($con, $_GET["status"]);
+    $status = $_GET["status"];
-    $header = mysqli_real_escape_string($con, $_GET["header"]);
+    $header = $_GET["header"];
-    $labid = mysqli_real_escape_string($con, $_GET["labid"]);
+    $labid = $_GET["labid"];
-    $sql = "UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID='$id'
+    $sql = "UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID=$id
              ";
    if ($con->query($sql) === TRUE) {
@ -681,18 +685,18 @@ if (!empty($_GET["updatevisibility"])) {
 if (!empty($_GET["remarking"])) {
-    $id = htmlspecialchars(mysqli_real_escape_string($con, $_GET["id"]));
+    $id = $_GET["id"];
-    $url = htmlspecialchars(mysqli_real_escape_string($con, $_GET["url"]));
+    $url = $_GET["url"];
-    $status = htmlspecialchars(mysqli_real_escape_string($con, $_GET["status"]));
+    $status = $_GET["status"];
-    $details = htmlspecialchars(mysqli_real_escape_string($con, $_GET["details"]));
+    $details = $_GET["details"];
-    $sql = "UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID='$id'
+    $sql = "UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID=$id
              ";
    if ($con->query($sql) === TRUE) {
-        $_SESSION["info_general"] = "Remarking Request Sent";
+        $_SESSION["info_ReMarking"] = "Remarking Request Sent";
        header("Location: Course.php?url=" . $url);
    } else {
        echo "Error: " . $sql . "<br>" . $con->error;
@ -703,13 +707,13 @@ if (!empty($_GET["remarking"])) {
 if (!empty($_GET["creategroup"])) {
-    $student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
+    $student_id = $_GET["student_id"];
-    $url = mysqli_real_escape_string($con, $_GET["url"]);
+    $url = $_GET["url"];
-    $id = mysqli_real_escape_string($con, $_GET["id"]);
+    $id = $_GET["id"];
-    $name = mysqli_real_escape_string($con, $_GET["name"]);
+    $name = $_GET["name"];
    $sql = "INSERT INTO `course_groups_table`(`Group_Name`, 
-                  `Group_Leader`, `Course_id`) VALUES ('$name','$student_id','$id')";
+                  `Group_Leader`, `Course_id`) VALUES ('$name',$student_id,$id)";
    if ($con->query($sql) === TRUE) {
@ -719,9 +723,9 @@ if (!empty($_GET["creategroup"])) {
        }
        $sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`) 
-                          VALUES ('$gid','$student_id','Created')";
+                          VALUES ($gid,$student_id,'Created')";
        if ($con->query($sql) === TRUE) {
-            $_SESSION["info_general"] = "Course group Created";
+            $_SESSION["info_ReMarking"] = "Course group Created";
            header("Location: Course.php?url=" . $url);
        } else {
            echo "Error: " . $sql . "<br>" . $con->error;
@ -735,25 +739,18 @@ if (!empty($_GET["creategroup"])) {
 if (!empty($_GET["groupinvite"])) {
-    $student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
+    $student_id = $_GET["student_id"];
-    $url = mysqli_real_escape_string($con, $_GET["url"]);
+    $url = $_GET["url"];
-    $courseid = mysqli_real_escape_string($con, $_GET["courseid"]);
+    $courseid = $_GET["courseid"];
-    $groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
+    $groupid = $_GET["groupid"];
    $student = mysqli_query($con, "SELECT * FROM students_data WHERE Student_ID = '$student_id'  ");
    if (mysqli_num_rows($student) > 0) {
    $result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
    if (mysqli_num_rows($result) > 0) {
-            $_SESSION["info_general"] = $student_id . " has already been invited.";
+        $_SESSION["info_ReMarking"] = $student_id . " has already been invited";
        header("Location: Course.php?url=" . $url);
    } else {
        $sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
-                        VALUES ('$groupid','$student_id','Invited')";
+                      VALUES ($groupid,$student_id,'Invited')";
        }
    } else {
        $_SESSION["info_general"] = $student_id . " is an invalid student number.";
        header("Location: Course.php?url=" . $url);
    }
    if ($con->query($sql) === TRUE) {
@ -771,26 +768,26 @@ if (!empty($_GET["groupinvite"])) {
            if ($Group_Member == '0') {
                mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
-                $_SESSION["info_general"] = $student_id . " was invited to the group.";
+                $_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
                header("Location: Course.php?url=" . $url);
            } elseif ($Group_Member2 == '0') {
                mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member2` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
-                $_SESSION["info_general"] = $student_id . " was invited to the group.";
+                $_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
                header("Location: Course.php?url=" . $url);
            } elseif ($Group_Member3 == '0') {
                mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member3` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
-                $_SESSION["info_general"] = $student_id . " was invited to the group.";
+                $_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
                header("Location: Course.php?url=" . $url);
            } elseif ($Group_Member4 == '0') {
                mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member4` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
-                $_SESSION["info_general"] = $student_id . " was invited to the group.";
+                $_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
                header("Location: Course.php?url=" . $url);
            } else {
-                $_SESSION["info_general"] = " You cannot add any more members";
+                $_SESSION["info_ReMarking"] = " You cant add any more members";
                header("Location: Course.php?url=" . $url);
            }
        }
-        $_SESSION["info_general"] = $student_id . " was invited to the group.";
+        $_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
        header("Location: Course.php?url=" . $url);
    } else {
        echo "Error: " . $sql . "<br>" . $con->error;
@ -801,57 +798,21 @@ if (!empty($_GET["groupinvite"])) {
 if (!empty($_GET["acceptinvite"])) {
-    $student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
+    $student_id = $_GET["student_id"];
-    $url = mysqli_real_escape_string($con, $_GET["url"]);
+    $url = $_GET["url"];
-    $action = mysqli_real_escape_string($con, $_GET["action"]);
+    $action = $_GET["action"];
-    $groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
+    $groupid = $_GET["groupid"];
    if ($action == 1) {
-        $sql = "Update  `course_group_members_table` set Status='Joined' where  Course_Group_id ='$groupid' and student_id='$student_id' 
+        $sql = "Update  `course_group_members_table` set Status='Joined' where  Course_Group_id =$groupid and student_id=$student_id 
                         ";
    } else {
-        $sql = "Delete from  `course_group_members_table`  where  Course_Group_id ='$groupid' and student_id='$student_id' 
+        $sql = "Delete from  `course_group_members_table`  where  Course_Group_id =$groupid and student_id=$student_id 
                         ";
    }
    if ($con->query($sql) === TRUE) {
-        $_SESSION["info_general"] = " Group Invite Updated";
+        $_SESSION["info_ReMarking"] = " Group Invite Updated";
        header("Location: Course.php?url=" . $url);
    } else {
        echo "Error: " . $sql . "<br>" . $con->error;
    }
 }
 #Remove a member from group
 if (!empty($_GET["removemember"])) {
    $student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
    $group_id = mysqli_real_escape_string($con, $_GET["group_id"]);
    $url = mysqli_real_escape_string($con, $_GET["url"]);
    $sql = "Delete from  `course_group_members_table`  where  student_id=$student_id and Course_Group_id=$group_id";
    if ($con->query($sql) === TRUE) {
        $_SESSION["info_general"] = " Member " . $student_id . " removed from the group";
        header("Location: Course.php?url=" . $url);
    } else {
        echo "Error: " . $sql . "<br>" . $con->error;
    }
 }
 #Delete a whole group
 if (!empty($_GET["deletegroup"])) {
    $group_id = mysqli_real_escape_string($con, $_GET["group_id"]);
    $url = mysqli_real_escape_string($con, $_GET["url"]);
    $sql1 = "Delete from  `course_group_members_table`  where  Course_Group_id=$group_id";
    $sql2 = "Delete from `course_groups_table` where Course_Group_id=$group_id";
    if ($con->query($sql1) === TRUE && $con->query($sql2) === TRUE) {
        $_SESSION["info_general"] = " Group has been deleted successfully. ";
        header("Location: Course.php?url=" . $url);
    } else {
        echo "Error: " . $sql . "<br>" . $con->error;
@ -862,22 +823,22 @@ if (!empty($_GET["deletegroup"])) {
 if (!empty($_GET["extenddeadline"])) {
-    $id = mysqli_real_escape_string($con, $_GET["id"]);
+    $id = $_GET["id"];
-    $date = mysqli_real_escape_string($con, $_GET["date"]);
+    $date = $_GET["date"];
-    $time = mysqli_real_escape_string($con, $_GET["time"]);
+    $time = $_GET["time"];
-    $type = mysqli_real_escape_string($con, $_GET["type"]);
+    $type = $_GET["type"];
-    $stdid = mysqli_real_escape_string($con, $_GET["stdid"]);
+    $stdid = $_GET["stdid"];
-    $reason = mysqli_real_escape_string($con, $_GET["reason"]);
+    $reason = $_GET["reason"];
-    $url = mysqli_real_escape_string($con, $_GET["url"]);
+    $url = $_GET["url"];
    $deadline = $date . " " . $time;
    if ($type == 1) {
-        $sql = "UPDATE `lab_reports_table` SET  `Deadline`='$deadline'  WHERE Lab_Report_ID='$id'";
+        $sql = "UPDATE `lab_reports_table` SET  `Deadline`='$deadline'  WHERE Lab_Report_ID=$id";
    } else {
        $sql = "INSERT INTO `extended_deadlines_table`(`Student_ID`, "
            . "`Lab_Report_ID`, `Extended_Deadline_Date`,"
-            . " `ReasonsForExtension`) VALUES ('$stdid','$id','$deadline','$reason')";
+            . " `ReasonsForExtension`) VALUES ($stdid,$id,'$deadline','$reason')";
    }
    if ($con->query($sql) === TRUE) {
@ -893,13 +854,13 @@ if (!empty($_GET["extenddeadline"])) {
 if (!empty($_GET["ignoreremarking"])) {
-    $id = mysqli_real_escape_string($con, $_GET["id"]);
+    $id = $_GET["id"];
-    $total = mysqli_real_escape_string($con, $_GET["total"]);
+    $total = $_GET["total"];
-    $header = mysqli_real_escape_string($con, $_GET["header"]);
+    $header = $_GET["header"];
-    $subid = mysqli_real_escape_string($con, $_GET["subid"]);
+    $subid = $_GET["subid"];
-    $sql = "UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID='$subid'";
+    $sql = "UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID=$subid";
    if ($con->query($sql) === TRUE) {
@ -914,10 +875,10 @@ if (!empty($_GET["ignoreremarking"])) {
 if (!empty($_GET["assignTA"])) {
-    $id = mysqli_real_escape_string($con, $_GET["id"]);
+    $id = $_GET["id"];
-    $ta = mysqli_real_escape_string($con, $_GET["ta"]);
+    $ta = $_GET["ta"];
-    $sql = "INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ('$id','$ta')";
+    $sql = "INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ($id,$ta)";
    if ($con->query($sql) === TRUE) {
@ -932,13 +893,13 @@ if (!empty($_GET["assignTA"])) {
 if (!empty($_GET["AcceptStudent"])) {
-    $id = mysqli_real_escape_string($con, $_GET["id"]);
+    $id = $_GET["id"];
-    $rs = mysqli_real_escape_string($con, $_GET["rs"]);
+    $rs = $_GET["rs"];
    if ($rs == "yes") {
-        $sql = "Update  course_students_table set Status='Joined' Where ID='$id'";
+        $sql = "Update  course_students_table set Status='Joined' Where ID=$id";
    } else {
-        $sql = "Delete FROM  course_students_table Where ID='$id'";
+        $sql = "Delete FROM  course_students_table Where ID=$id";
    }
    if ($con->query($sql) === TRUE) {
@ -960,12 +921,12 @@ if (!empty($_GET["AcceptStudent"])) {
 if (!empty($_GET["action"])) {
    $action = $_GET["action"];
-    $uid = mysqli_real_escape_string($con, $_GET["uid"]);
+    $uid = $_GET["uid"];
-    $pass = mysqli_real_escape_string($con, $_GET["pass"]);
+    $pass = $_GET["pass"];
    $pass = password_hash($pass, PASSWORD_DEFAULT);
-    $status = mysqli_real_escape_string($con, $_GET["status"]);
+    $status = $_GET["status"];
    // validate uid
    if (intval($uid) < 0) {
@ -973,8 +934,8 @@ if (!empty($_GET["action"])) {
        return;
    }
-    if ($action == "passchange"  && $_SESSION['user_id'] == $uid) {
+    if ($action == "passchange") {
-        $sql = "UPDATE users_table set Password='$pass' where User_ID='$uid';";
+        $sql = "UPDATE users_table set Password='$pass' where User_ID=$uid;";
        if ($con->query($sql) === TRUE) {
            error_reporting(0);
            echo "Password has been changed";
@ -987,8 +948,8 @@ if (!empty($_GET["action"])) {
        }
    }
-    if ($action == "statuschange" && $_SESSION['user_id'] == $uid && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) {
+    if ($action == "statuschange") {
-        $sql = "UPDATE users_table set Status='$status' where User_ID='$uid';";
+        $sql = "UPDATE users_table set Status='$status' where User_ID=$uid;";
        if ($con->query($sql) === TRUE) {
            $_SESSION["info_Admin_Users"] = $type . " user  Status updated successfully ";
            header("Location: Admin.php");
@ -1048,8 +1009,8 @@ if (!empty($_POST["frm_createCourse"])) {
 if (!empty($_GET["exportgrade"])) {
-    $lab = mysqli_real_escape_string($con, $_GET["lab"]);
+    $lab = $_GET["lab"];
-    $lab_name = mysqli_real_escape_string($con, $_GET["lab_name"]);
+    $lab_name = $_GET["lab_name"];
    error_reporting(0);
@ -1061,7 +1022,7 @@ INNER JOIN lab_reports_table on lab_reports_table.Lab_Report_ID=lab_report_submi
 INNER JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
-WHERE lab_report_submissions.Lab_Report_ID='$lab'";
+WHERE lab_report_submissions.Lab_Report_ID=$lab";
    $export  = mysqli_query($con, $select);
@ -1091,7 +1052,7 @@ WHERE lab_report_submissions.Lab_Report_ID='$lab'";
    }
    header("Content-type: application/octet-stream");
-    header("Content-Disposition: attachment; filename=$lab_name Grade Sheet.xls");
+    header("Content-Disposition: attachment; filename=$lab_name Garde Sheet.xls");
    header("Pragma: no-cache");
    header("Expires: 0");
    print "$header\n$data";
--- a/Student.php
+++ b/Student.php
@ -9,7 +9,7 @@ include 'Header.php';
 <div class="row" style="width:80%;margin:auto;">
    <div class="col-md-6">
-        <h1> Student Account Created. Now you can Browse Course Portals </h1>
+        <h1> STUEDNT Account Created , Now you can Browse Course Portals </h1>
    </div>
 </div>
--- a/Submissions.php
+++ b/Submissions.php
@ -10,7 +10,7 @@ $group_id = $_SESSION["user_group_id"];
 $c_date = date("Y-m-d H:i");
 if (!empty($_GET["id"])) {
-    $id = mysqli_real_escape_string($con, $_GET["id"]);
+    $id = $_GET["id"];
    $course_id = $id;
 }
@ -183,7 +183,7 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
                            }
                            echo "   <k href='#'>   <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
-  $title  <br> by: <b> <span class = 'text-selectable'>$submitted_by </span> </b>
+  $title  <br> by: <b> $submitted_by </b>
   <br> <span style='font-size:8pt'>Submitted : $posted   <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'>  Mark Submission</button><br> Attachments : $full_link </span>  
 </div></k>";
                        }
@ -262,13 +262,8 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Marked'  Order by lab
                            if ($att4 != "") {
                                $full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
                            }
                            // you will notice why i used span here to wrap the $submitted_by variable
                            // because if we wrap with span , the css class text-selectable can be used only by the submittedBy variable
                            // if you want to use text-selectable class on whole div, just call the css class
                            echo "   <k href='#'>   <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
-  $title  <br> by : <b> <span class = 'text-selectable'>$submitted_by </span> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b>  &nbsp; Visibility : <b>$Visibility </b>  <button class='btn-sm btn-success' style='margin-left:50px;' onclick='updatev($Submission_ID)'>Update visibility</button> 
+  $title  <br> by : <b> $submitted_by  &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b>  &nbsp; Visibility : <b>$Visibility </b>  <button class='btn-sm btn-success' style='margin-left:50px;' onclick='updatev($Submission_ID)'>Update visibility</button> 
   <hr> Lecturer/TA notes : $notes<br> <span style='font-size:8pt'>Submitted : $posted        <b>  </b> <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'>  Re-Mark Submission</button><br> Attachments : $full_link </span>  
 </div></k>";
                        }
@ -347,7 +342,7 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
                                $full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
                            }
                            echo "   <k href='#'>   <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
-  $title  <br> by : <b> <span class = 'text-selectable'>$submitted_by </span>  &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> <br> Remarking Reason : <b>$remarking_reason </b>
+  $title  <br> by : <b> $submitted_by  &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> <br> Remarking Reason : <b>$remarking_reason </b>
   <hr> <span style='font-size:8pt'>Submitted : $posted        <b>  </b> "
                                . "<button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'>  Re-Mark Submission</button>"
                                . " &nbsp; &nbsp;&nbsp;&nbsp;<a href='~\..\Script.php?ignoreremarking=yes&id=$id&subid=$Submission_ID&header=$header&total=$total&status=Marked' class='btn-sm btn-warning'>  Ignore Request </a>"
--- a/SubmitLab.php
+++ b/SubmitLab.php
@ -9,22 +9,18 @@ include 'Header.php';
 <div class='row' style='width:80%;margin:auto;'>
    <?php
    $c_date =  date("Y-m-d H:i");
    $student_id = $_SESSION["user_student_id"];
-if(!empty($_GET["id"]))
+    if (!empty($_GET["id"])) {
-{
+        $id = $_GET["id"];
-    $id = mysqli_real_escape_string($con, $_GET["id"]);
+        $url = $_GET["url"];
    $url = mysqli_real_escape_string($con, $_GET["url"]);
        $result1 = mysqli_query($con, " SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id  and Deadline > '$c_date'  ORDER by Lab_Report_ID DESC");
-    if(mysqli_num_rows($result1) == 0)
+        if (mysqli_num_rows($result1) == 0) {
    {
            echo "No active assignments for this course so far.";
        } else {
            while ($row = mysqli_fetch_assoc($result1)) {
@ -48,14 +44,12 @@ if(!empty($_GET["id"]))
                        $_SESSION["Group_ID"] = $row['Course_Group_id'];
                    }
-                if($_SESSION["Group_ID"] < 1) 
+                    if ($_SESSION["Group_ID"] < 1) {
                {
                        echo " <center><h3> This Lab report can only be submitted by Group Admin  </h3> </center> ";
                        return;
                    }
                }
                $full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
                if ($att2 != "") {
@ -86,9 +80,6 @@ $Group_ID = $_SESSION["Group_ID"];
 </div>
 <div style="width:80%;margin:auto;">
    <h3> Submit Lab Report Assignment </h3>
@ -97,7 +88,6 @@ $Group_ID = $_SESSION["Group_ID"];
        <div class="col-md-6">
            <form method='post' enctype='multipart/form-data' action='Script.php'>
                <input type='hidden' name='frm_submitlab' value='true' required='' />
                <input type='hidden' name='lab_id' value='<?php echo $id; ?>' required='' />
--- a/batch_insert.php
+++ b/batch_insert.php
@ -19,7 +19,7 @@ if (!$conn) {
 }
 //获得用户名数据
-$source = mysqli_real_escape_string($conn,$_POST['users']);
+$source = $_POST['users'];
 //如有多个空格，删除剩一个空格
 $source1 = preg_replace('/\s\s+/', ' ', $source);
@ -31,12 +31,13 @@ $source2 = trim($source1);
 //根据空格拆分
 $user = explode(' ', $source2);
 //插入数据
 for($index=0; $index < count($user); $index++) {
    $result = mysqli_query($conn, "SELECT * FROM `students_data` WHERE Student_ID='$user[$index]'");    
    if (mysqli_num_rows($result) < 1) {
        if (! mysqli_query($conn, "REPLACE INTO `students_data`(`Student_ID`, `Passport_Number`) VALUES('$user[$index]', '')" ) ) {
-            echo "SQL Error: " . $sql_stmt . "<br>" .htmlspecialchars(mysqli_error($conn));
+            echo "SQL Error: " . $sql_stmt . "<br>" . mysqli_error($conn);
        } else {
            echo "<p>Student number $user[$index] added.</p>";
        }
--- a/css/Styles.css
+++ b/css/Styles.css
@ -0,0 +1,15 @@
 /* Sticky footer styles
 -------------------------------------------------- */
 html {
  position: relative;
  min-height: 100%;
 }
 body {
  margin-bottom: 100px; /* Margin bottom by footer height */
 }
 .footer {
  position: absolute;
  bottom: 0;
  width: 100%;
  height: 100px; /* Set the fixed height of the footer here */ 
 }
--- a/css/main.css
+++ b/css/main.css
@ -1,11 +0,0 @@
 /* this css class is used to enable copying in text with the mouse. */
 .text-selectable {
    -webkit-user-select: text;
    -moz-user-select: text;
    -ms-user-select: text;
    user-select: text;
    cursor:auto
   }
--- a/doc/UserDoc.md
+++ b/doc/UserDoc.md
@ -17,10 +17,5 @@ After that, issue the following commands in the mysql prompt.
 The first one uses a database called lrr in MySQL.  The second one deletes a record from `users_table` where the student number is 201131129138.
 Increasing session duration
 -------------------
-By default, the session duration in PHP is set to 1,440 seconds (24 minutes). However, this is not convenient in most software systems. Therefore, we may need to increase the duration to allow users to have more session time. To increase the session duration, we need to edit the variable *session.gc_maxlifetime* in **php.ini**. We can increase its default value to whatever we want (e.g., 7200).
+*Last modified on 1 June 2020 by Hui*
 On Ubuntu, the file is located at */etc/php/7.2/apache2/php.ini*. On XAMPP, the file is located at */xampp/php/php.ini*.
 *Last modified on 20 April 2022 by Umar*
--- a/index.php
+++ b/index.php
@ -10,42 +10,40 @@ if (isset($_SESSION["user_fullname"])) {
    header("Location: Courses.php");
 }
 ?>
 <div class="album py-5 bg-white">
        <div class="container bg-white">
-<br><br><br>
+          <div class="row align-items-center"> 
-<div class="row" style="width:85%;margin:auto;">
+            <div class="col-md-6">
-  <div class="col-md-4">
+              <div class="mb-6 box-shadow">
-    <br><br>
+                 <img class="mx-auto d-block" src="logo.png" />  
-    <img src="logo.png" style="width:40%; position:relative; right:-95px; top:1px;">
+                <div class="card-body">
-    <br><br>
+                  <h1 style="font-family: Poppins-Regular;">Lab Report Repository</h1>
    <div style="width:20%; position:relative; right:-90px; font-family: Poppins-Regular;">
    <h1>Lab Report Repository</h1>
    <br><br>
                </div>
              </div>
-    <br>
+            </div> 
-    <div style = "position:relative; left:240px; top:-2px;">
+
            <div class="col-md-6">
              <div class="card mb-6 box-shadow">
                    <div class="card-header bg-primary" >  
                        <h4 class="list-group-item active" style="font-weight:normal;font-family: Poppins-Regular;"> Sign in </h4>
-    <div class="list-group-item">
+                    </div> 
-
+                 <div class="card-body">
    <div class="panel-body">
                   <form  method="post" action="Script.php" name="frm_login">
                    <input type="hidden" name="frm_login" value="true"/>
-    Student ID / Instructor Email
+                    <p>Student ID / Instructor Email</p>
-    <input type="text" name="user" placeholder="Email / Student Number" class="form-control" required="required" id="user_name" />
+                    <input type="text" name="user" placeholder="Email / Student Number" class="form-control" required="required" />
                    <br>
-    Password
+                    <p>Password</p>
-    <input type="password" class="form-control"  name="password" placeholder="password" required="required" id="user_password" />
+                    <input type="password" class="form-control"  name="password" placeholder="Password" required="required" />
                    <div class="text-center">
-    <br><input type="submit" class="btn-primary" value="Login" id="login_btn">
+                        <br><input type="submit" class="btn btn-primary my-2 btn-lg btn-block" value="Login">
                    </div>
-    <br> <a href="recover_password.php" style="font-weight:normal;color:#2471A3; font-family: Poppins-Regular;
+                    <br> <a href="recover_password.php">Reset my password</a>
    font-size: 17px;">Reset my password</a>
                    <div class="text-center">
-    <br><span class="txt1">Don't have an account?</span>
+                        <br><span >Don't have an account?</span>
-         <a class="txt2" href="signup.php" style="font-weight:normal" id="signup_link">Sign Up</a>
+                        <a href="signup.php" >Sign Up</a> 
        </a>
                    </div> 
            <?php 
@ -71,58 +69,19 @@ if (isset($_SESSION["user_fullname"])) {
            }
            ?>
    </div>
                </form>
                </div>
              </div>
            </div> 
          </div>
-
+        </div>
      </div>
-
+<?php 
-<div id="footer">
+require 'Footer.php'; 
-    LRR was originally developed as a <a href="http://lanlab.org/course/2018f/se/homepage.html" style="color:white;">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi.  Please submit your suggestions or bug reports to  lanhui.  Last updated on 18/04/2020 by Ashly. <a href="./homepage" style="color:white;">More information ...</a>
+?>
    </div>
 </body>
 <style>
    /*------------------------------------------------------------------
 [ Login Button ]*/
 .btn-primary {
            color: white;
            border-radius: 5px;
            text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
            background: rgb(75, 184, 240);
            padding:5px 100px;
            font-family: Poppins-Regular;
            font-size: 23px;
            line-height: 1.5;
        }
 #footer{
 position:fixed;
 bottom:0;
 left:0;
 background-color:#03417C;
 color:#FFF;
 text-align:center;
 width:100%;
 }
 .txt1 {
  font-family: Poppins-Regular;
  font-size: 18px;
  line-height: 1.5;
  color: #666666;
 }
 .txt2 {
  font-family: Poppins-Regular;
  font-size: 19px;
  line-height: 1.5;
  color: #2471A3;
 }
 </style>
 </html>
--- a/js/CustomDropdown.js
+++ b/js/CustomDropdown.js
@ -0,0 +1,9 @@
 $(document).ready(function(e){
    $('.search-panel .dropdown-menu').find('a').click(function(e) {
 		e.preventDefault();
 		var param = $(this).attr("href").replace("#","");
 		var concept = $(this).text();
 		$('.search-panel span#search_concept').text(concept);
 		$('.input-group #search_param').val(param);
 	});
 });
--- a/logout.php
+++ b/logout.php
@ -1,11 +1,11 @@
 <?php
 // Start a new session
 session_start();
 // Destory sessions & redirect to index
 session_destroy();
 session_unset();
-
+// Start a new session
 session_start();
 // Generate a new session ID
 session_regenerate_id(true);
--- a/recover_password.php
+++ b/recover_password.php
@ -27,9 +27,9 @@ include 'Header.php';
      <div class="panel-body">
        <form method="post" action="Script.php">
        <input type="hidden" name="frm_recover_password" value="true"/>
-        Student number  <input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['student_number']); ?>">
+        Student number  <input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo $_SESSION['student_number']; ?>">
 	<br/>
-        Email  <input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['user_email']); ?>">
+        Email  <input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo $_SESSION['user_email']; ?>">
 	<br/>
        <input type="submit" class="btn-primary" value="Recover">
@ -38,7 +38,7 @@ include 'Header.php';
 <?php
 if(isset($_SESSION['info_recover_password'])) {
-  echo  '<hr><div class="alert alert-danger" role="alert">'.htmlspecialchars($_SESSION['info_recover_password']).'</div>';
+  echo  '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_recover_password'].'</div>';
  $_SESSION['info_recover_password']=null;
 }
--- a/signup.php
+++ b/signup.php
@ -6,40 +6,42 @@ include 'NoDirectPhpAcess.php';
 include 'Header.php';
 ?>
-<div class="row">
+<div class="album py-5 bg-white">
    <div class="container bg-white">
-    <div class="col-md-4 list-group" style="margin:auto;">
+    <div class="col-md-6 panel panel-primary" >
        <br>
        <h4 class="list-group-item active"> Please fill in each field below </h4>
        <div class="list-group-item">
-            <div class="panel-body">
+            <div class="panel panel-primary">
-                <form method="post" action="Script.php" id="signup_form">
+                <form method="post" action="Script.php">
-                    <input type="hidden" name="form_signup" value="true" />
+                    <input type="hidden" name="frm_signup_2" value="true" />
-                    Full Name
+                    <p>Full Name</p>
-                    <input type="text" name="fullname" placeholder="Your full name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>" required="required" id="full_name"/>
+                    <input type="text" name="fullname" placeholder="Your full name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>" required="required" />
-                    Student ID
+                    <p>Student ID</p>
-                    <input type="text" name="user_student_id" placeholder="Entre your student ID" class="form-control" value="<?php echo $_SESSION['user_student_id']; ?>" required="required" id="student_id">
+                    <input type="text" name="user_student_id" placeholder="Entre your student ID" class="form-control" value="<?php echo $_SESSION['user_student_id']; ?>" required="required">
-                    Email
+                    <p>Email</p>
-                    <input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" id="email" />
+                    <input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" />
-                    Password (<i>must include uppercase and lowercase letters, digits and special characters</i>)
+                    <p>Password (<i>must include uppercase and lowercase letters, digits and special characters</i>)</p>
-                    <input type="password" class="form-control" name="password" placeholder="Enter password" required="required" id="password1" />
+                    <input id="password" type="password" pattern="^(?=.*[A-Za-z])(?=.*\d)(?=.*[@$!%*#?&])[A-Za-z\d@$!%*#?&]{4,}$" title="Password must have at least characters that include lowercase letters, uppercase letters, numbers and sepcial characters (e.g., !?.,*^)." class="form-control" name="password" placeholder="Enter password" required="required"  onchange="if(this.checkValidity()) form.password_two.pattern = this.value;" />
-                    Confirm Password
+                    <p>Confirm Password</p>
-                    <input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password" required="required" id="password2" />
+                    <input id="password_two" type="password" pattern="^(?=.*[A-Za-z])(?=.*\d)(?=.*[@$!%*#?&])[A-Za-z\d@$!%*#?&]{4,}$" title="Password must have at least characters that include lowercase letters, uppercase letters, numbers and sepcial characters" class="form-control" name="confirmpassword" placeholder="Confirm password" required="required" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Please enter the same Password as above' : '');" />
                    <br>
-                    <input type="submit" class="btn-primary" value="Sign up" id="signup_btn">
+
                    <input type="submit" class="btn btn-primary" value="Sign up">
                    <?php
                    error_reporting(E_ALL);
-                    if (isset($_SESSION['info_signup'])) {
+                    if (isset($_SESSION['info_signup2'])) {
-                        echo  '<hr><div class="alert alert-danger" role="alert">' . $_SESSION['info_signup'] . '</div>';
+                        echo  '<hr><div class="alert alert-danger" role="alert">' . $_SESSION['info_signup2'] . '</div>';
-                        $_SESSION['info_signup'] = null;
+                        $_SESSION['info_signup2'] = null;
                    }
                    ?>
                </form>
@ -48,17 +50,5 @@ include 'Header.php';
        </div>
    </div>
 </div>
-<style>
+</div>
-    /*------------------------------------------------------------------
+
 [ Login Button ]*/
    .btn-primary {
        color: white;
        border-radius: 5px;
        text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
        background: rgb(75, 184, 240);
        padding: 5px 105px;
        font-family: Poppins-Regular;
        font-size: 23px;
        line-height: 1.5;
    }
 </style>
--- a/test/SeleniumIbrahim/test_kit/admin.py
+++ b/test/SeleniumIbrahim/test_kit/admin.py
@ -32,12 +32,12 @@ class Admin(Actor):
 			#Locate "Admin" tab.
 			wait = WebDriverWait(driver, 10)
-			admin = wait.until(EC.presence_of_element_located((By.ID, "admin_tab")))
+			admin = wait.until(EC.presence_of_element_located((By.XPATH, "/html/body/nav/div/form/a[1]")))
 			admin.click()
 			#Locate "Create Lecturer/TA account" form
 			wait2 = WebDriverWait(driver, 10)
-			new_account_form = wait2.until(EC.presence_of_element_located((By.ID, "create_account_form")))
+			new_account_form = wait2.until(EC.presence_of_element_located((By.ID, "frm_create_acc")))
 			#Fill in the form fields
 			name_field = new_account_form.find_element(By.XPATH, "//input[@name='fullname']")
@ -53,13 +53,13 @@ class Admin(Actor):
 			#If "Lecturer" is specified in type parameter, select Lecturer account type, else use default
 			if type == "Lecturer":
-				type_radio = new_account_form.find_element(By.ID, "role_lecturer")
+				type_radio = new_account_form.find_element(By.XPATH, "//input[@value='Lecturer']")
 			else:
-				type_radio = new_account_form.find_element(By.ID, "role_TA")
+				type_radio = new_account_form.find_element(By.XPATH, "//input[@value='TA']")
 			type_radio.click()
-			submit_btn = new_account_form.find_element(By.ID, "create_btn")
+			submit_btn = new_account_form.find_element(By.XPATH, "//input[@type='submit'][@value='Create']")
 			submit_btn.click()
 			return 0
@ -92,23 +92,23 @@ class Admin(Actor):
 			#Locate the "Admin" tab.
 			wait = WebDriverWait(driver, 10)
-			admin = wait.until(EC.presence_of_element_located((By.ID, "admin_tab")))
+			admin = wait.until(EC.presence_of_element_located((By.XPATH, "/html/body/nav/div/form/a[1]")))
 			admin.click()
 			#Navigate to "Batch create form"
 			wait2 = WebDriverWait(driver, 10)
-			batch_tab = wait2.until(EC.presence_of_element_located((By.ID, "batch_tab")))
+			batch_tab = wait2.until(EC.presence_of_element_located((By.XPATH, "/html/body/div[2]/div[1]/div/ul/li[2]/a")))
 			batch_tab.click()
 			#Fill in the form
 			wait3 = WebDriverWait(driver, 10)
-			batch_form = wait3.until(EC.presence_of_element_located((By.ID, "batch_form")))
+			batch_form = wait3.until(EC.presence_of_element_located((By.ID, "frm_batch_acc")))
 			text_area = batch_form.find_element(By.XPATH, "//textarea[@name='users']")
 			for i in range(len(lst)):
 				text_area.send_keys(lst[i]+" ")
-			submit_btn = batch_form.find_element(By.ID, "register_btn")
+			submit_btn = batch_form.find_element(By.XPATH, "//input[@type='submit'][@value='Create All']")
 			submit_btn.click()
 		except:
@ -139,22 +139,22 @@ class Admin(Actor):
 			#Locate the "Admin" tab.
 			wait = WebDriverWait(driver, 10)
-			admin = wait.until(EC.presence_of_element_located((By.ID, "admin_tab")))
+			admin = wait.until(EC.presence_of_element_located((By.XPATH, "/html/body/nav/div/form/a[1]")))
 			admin.click()
 			#Navigate to "Exisitin Accounts" table
 			wait2 = WebDriverWait(driver, 10)
-			exist_acc_tab = wait2.until(EC.presence_of_element_located((By.ID, "existing_accounts_tab")))
+			exist_acc_tab = wait2.until(EC.presence_of_element_located((By.XPATH, "/html/body/div[2]/div[1]/div/ul/li[3]/a")))
 			exist_acc_tab.click()		
 			#Alternate between block and activate
 			if op == "block":
 				#Locate first account and block it on existing account table
 				wait3 = WebDriverWait(driver, 10)
-				button = driver.find_element(By.ID, "block_account_1")
+				button = driver.find_element_by_id("block_acc_1")
 			elif op == "activate":
 				wait3 = WebDriverWait(driver, 10)
-				button = driver.find_element(By.ID, "activate_account_1")
+				button = driver.find_element_by_id("activate_acc_1")
 			driver.execute_script("arguments[0].click();", button)
@ -188,18 +188,18 @@ class Admin(Actor):
 			#Locate the "Admin" tab.
 			wait = WebDriverWait(driver, 10)
-			admin = wait.until(EC.presence_of_element_located((By.ID, "admin_tab")))
+			admin = wait.until(EC.presence_of_element_located((By.XPATH, "/html/body/nav/div/form/a[1]")))
 			admin.click()
 			#Navigate to "Existing Courses" table.
 			wait2 = WebDriverWait(driver, 10)
-			courses_table = wait2.until(EC.presence_of_element_located((By.ID, "existing_courses")))
+			courses_table = wait2.until(EC.presence_of_element_located((By.XPATH, "/html/body/div[2]/div[2]/div/ul/li[2]/a")))
 			courses_table.click()
 			#Assign TA to the first course in "Existing Courses" table
 			wait3 = WebDriverWait(driver, 10)
-			drop_menu_form = wait3.until(EC.presence_of_element_located((By.ID, "drop_menu_form_1")))
+			drop_menu_form = wait3.until(EC.presence_of_element_located((By.XPATH, "//*[@id='menub']/table/tbody/tr[2]/td[5]/form")))
-			assign_btn = drop_menu_form.find_element(By.ID, "assign_btn_1")
+			assign_btn = drop_menu_form.find_element(By.XPATH, "//input[@type='submit'][@value='assign']")
 			assign_btn.click()
 			return 0
--- a/test/SeleniumIbrahim/test_kit/instructor.py
+++ b/test/SeleniumIbrahim/test_kit/instructor.py
@ -60,25 +60,26 @@ class Instructor(Actor):
 			#wait until the lab submission form shows up
 			wait2 = WebDriverWait(driver, 10)
-			new_lab_assignment_form = wait2.until(EC.presence_of_element_located((By.ID, "newlab_form")))
+			new_lab_assignment_form = wait2.until(EC.presence_of_element_located((By.XPATH, "//form[@id='nlaf']")))
 			#Fill the required form fields and submit.
-			lab_date = new_lab_assignment_form.find_element(By.ID, "date")
+			lab_date = new_lab_assignment_form.find_element(By.XPATH, "//input[@id='date'][@name='deadlinedate']")
-			lab_date.send_keys(dateStr)
+			timeStr = self.utility.getTodayDate()
-			lab_title = new_lab_assignment_form.find_element(By.ID, "lab_title")
+			lab_date.send_keys(timeStr)
 			lab_title = new_lab_assignment_form.find_element(By.XPATH, "//form[@id='nlaf']/input[@id='ltitle']")
 			lab_title.send_keys("TESTASSIGNMENT"+str(dateStr))
-			lab_instructions = new_lab_assignment_form.find_element(By.ID, "lab_instructor")
+			lab_instructions = new_lab_assignment_form.find_element(By.XPATH, "//form[@id='nlaf']/textarea[@id='linstruct']")
 			lab_instructions.send_keys("TESTINSTRUCTIONS"+str(dateStr))
-			lab_marks = new_lab_assignment_form.find_element(By.ID, "lab_mark")
+			lab_marks = new_lab_assignment_form.find_element(By.XPATH, "//form[@id='nlaf']/input[@id='lmark']")
 			lab_marks.send_keys("4")
 			#if group == 0 select individual submission, if group == 1 select group submission
 			if group == 0:		
-				submission_type = new_lab_assignment_form.find_element(By.ID, "lab_individual")
+				submission_type = new_lab_assignment_form.find_element(By.XPATH, "//form[@id='nlaf']/input[@id='lindi']")
 			elif group == 1:
-				submission_type = new_lab_assignment_form.find_element(By.ID, "lab_group")
+				submission_type = new_lab_assignment_form.find_element(By.XPATH, "//form[@id='nlaf']/input[@id='lgrp']")
 			submission_type.click()
-			submit = new_lab_assignment_form.find_element(By.ID, "submit_btn")
+			submit = new_lab_assignment_form.find_element(By.XPATH, "//form[@id='nlaf']/input[@id='lbtn']")
 			submit.click()
 			return 0
 		except:
@ -114,25 +115,25 @@ class Instructor(Actor):
 			timeStr = self.utility.getTime()
 			#Fill the required form fields and submit
-			course_name = driver.find_element(By.ID, "course_name")
+			course_name = driver.find_element(By.ID, "cname")
 			course_name.send_keys("TESTCOURSE"+str(dateStr)+str(timeStr))
 			#This URL is needed to access the same created course via its link in post_lab_report() method.
 			global courseURL
 			courseURL = "TESTCOURSE"+str(dateStr)+str(timeStr)
-			course_code = driver.find_element(By.ID, "course_code")
+			course_code = driver.find_element(By.ID, "ccode")
 			course_code.send_keys("TC"+str(dateStr)+str(timeStr))
 			self.utility.storeCourseCode("TC"+str(dateStr)+str(timeStr))#Store course code to be used
-			academic_year = driver.find_element(By.ID, "academic_year")				#later by student.
+			academic_year = driver.find_element(By.ID, "ayear")				#later by student.
 			academic_year.send_keys("2021")
-			faculty = driver.find_element(By.ID, "faculty")
+			faculty = driver.find_element(By.ID, "fac")
 			faculty.send_keys("TESTING DEPARTMENT")
 			#If joining == 0 does not require join approval, if joining == 1 requires join approval
 			if joining == 0 :
-				joining_students = driver.find_element(By.ID, "join_no")
+				joining_students = driver.find_element(By.ID, "jno")
 			elif group == 1:
-				joining_students = driver.find_element(By.ID, "join_yes")
+				joining_students = driver.find_element(By.ID, "jyes")
 			joining_students.click()
 			submit = driver.find_element(By.ID, "portal_btn")
 			submit.click()
@ -164,12 +165,12 @@ class Instructor(Actor):
 			#Wait until the submission portal card appears
 			wait2 = WebDriverWait(driver, 10)
-			view = wait2.until(EC.presence_of_element_located((By.ID, "view_submissions_link_1")))
+			view = wait2.until(EC.presence_of_element_located((By.ID, "view_btn")))
 			view.click()
 			#Locate and click the 'Mark Submission' btn
 			wait3 = WebDriverWait(driver, 10)
-			mark_submission = wait3.until(EC.presence_of_element_located((By.ID, "mark_submission_btn_1")))
+			mark_submission = wait3.until(EC.presence_of_element_located((By.ID, "mark_btn")))
 			mark_submission.click()
 			#Fill and submit marking descision
@ -210,7 +211,7 @@ class Instructor(Actor):
 			#Wait until lab report assignment list appears.
 			wait = WebDriverWait(driver, 10)
-			extend_deadline = wait.until(EC.presence_of_element_located((By.ID, "extend_deadline_link")))
+			extend_deadline = wait.until(EC.presence_of_element_located((By.ID, "ext_btn")))
 			extend_deadline.click()
 			#Wait until the extend deadline popup window shows up.
@ -218,10 +219,10 @@ class Instructor(Actor):
 			extend_deadline_form = wait2.until(EC.presence_of_element_located((By.ID, "frm")))
 			#Insert the new deadline and submit for all.
-			new_date = extend_deadline_form.find_element(By.ID, "new_date")
+			new_date = extend_deadline_form.find_element(By.XPATH, "//form[@id='frm']/input[3]")
 			dateStr = self.utility.getTomorrowDate()
 			new_date.send_keys(str(dateStr))
-			target = extend_deadline_form.find_element(By.ID, "extend_for_all")
+			target = extend_deadline_form.find_element(By.XPATH, "//form[@id='frm']/input[5]")
 			target.click()
 			submit = extend_deadline_form.find_element(By.XPATH, "/html/body/div[3]/div[2]/div/button[1]")
 			submit.click()
--- a/test/SeleniumIbrahim/test_kit/student.py
+++ b/test/SeleniumIbrahim/test_kit/student.py
@ -55,10 +55,10 @@ class Student(Actor):
 			#Wait until the course is found, and join.
 			wait2 = WebDriverWait(driver, 10)
-			join_btn = wait2.until(EC.element_to_be_clickable((By.ID, "join_btn")))
+			course_card = wait.until(EC.element_to_be_clickable((By.LINK_TEXT, str("Join Course"))))
-			join_btn.click()
+			course_card.click()
-			#If joined course successfully, proceed.
+			#If the joined course successfully, proceed.
 			wait3 = WebDriverWait(driver, 10).until(EC.presence_of_element_located((By.XPATH, "/html/body/div[1]/div[1]/span")))
 			return 0
@ -89,19 +89,19 @@ class Student(Actor):
 			#Locate and click assignment submission button.
 			wait2 = WebDriverWait(driver, 10)
-			assignment_card = wait2.until(EC.element_to_be_clickable((By.ID, "submit_lab_report_btn")))
+			assignment_card = wait2.until(EC.element_to_be_clickable((By.LINK_TEXT, "Submit Lab Report")))
 			assignment_card.click()
 			#Locate the assignment submission form and fill in the required data.
 			wait3 = WebDriverWait(driver, 10)
-			assignment_form = wait3.until(EC.presence_of_element_located((By.ID, "submit_lab_report_form")))
+			assignment_form = wait3.until(EC.presence_of_element_located((By.ID, "sub_form")))
 			title = assignment_form.find_element(By.ID, "title")
 			dateStr = self.utility.getTodayDate()
 			timeStr = self.utility.getTime()
 			title.send_keys("TESTSUBMISSIOM"+dateStr+timeStr)
-			attachment = assignment_form.find_element(By.ID, "attachment1")
+			attachment = assignment_form.find_element(By.ID, "att_one")
 			attachment.send_keys(os.getcwd()+"/DUMMY_SUBMISSION.txt")
-			submit = driver.find_element(By.ID, "submit_lab_assignment_btn")
+			submit = driver.find_element(By.ID, "submit_btn")
 			submit.click()
 			return 0
@ -135,7 +135,7 @@ class Student(Actor):
 			wait2 = WebDriverWait(driver, 10)
 			marked_tab = wait2.until(EC.presence_of_element_located((By.ID, "marked_tab")))
 			marked_tab.click()
-			req_remark = driver.find_element(By.ID, "request_remarking_btn")
+			req_remark = driver.find_element(By.ID, "req_remark")
 			req_remark.click()
 			#Fill in the remarking form and submit.
@ -172,7 +172,7 @@ class Student(Actor):
 			#Locate the create course group button and click it.
 			wait2 = WebDriverWait(driver, 10)
-			create_group = wait2.until(EC.presence_of_element_located((By.ID, "create_group_btn")))
+			create_group = wait2.until(EC.presence_of_element_located((By.ID, "g_create_btn")))
 			create_group.click()
 			#Fill in the course group form and create.
@ -180,9 +180,9 @@ class Student(Actor):
 			group_form = wait3.until(EC.presence_of_element_located((By.ID, "frm")))
 			timeStr = self.utility.getTime()
 			dateStr = self.utility.getTodayDate()
-			group_name = group_form.find_element(By.ID, "group_name")
+			group_name = group_form.find_element(By.ID, "g_name")
 			group_name.send_keys("TESTGROUP"+str(dateStr)+str(timeStr))
-			create = driver.find_element(By.XPATH, "/html/body/div[7]/div[2]/div/button[1]")
+			create = group_form.find_element(By.XPATH, "//div[2]/div/button[1]")
 			create.click()
 			return 0
--- a/test/SeleniumIbrahim/test_kit/utility.py
+++ b/test/SeleniumIbrahim/test_kit/utility.py
@ -44,7 +44,6 @@ class MyUtility:
 		"""
 		try:
 			driver = webdriver.Chrome()
 			driver.maximize_window()
 			driver.get(self.getPageURL())
 			return driver
 		except:
@ -70,11 +69,11 @@ class MyUtility:
 		try:
 			driver = self.getSession()
 			WebDriverWait(driver, 10)
-			username = driver.find_element(By.ID, "user_name")
+			username = driver.find_element(By.ID, "uname")
 			username.send_keys(obj.getStudentID())
-			password = driver.find_element(By.ID, "user_password")
+			password = driver.find_element(By.ID, "upass")
 			password.send_keys(obj.getPassword())
-			login = driver.find_element(By.ID, "login_btn")
+			login = driver.find_element(By.ID, "log_btn")
 			login.click()
 			return driver
 		except:
@ -105,35 +104,26 @@ class MyUtility:
 			driver = self.getSession()
 			wait = WebDriverWait(driver, 10, ignored_exceptions='StaleElementReferenceException')
-			#Click the sign up button, and fill the sign up form
+			#Locate the signup form and fill in the student ID
-			signup_btn = wait.until(EC.presence_of_element_located((By.ID, "signup_link")))
+			signup_form = wait.until(EC.presence_of_element_located((By.ID, "signup_frm")))
-			signup_btn.click()
+			student_id = signup_form.find_element(By.ID, "std_id")
 			#Find and fill full student name
 			wait2 = WebDriverWait(driver, 10)
 			signup_form = wait2.until(EC.presence_of_element_located((By.ID, "signup_form")))
 			name_field = signup_form.find_element(By.ID, "full_name")
 			name_field.send_keys(name)
 			#Find and fill student ID
 			student_id = signup_form.find_element(By.ID, "student_id")
 			std_id = self.fetch_new_student_id()
 			student_id.send_keys(std_id)
 			next_btn = signup_form.find_element(By.ID, "next_btn")
 			next_btn.click()
-			#Find and fill email
+			#Fill in student data and sign up.
-			email_field = signup_form.find_element(By.ID, "email")
+			wait2 = WebDriverWait(driver, 10, ignored_exceptions='StaleElementReferenceException')
 			reg_form = wait2.until(EC.presence_of_element_located((By.ID, "frm")))
 			name_field = reg_form.find_element(By.XPATH, "//form/input[2]")
 			name_field.send_keys(name)
 			email_field = reg_form.find_element(By.XPATH, "//form/input[3]")
 			email_field.send_keys(email)
-			
+			password_field = reg_form.find_element(By.XPATH, "//form/input[4]")
 			#Find and fill password
 			password_field = signup_form.find_element(By.ID, "password1")
 			password_field.send_keys(password)
-			
+			re_password_field = reg_form.find_element(By.XPATH, "//form/input[5]")
 			#Find and fill password confirmation
 			re_password_field = signup_form.find_element(By.ID, "password2")
 			re_password_field.send_keys(password)
-			
+			submit = reg_form.find_element(By.XPATH, "//form/input[6]")
 			#Sign up new student
 			submit = signup_form.find_element(By.ID, "signup_btn")
 			submit.click()
 			return 0
@ -175,9 +165,8 @@ class MyUtility:
 		- date: formatted date string.
 		"""
-		date = datetime.datetime.today() + datetime.timedelta(days=1)
+		date = datetime.datetime.today().strftime ('%d%m%Y')
-		date_str = date.strftime ('%m%d%Y')
+		return date
 		return date_str
 	def getTomorrowDate(self):
@ -188,8 +177,8 @@ class MyUtility:
 		- date: formatted date string.
 		"""		
-		date = datetime.datetime.today() + datetime.timedelta(days=2)
+		date = datetime.datetime.today() + datetime.timedelta(days=1)
-		date_str = date.strftime('%m%d%Y')
+		date_str = date.strftime('%d%m%Y')
 		return date_str
 	def getYesterdayDate(self):
@ -202,7 +191,7 @@ class MyUtility:
 		"""
 		date = datetime.datetime.today() - datetime.timedelta(days=1)
-		date_str = date.strftime('%m%d%Y')
+		date_str = date.strftime('%d%m%Y')
 		return date_str
 	def storeCourseCode(self, course_code):
@ -313,12 +302,3 @@ class MyUtility:
 			ls.append(chr(random.randint(97,122)))
 		return ''.join(ls)
 	def clean(self, file):
 		"""This method clean the test scripts directory by resetting some
 		.txt files.
 		"""
 		#Clean 'course_code.txt' file
 		f = open(file, "w+")
 		f.close()
Author	SHA1	Message	Date
LAMASHEVSKYI DMYTRO	6acac2dbc7	Merge branch 'master' into Bug37-Dmytro	2021-12-01 09:22:55 +08:00
Dmytro Lamashevski	18a41dd1bb	Fixed merge commits Fixed merge commits Added password pattern: https://www.w3schools.com/howto/howto_js_password_validation.asp Validating to make password one and two similar: https://stackoverflow.com/questions/9142527/can-you-require-two-form-fields-to-match-with-html5 Fixed Button and HTML Tags for text in login and registration form	2021-12-01 00:03:37 +01:00
Lan Hui	036489041f	Remove all *.rej files.	2021-11-22 10:46:49 +08:00
Lan Hui	207d12a4a3	LAMASHEVSKYI DMYTRO's work on mobile phone UI adaption. Need more detail? Check the Kanban card at http://118.25.96.118/kanboard/?controller=TaskViewController&action=show&task_id=1483&project_id=170	2021-11-16 22:20:40 +08:00