mrlan
/
LRR
3
0
Fork 2
Code Issues Pull Requests 7 Projects Releases Wiki Activity

Compare commits

base: mrlan:master
Branches Tags
mrlan:Bug197-Zayid
mrlan:Hui-Organize
mrlan:Bug193-Martha
mrlan:Bug430-Eden
mrlan:Bug486-Nartey
mrlan:Nartey-Testscript
mrlan:Eden-Testscript
mrlan:BUG352-NEIL2
mrlan:Bug352-Neil-Revised
mrlan:Bug418-Yaaqob
mrlan:update-MPIANA-tests
mrlan:Bug418-YAAQOB-MPIANA
mrlan:Bug557-Ayoub
mrlan:BUG352-NEIL
mrlan:Bug430-Eden2
mrlan:nar
mrlan:master
mrlan:Hui-improve-README.md
mrlan:Bug469-Hui
mrlan:Bug519-Hui
mrlan:Refactor-Moyo
mrlan:Bug469-kingsley
mrlan:Bug457-YAAQOB
mrlan:Bug510-Abdulai
mrlan:Bug485-Abdulai
mrlan:Xuxuan
mrlan:Bug196-Ward
mrlan:Bug404-Edson
mrlan:niweicong-bug-458-revised
mrlan:Bug34-Lamashevskyi
mrlan:Bug418-Lamashevskyi
mrlan:Bug37-Dmytro
mrlan:Bug_461_Martha
mrlan:niweicong-bug-458&459
mrlan:SPM-Zayid-468
mrlan:Bug23-Haji
mrlan:bug23-Haaji
mrlan:SMP-ZAYID-468-FEATURE
mrlan:LiangLigang
mrlan:Bug256-Umar
mrlan:Bug246-Petros
mrlan:AutoTesting-Golden
mrlan:IDVerificationBug-Golden
mrlan:Bug200-Ward
mrlan:SeleniumIbrahim-Ibrahim
mrlan:SeleniumIbrahimUpdate-Ibrahim
mrlan:bug231-Ibrahim
mrlan:bug312-Golden
mrlan:Bug203-Hui
mrlan:Hui-UserDoc
mrlan:Hui-DeleteUnnecessaryImages
mrlan:ProjectHomePage
mrlan:Hui-Bug330
mrlan:Hui-CodeIndentation
mrlan:Hui-Bug29
mrlan:Hui-Bug337
mrlan:SIMPLICITY_link
mrlan:Hui-IndentCode
mrlan:Mabasa-bugfix-199
mrlan:Mabasa-readmefix
mrlan:Mvondo-bugfix-21
mrlan:Hui-LecturerEmail
mrlan:SIMPLICITY_Bug-189_Course_Delete_btn
mrlan:sunflower
..
compare: mrlan:Bug256-Umar
Branches Tags
mrlan:Bug197-Zayid
mrlan:Hui-Organize
mrlan:Bug193-Martha
mrlan:Bug430-Eden
mrlan:Bug486-Nartey
mrlan:Nartey-Testscript
mrlan:Eden-Testscript
mrlan:BUG352-NEIL2
mrlan:Bug352-Neil-Revised
mrlan:Bug418-Yaaqob
mrlan:update-MPIANA-tests
mrlan:Bug418-YAAQOB-MPIANA
mrlan:Bug557-Ayoub
mrlan:BUG352-NEIL
mrlan:Bug430-Eden2
mrlan:nar
mrlan:master
mrlan:Hui-improve-README.md
mrlan:Bug469-Hui
mrlan:Bug519-Hui
mrlan:Refactor-Moyo
mrlan:Bug469-kingsley
mrlan:Bug457-YAAQOB
mrlan:Bug510-Abdulai
mrlan:Bug485-Abdulai
mrlan:Xuxuan
mrlan:Bug196-Ward
mrlan:Bug404-Edson
mrlan:niweicong-bug-458-revised
mrlan:Bug34-Lamashevskyi
mrlan:Bug418-Lamashevskyi
mrlan:Bug37-Dmytro
mrlan:Bug_461_Martha
mrlan:niweicong-bug-458&459
mrlan:SPM-Zayid-468
mrlan:Bug23-Haji
mrlan:bug23-Haaji
mrlan:SMP-ZAYID-468-FEATURE
mrlan:LiangLigang
mrlan:Bug256-Umar
mrlan:Bug246-Petros
mrlan:AutoTesting-Golden
mrlan:IDVerificationBug-Golden
mrlan:Bug200-Ward
mrlan:SeleniumIbrahim-Ibrahim
mrlan:SeleniumIbrahimUpdate-Ibrahim
mrlan:bug231-Ibrahim
mrlan:bug312-Golden
mrlan:Bug203-Hui
mrlan:Hui-UserDoc
mrlan:Hui-DeleteUnnecessaryImages
mrlan:ProjectHomePage
mrlan:Hui-Bug330
mrlan:Hui-CodeIndentation
mrlan:Hui-Bug29
mrlan:Hui-Bug337
mrlan:SIMPLICITY_link
mrlan:Hui-IndentCode
mrlan:Mabasa-bugfix-199
mrlan:Mabasa-readmefix
mrlan:Mvondo-bugfix-21
mrlan:Hui-LecturerEmail
mrlan:SIMPLICITY_Bug-189_Course_Delete_btn
mrlan:sunflower

2 Commits
master ... Bug256-Uma

Author SHA1 Message Date
HAYATU UMAR FARUQ faa7b7314e Updated UserDoc.md to add a section for increasing session duration 2022-04-20 16:31:14 +08:00
HAYATU UMAR FARUQ ae6677d142 Updated UserDoc.md to include information about increasing the session duration 2022-04-06 07:59:30 +01:00
18 changed files with 1265 additions and 1658 deletions
Show Stats Expand all files Collapse all files

1
.htaccess
View File

@ -1 +0,0 @@
allow from all

74
Admin.php
View File

@ -7,15 +7,14 @@ $page = "admin";
include 'Header.php';
?>
<?php
// Only Lecturer or Admin could access this page
if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
die("Sorry. Nothing to see here.");
if ($_SESSION['user_type'] != "Lecturer") {
$_SESSION["info_login"] = "You must log in first.";
echo $_SESSION["info_login"];
header("Location: index.php");
}
?>
<style>
.col-md-4 {
border-right: 1px solid skyblue;
@ -37,21 +36,10 @@ if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
<hr>
-->
<div class="col-md-6">
<h4> User Account Management </h4>
<hr>
<?php
if ($_SESSION['user_type'] == "Lecturer") {
echo " <h4> TA Account Management </h4>
<hr> " ;
echo "<b>TA Accounts </b><br>" ;
}
else if($_SESSION['user_type'] == "Admin"){
echo " <h4> Lecturer Account Management </h4>
<hr> ";
echo "<b>Lecturer Accounts </b><br>";
}
?>
<b>Lecturer / TA Accounts </b><br>
<div class="container">
@ -77,45 +65,20 @@ if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
<div id="home" class="container tab-pane active"><br>
<?php
if ($_SESSION['user_type'] == "Lecturer") {
echo "<b>Create TA Accounts </b>";
}
else if($_SESSION['user_type'] == "Admin"){
echo "<b>Create Lecturer Accounts </b>";
}
?>
<b>Create Lecturer/TA Accounts </b>
<form method="post" action="Script.php" id="create_account_form">
<input type="hidden" name="frm_createlecturrer" value="true" required="" />
Full Name
Full_Name
<input type="text" name="fullname" placeholder="Full Name" class="form-control" required="">
Email
<input type="text" name="email" placeholder="Email / Student Number" class="form-control" required="">
Passport Number / ID (Used as Initial Password)
Passport_Number / ID (Used as Intial Password)
<input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required="">
<br> User Type :
<?php
if ($_SESSION['user_type'] == "Lecturer") {
echo ' <input type="radio" name="type" value="TA" required="" id="role_TA"> TA (Teaching Assistant) ';
}
else if($_SESSION['user_type'] == "Admin"){
echo " <input type='radio' name = 'type' value = 'Lecturer' required = '' id='role_lecturer' > Lecturer ";
}
?>
<input type="radio" name="type" value="Lecturer" required="" id="role_lecturer"> Lecturer
<input type="radio" name="type" value="TA" required="" id="role_TA"> T/A
<input type="submit" class="btn btn-primary" value="Create" id="create_btn"><br>
<?php
error_reporting(E_ALL);
@ -149,21 +112,10 @@ if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
</tr>
<?php
if ($_SESSION['user_type'] == "Lecturer") {
$result = mysqli_query(
$con,
"SELECT * FROM Users_Table WHERE UserType in ('TA')"
"SELECT * FROM Users_Table WHERE UserType in ('Lecturer','TA')"
);
}
else if($_SESSION['user_type'] == "Admin"){
$result = mysqli_query(
$con,
"SELECT * FROM Users_Table WHERE UserType in ('Lecturer')"
);
}
while ($row = mysqli_fetch_assoc($result)) {
$pass = $row['Passport_Number'];
$btn = "<button class='btn-primary' onclick=\"updatePass(" . $row['User_ID'] . ",'$pass')\">Reset</button>";

387
Course.php
View File

@ -2,7 +2,6 @@
include 'NoDirectPhpAcess.php';
?>
<?php
$page = 'Courses+';
include 'Header.php';
@ -10,10 +9,8 @@ $student_id = $_SESSION["user_student_id"];
$group_id = $_SESSION["user_group_id"];
$c_date = date("Y-m-d H:i");
if(!empty($_GET["url"]))
{
$course_url = mysqli_real_escape_string($con, $_GET["url"]);
if (!empty($_GET["url"])) {
$course_url = $_GET["url"];
$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
. " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` "
. " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table"
@ -22,7 +19,6 @@ if(!empty($_GET["url"]))
if (mysqli_num_rows($result) == 0) {
echo "No course matching the given course URL: " . $course_url;
} else {
while ($row = mysqli_fetch_assoc($result)) {
$name = $row['Course_Name'];
@ -57,9 +53,9 @@ if(!empty($_GET["url"]))
<?php
if (isset($_SESSION['info_general'])) {
echo '<hr><div class="alert alert-info" role="alert" style="float:left;">' . $_SESSION['info_general'] . '</div>';
$_SESSION['info_general']=null;
if (isset($_SESSION['info_ReMarking'])) {
echo '<hr><div class="alert alert-info" role="alert" style="float:left;">' . $_SESSION['info_ReMarking'] . '</div>';
$_SESSION['info_ReMarking'] = null;
}
if (isset($_SESSION['info_courses'])) {
@ -70,12 +66,9 @@ if (isset($_SESSION['info_courses'])) {
</div>
<?php
if( $_SESSION['user_type'] == "Student")
{
if ($_SESSION['user_type'] == "Student") {
?>
<hr>
@ -97,7 +90,88 @@ if( $_SESSION['user_type'] == "Student")
<a class="nav-link" data-toggle="tab" href="#menu3">Submitted</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu4">Marked</a>
<a class="nav-link" data-toggle="tab" href="#menu4" id="marked_tab">Marked</a>
</li>
<!----------Delete Course Button----------->
<li>
<html>
<body>
<div class="modal fade" id="delcourse">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h2 class="modal-title">Please confirm!</h2>
<button type="button" class="close red" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<div class="modal-body">
<p>Are you sure about deleting this course? This action can not be reversed!</p>
</div>
<div class="modal-footer">
<form method="POST" action="">
<button type="button" class="btn action-button blue" data-dismiss="modal">Cancel</button>
<input type="submit" name="submit" class="btn action-button red" value="Delete" />
</form>
</div>
</div>
</div>
</div>
</div>
<div class="row">
<div class="col">
<button type="button" class="btn action-button red" data-toggle="modal" data-target="#delcourse">Delete Course</button>
</div>
</div>
</div>
</div>
<?php
// Connect to MySQL database
$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
if (isset($_POST['submit'])) {
header("Location: Courses.php");
$result = mysqli_query($con, "DELETE FROM course_students_table WHERE Course_ID='$course_id'");
}
?>
<script src="https://code.jquery.com/jquery-3.2.1.slim.min.js" integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>
<style>
/*--------------------[ Delete Course Button ]*/
.action-button {
font-family: 'Pacifico', cursive;
font-size: 18px;
color: #FFF;
text-decoration: none;
}
.red {
background-color: #E74C3C;
border-bottom: 5px solid #BD3E31;
text-shadow: 0px -2px #BD3E31;
}
.blue {
background-color: #4d4dff;
border-bottom: 5px solid #4d4dff;
text-shadow: 0px -2px #4d4dff;
}
</style>
</body>
</html>
</li>
</ul>
@ -110,15 +184,13 @@ if( $_SESSION['user_type'] == "Student")
$sql = "SELECT course_group_members_table.Course_Group_id FROM course_group_members_table INNER JOIN course_groups_table ON course_group_members_table.Course_Group_id = course_groups_table.Course_Group_id WHERE course_group_members_table.Student_ID=$student_id and course_groups_table.Course_id=$course_id";
$resultx1 = mysqli_query($con, $sql);
while($row = mysqli_fetch_assoc($resultx1))
{
while ($row = mysqli_fetch_assoc($resultx1)) {
$_SESSION['group_id'] = $row['Course_Group_id'];
}
$group_id = $_SESSION['group_id'];
if($group_id == "")
{
if ($group_id == "") {
$group_id = 0; // no group. If the student has a group, the group number should be greater than 0.
}
@ -127,17 +199,16 @@ if( $_SESSION['user_type'] == "Student")
// (3) none of the student's group members have already submitted
// the assignment.
$sql_stmt = "SELECT Type, Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`".
$var = "SELECT Type, Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`" .
" FROM `lab_reports_table`" .
" WHERE Course_ID=$course_id" .
" AND (Deadline > '$c_date' OR Lab_Report_ID IN (SELECT `Lab_Report_ID` FROM `extended_deadlines_table` WHERE Student_ID=$student_id AND Extended_Deadline_Date > '$c_date' AND Lab_Report_ID IN (SELECT Lab_Report_ID FROM lab_reports_table WHERE Course_ID=$course_id)))" .
" AND Lab_Report_ID NOT IN (SELECT Lab_Report_ID FROM lab_report_submissions WHERE Course_Group_id IN (SELECT Course_Group_id FROM course_group_members_table WHERE Student_ID=$student_id))" .
" ORDER BY Lab_Report_ID DESC";
$result1 = mysqli_query($con, $sql_stmt);
$result1 = mysqli_query($con, $var);
if(mysqli_num_rows($result1)==0)
{
if (mysqli_num_rows($result1) == 0) {
echo "No active assignments for this course so far.";
} else {
@ -168,23 +239,22 @@ if( $_SESSION['user_type'] == "Student")
}
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title ($type) <br> <span style='font-size:8pt'> $ins</span>
<br> <span style='font-size:8pt'>Posted : $posted &nbsp;&nbsp;&nbsp;&nbsp; Deadline : $deadline &nbsp;&nbsp;&nbsp;&nbsp;($Marks Marks) &nbsp; &nbsp;&nbsp;&nbsp; &nbsp;<a href='~\..\SubmitLab.php?id=$labid&url=$url' class='btn-sm btn-info' style='margin-left:50px;'> Submit Lab Report</a><br> Attachments : $full_link </span>
<br> <span style='font-size:8pt'>Posted : $posted &nbsp;&nbsp;&nbsp;&nbsp; Deadline : $deadline &nbsp;&nbsp;&nbsp;&nbsp;($Marks Marks) &nbsp; &nbsp;&nbsp;&nbsp; &nbsp;<a href='~\..\SubmitLab.php?id=$labid&url=$url' class='btn-sm btn-info' style='margin-left:50px;' id='submit_lab_report_btn'> Submit Lab Report</a><br> Attachments : $full_link </span>
</div></k>";
}}
}
}
echo "";
?>
</div>
<div id="menu2" class="container tab-pane"><br>
<?php
$group_id = $_SESSION['group_id'];
if($group_id == ""){$group_id = -1;} // Individual assignment does not require the student to have a group id. Therefore, the group is an empty string. To make the following SQL statement work properly, initialize the group id to -1.
if ($group_id == "") {
$group_id = -1;
} // Individual assignment does not require the student to have a group id. Therefore, the group is an empty string. To make the following SQL statement work properly, initialize the group id to -1.
$result = mysqli_query($con, "SELECT Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
FROM `lab_reports_table`
WHERE
@ -197,12 +267,8 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
. ""
. "ORDER by Lab_Report_ID DESC");
if(mysqli_num_rows($result)==0)
{
if (mysqli_num_rows($result) == 0) {
echo "You missed no lab reports in this course.";
} else {
while ($row = mysqli_fetch_assoc($result)) {
$title = $row['Title'];
@ -216,9 +282,6 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
$att4 = $row['Attachment_link_4'];
$id = $row['Lab_Report_ID'];
$full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
if ($att2 != "") {
@ -230,28 +293,25 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
if ($att4 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
}
;
};
echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'><span class='btn-sm btn-warning' style='margin-left:0px;'>MISSED</span> $title ($marks Marks) <br> <span style='font-size:8pt'> $ins</span>
<br> <span style='font-size:8pt'>Posted: $posted<br> Deadline: $deadline &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;<br> Attachments : $full_link </span>
</div>";
}}
}
}
echo "";
?>
</div>
<div id="menu3" class="container tab-pane"><br>
<?php
$group_id = $_SESSION['group_id'];
if($group_id==""){$group_id=-1;} // This fixes "Submitted report not shown" http://118.25.96.118/bugzilla/show_bug.cgi?id=176
if ($group_id == "") {
$group_id = -1;
} // This fixes "Submitted report not shown" http://118.25.96.118/bugzilla/show_bug.cgi?id=176
$sql_stmt = "SELECT Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
FROM `lab_reports_table`
@ -260,11 +320,8 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
$resultx = mysqli_query($con, $sql_stmt);
if(mysqli_num_rows($resultx)==0)
{
if (mysqli_num_rows($resultx) == 0) {
echo "You have no lab report submissions in this course.";
} else {
while ($row = mysqli_fetch_assoc($resultx)) {
$lab_repo_id = $row['Lab_Report_ID'];
@ -278,8 +335,7 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
$att3 = $row['Attachment_link_3'];
$att4 = $row['Attachment_link_4'];
$id = $row['Lab_Report_ID'];
if( $c_date < $deadline)
{
if ($c_date < $deadline) {
$submittedx = "<a href='~\..\SubmitLab.php?id=$id&url=$url' class='btn-sm btn-default'><i class='fa fa-check-circle'></i> Re-Submit </a>";
}
@ -301,7 +357,6 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
<br> <span style='font-size:8pt'>Posted : $posted Deadline : $deadline ($marks Marks) &nbsp; &nbsp; $submittedx&nbsp; <span class='btn-sm btn-success' style='margin-left:50px;'><i class='fa fa-Edit-circle'></i> Submitted </span>
<br> Submitted files: ";
$Sub_result = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
@ -311,10 +366,8 @@ Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$student_id')");
if(mysqli_num_rows($Sub_result) == 0)
{
if (mysqli_num_rows($Sub_result) == 0) {
echo "No Attachments found.";
} else {
while ($row = mysqli_fetch_assoc($Sub_result)) {
$at1 = $row['Attachment1'];
@ -341,32 +394,21 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
}
echo $full_link;
}
}
echo "</span></div></k>";
}}
}
}
echo "";
?>
</div>
<?php
$sqli = mysqli_query($con, "SELECT * from course_groups_table WHERE Course_Group_id=$group_id and Course_id=$course_id");
while($row = mysqli_fetch_assoc($sqli))
{ $Group_Leader=$row['Group_Leader'];
while ($row = mysqli_fetch_assoc($sqli)) {
$Group_Leader = $row['Group_Leader'];
$Group_Member = $row['Group_Member'];
$Group_Member2 = $row['Group_Member2'];
$Group_Member3 = $row['Group_Member3'];
@ -374,8 +416,6 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
}
?>
<div id="menu4" class="container tab-pane"><br>
<?php
$resultx = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_reports_table.`Lab_Report_ID`, `Student_id`, "
@ -396,14 +436,10 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
. " lab_reports_table.Lab_Report_ID in (select Lab_Report_ID from lab_report_submissions"
. " where (Status='Marked' or Status='Remarking') and (Student_id=$student_id or Course_Group_id=$group_id) and Course_ID=$course_id) ORDER by Submission_ID DESC");
if(mysqli_num_rows($resultx)==0)
{
if (mysqli_num_rows($resultx) == 0) {
echo "You have no marked submissions in this course";
} else { while($row = mysqli_fetch_assoc($resultx)) {
} else {
while ($row = mysqli_fetch_assoc($resultx)) {
$title = $row['Lab_Title'];
$marks = $row['Marks'];
$Originalmarks = $row['Original_marks'];
@ -419,23 +455,17 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
$notes = $row['Notes'];
$status = $row['Status'];
$remarking_reason = $row['Remarking_Reason'];
if($status=='Marked')
{
if ($status == 'Marked') {
$rm_data = "\Script.php?remarking=yes&id=$Submission_ID&url=$url&status=Remarking";
$remarking="<button onclick='remarking(\"$rm_data\")' class='btn-sm btn-success'> Request Remarking </button>";
$remarking = "<button onclick='remarking(\"$rm_data\")' class='btn-sm btn-success' id='request_remarking_btn'> Request Remarking </button>";
}
if($status=='Remarking')
{
if ($status == 'Remarking') {
$remarking = "<span style='color:orange'><i class='fa fa-info-circle'></i> Remarking Request sent </span> <br> Remarking Reason:<i>$remarking_reason </i> <br>";
}
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <b> ($marks Marks out of $Originalmarks)</b><br><small> Lecturer Feedback : $notes </small> &nbsp; $remarking <br> Submission files :";
$Sub_result = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
@ -445,11 +475,10 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Student_id='$student_id'");
if(mysqli_num_rows($Sub_result)==0)
{
if (mysqli_num_rows($Sub_result) == 0) {
echo "No Attachments found.";
} else { while($row = mysqli_fetch_assoc($Sub_result)) {
} else {
while ($row = mysqli_fetch_assoc($Sub_result)) {
$at1 = $row['Attachment1'];
$at2 = $row['Attachment2'];
$at3 = $row['Attachment3'];
@ -469,21 +498,13 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
}
echo $full_link;
}
}
}}
}
}
echo "</div></k>";
?>
</div>
</div>
@ -495,15 +516,14 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
<?php
$resultx1 = mysqli_query($con, "SELECT `Course_Group_id` FROM `course_groups_table` WHERE Course_id=$course_id");
while($row = mysqli_fetch_assoc($resultx1)) {$count_groups=$row['Course_Group_id'];}
while ($row = mysqli_fetch_assoc($resultx1)) {
$count_groups = $row['Course_Group_id'];
}
echo " <button onclick='CreateGroup()' class='btn btn-primary'> Create Group</button>";
echo " <button onclick='CreateGroup()' class='btn btn-primary' id='create_group_btn'> Create Group</button>";
?>
<hr>
<?php
@ -512,99 +532,59 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
FROM `course_group_members_table` INNER JOIN course_groups_table on
course_groups_table.Course_Group_id=course_group_members_table.Course_Group_id WHERE Student_id=$student_id and course_groups_table.Course_id=$course_id");
if(mysqli_num_rows($result)==0)
{
if (mysqli_num_rows($result) == 0) {
echo "You have no Group in this Course";
} else { while($row = mysqli_fetch_assoc($result)) {
} else {
while ($row = mysqli_fetch_assoc($result)) {
$name = $row['Group_Name'];
$id = $row['Course_Group_id'];
$status = $row['Status'];
$extra = " - <a href='#' class='' onclick='invite($id)'> Invite Others</a></small>";
if($status=="Invited")
{
if ($status == "Invited") {
$extra2 = " <a href='#' class='' onclick='accept($id,1)'>Accept</a></small>";
$extra3 = " <a href='#' class='' onclick='accept($id,0)'>Decline</a></small>";
}
# Add "delete group" button and allow only group creator to delete it
$extra4 = "<button onclick='delete_group($id)' class='btn btn-danger' style='height: 25px; width: 90px;
line-height: 10px; font-size: 10px'>DELETE GROUP</button>";
echo "<div class='btn-default'><small> $name ($status) $extra $extra2 $extra3" .
(($status == "Created")? "$extra4": "")
."</small></div>";
echo "<div class='btn-default'><small> $name ($status) $extra $extra2 $extra3</small></div>";
$rs2 = mysqli_query($con, "SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID,
course_group_members_table.`Status`,users_table.Full_Name FROM `course_group_members_table`
INNER JOIN users_table on users_table.Student_ID=course_group_members_table.Student_ID
where course_group_members_table.Course_Group_id=$id");
#Check whether the current user in session is the creator of the group
$rs3 = mysqli_query($con, "SELECT `Status` from course_group_members_table where Student_ID = $student_id");
$flag = mysqli_fetch_assoc($rs3)['Status'] == "Created";
while ($row = mysqli_fetch_assoc($rs2)) {
$name = $row['Full_Name'];
$id = $row['Course_Group_id'];
$status = $row['Status'];
$Student_ID = $row['Student_ID'];
#Show group members + remove button next to each member except the creator of the group
if($flag){
echo "<li><small> $name-$Student_ID ($status)</small>".(($status != "Created")?"<button onclick='remove_member($Student_ID, $id)'
class='btn btn-danger' style='height: 25px; width: 80px; line-height: 10px;'>remove</button>":"")."</li>";
}else{
echo "<li><small> $name-$Student_ID ($status)</small>";
echo "<li><small> $name-$Student_ID ($status)</small></li>";
}
}
}
}
?>
</div>
</div>
<?php
}
include 'Footer.php';
?>
<script src="./css/jquery-1.11.1.min.js"></script>
<script src="./css/jquery-ui.min.js"></script>
<link rel="stylesheet" href="./css/jquery-ui.css" />
<script>
function CreateGroup() {
try
{
try {
$('<form id="frm" method="get" action="Script.php"><input type="hidden" name="creategroup" value="true">\n\
<input type="hidden" name="student_id" value="<?php echo $student_id; ?>" > Group Name <input type="text" name="name">\n\
<input type="hidden" name="student_id" value="<?php echo $student_id; ?>" > Group Name <input type="text" name="name" id="group_name">\n\
<input type="hidden" name="url" value="<?php echo $url; ?>"> <input type="hidden" name="id" value="<?php echo $course_id; ?>"> </form>').dialog({
modal: true,
title: 'Create Group',
@ -622,18 +602,14 @@ function CreateGroup() {
}
});
} catch(e){ alert(e); }
} catch (e) {
alert(e);
}
}
function invite(id) {
try
{
try {
$('<form id="frm" method="get" action="Script.php"><input type="hidden" name="groupinvite" value="true">\n\
<input type="hidden" name="groupid" value="' + id + '" > Enter Student_ID to Invite <input type="text" name="student_id">\n\
@ -654,21 +630,14 @@ function invite(id) {
}
});
} catch(e){ alert(e); }
} catch (e) {
alert(e);
}
}
function accept(id, val) {
try
{
try {
$('<form id="frm" method="get" action="Script.php"><input type="hidden" name="acceptinvite" value="true">\n\
<input type="hidden" name="groupid" value="' + id + '" > \n\ <input type="hidden" name="action" value="' + val + '" > \n\
@ -691,75 +660,15 @@ function accept(id,val) {
}
});
} catch(e){ alert(e); }
} catch (e) {
alert(e);
}
}
function remarking(data)
{
function remarking(data) {
var details = prompt("Please enter your remarking reasons", "");
window.location.href = data + "&details=" + details;
}
function remove_member(student_id, group_id) {
try
{
$('<form id="frm" method="get" action="Script.php"><input type="hidden" name="removemember" value="true">\n\
<input type="hidden" name="student_id" value="'+student_id+'" > \n\
<input type="hidden" name="group_id" value="'+group_id+'">\n\
<input type="hidden" name="url" value="<?php echo $url; ?>"></form>').dialog({
modal: true,
title:'Remove '+student_id+'?',
buttons: {
'Confirm': function () {
$('#frm').submit();
$(this).dialog('close');
},
'X': function () {
$(this).dialog('close');
}
}
});
} catch(e){ alert(e); }
}
function delete_group(id) {
try
{
$('<form id="frm" method="get" action="Script.php"><input type="hidden" name="deletegroup" value="true">\n\
<input type="hidden" name="group_id" value="'+id+'" > \n\
<input type="hidden" name="url" value="<?php echo $url; ?>"></form>').dialog({
modal: true,
title:'Delete this group?',
buttons: {
'Confirm': function () {
$('#frm').submit();
$(this).dialog('close');
},
'X': function () {
$(this).dialog('close');
}
}
});
} catch(e){ alert(e); }
}
</script>

356
Courses.php
View File

@ -2,49 +2,37 @@
include 'NoDirectPhpAcess.php';
?>
<?php
$page = 'Courses';
include 'Header.php';
$user_d = $_SESSION['user_id'];
if( $_SESSION['user_type']=="Lecturer" || $_SESSION['user_type']=="TA")
{
if ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA") {
?>
<!-- FOR LECTURER-->
<div class="row" style="width:80%;margin:auto; text-align:left;">
<script src="./css/jquery-1.11.1.min.js"></script>
<script src="./css/jquery-ui.min.js"></script>
<link rel="stylesheet" href="./css/jquery-ui.css" />
<script>
function extend_deadline(id) {
var dropstudents = $("#dropstudents").html();
try
{
try {
$('<form id="frm" method="get" action="Script.php">\n\
<input type="hidden" name="extenddeadline" value="true" >\n\
<input type="hidden" name="id" value="' + id + '" > \n\
New Date/Time <br><input type="date" name="date" required=""> <input type="time" name="time" required=""> \n\
New Date/Time <br><input type="date" name="date" required="" id="new_date"> <input type="time" name="time" required=""> \n\
\n\
<br><input type="radio" value="1" name="type" required=""> Extend for All<hr> \n\
<br><input type="radio" value="1" name="type" required="" id="extend_for_all"> Extend for All<hr> \n\
<input type="radio" value="2" name="type" required=""> Extend for these Individual Students \n\
' + dropstudents + ' \n\
</form>').dialog({
@ -64,23 +52,23 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
}
});
}catch(e){ alert(e); }
} catch (e) {
alert(e);
}
}
</script>
<?php
if(!empty($_GET["course"]))
{
$course_url = mysqli_real_escape_string($con, $_GET["course"]);
if (!empty($_GET["course"])) {
$course_url = $_GET["course"];
$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
. " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` "
. " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table"
. " ON users_table.User_ID=courses_table.Lecturer_User_ID where URL='$course_url' ");
if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) {
if (mysqli_num_rows($result) == 0) {
} else {
while ($row = mysqli_fetch_assoc($result)) {
$name = $row['Course_Name'];
$code = $row['Course_Code'];
$faculty = $row['Faculty'];
@ -103,9 +91,8 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
// ------------------------------Editing Lab Assignment by Lecturer ------------------------------------
if ($_GET['act'] == "edit") {
$getid = mysqli_real_escape_string($con, $_GET["cid"]);
$getid = $_GET["cid"];
$result1 = mysqli_query($con, "SELECT * from lab_reports_table WHERE Lab_Report_ID = '$getid'");
while ($row1 = mysqli_fetch_assoc($result1)) {
@ -119,19 +106,18 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
}
if (isset($_POST['frm_uploadlab'])) {
$deadlinedate = trim(mysqli_real_escape_string($con, $_POST["deadlinedate"])); // remove spaces
$deadlinetime = trim(mysqli_real_escape_string($con, $_POST["deadlinetime"])); // remove spaces
$instructions = mysqli_real_escape_string($con, $_POST["instructions"]);
$title = mysqli_real_escape_string($con, $_POST["title"]);
$marks = mysqli_real_escape_string($con, $_POST["marks"]);
$type = mysqli_real_escape_string($con, $_POST["type"]);
$deadlinedate = trim($_POST["deadlinedate"]); // remove spaces
$deadlinetime = trim($_POST["deadlinetime"]); // remove spaces
$instructions = $_POST["instructions"];
$title = $_POST["title"];
$marks = $_POST["marks"];
$type = $_POST["type"];
$Deadline = $deadlinedate . " " . $deadlinetime;
$date = date("Y-m-d H:i");
$sql = "UPDATE `lab_reports_table` SET `Deadline` = ('" . $Deadline . "'), `Instructions` = ('" . $instructions . "'), `Title` = ('" . $title . "'), `Marks` = ('" . $marks . "'), `Type` = ('" . $type . "') WHERE `lab_reports_table`.`Lab_Report_ID` = '$getid'";
if ($con->query($sql) === TRUE) {
$_SESSION["info_Updated"] = "Assignment information updated successfully.";
} else {
// echo "Error: " . $sql . "<br>" . $con->error;
echo "Serious error happened whiling updating assignment information.";
@ -153,14 +139,14 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
<input type='hidden' name='course_id' value='<?php echo "$id" ?>' required='' />
<input type='hidden' name='url' value='<?php echo ".$course_url." ?>' required='' />
Deadline Date/Time
Dealine Date/Time
<div class='row'>
<div class='col-md-7'><input type='date' id='date' name='deadlinedate' placeholder='' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act'] == "edit" ? $Date : ""; ?>"> </div>
<div class='col-md-5'> <input type='text' id='time' class='form-control' name='deadlinetime' value="<?php echo isset($_GET['act']) && $_GET['act'] == "edit" ? $Time : ""; ?>"> </div>
</div>
Title
<input type='text' name='title' placeholder='Title' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act']=="edit" ? $Title : ""; ?>">
<input type='text' name='title' placeholder='Ttle' class='form-control' required='' value="<?php echo isset($_GET['act']) && $_GET['act'] == "edit" ? $Title : ""; ?>">
Instructions
<textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required=''><?php echo isset($_GET['act']) && $_GET['act'] == 'edit' ? $Instructions : ''; ?></textarea>
Marks
@ -174,7 +160,6 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
Attachment 3
<input type='file' name='attachment3' placeholder='Attachment 1' class='form-control'>
Attachment 4
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control'>
<br>
@ -187,12 +172,12 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
}
?>
<hr>
<input type='submit' class='btn btn-primary' value='Post Lab Assignment'><br>
</form><br><br><br><br>
<?php
}}else{
}
} else {
// ------------------------------Posting New Lab Assignment------------------------------------
@ -205,7 +190,7 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
<h3> Post new Lab Assignment </a></h3>
<form method='post' enctype='multipart/form-data' action='Script.php'>
<form method='post' enctype='multipart/form-data' action='Script.php' id="newlab_form">
<?php
$_SESSION['url'] = $url;
?>
@ -213,18 +198,18 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
<input type='hidden' name='course_id' value='<?php echo "$id" ?>' required='' />
<input type='hidden' name='url' value='<?php echo ".$course_url." ?>' required='' />
Deadline Date/Time
Dealine Date/Time
<div class='row'>
<div class='col-md-7'><input type='date' id='date' name='deadlinedate' placeholder='' class='form-control' required='' value=""> </div>
<div class='col-md-5'> <input type='time' class='form-control' name='deadlinetime' value=""> </div>
</div>
Title
<input type='text' name='title' placeholder='Title' class='form-control' required='' value="">
<input type='text' name='title' placeholder='Ttle' class='form-control' required='' value="" id="lab_title">
Instructions
<textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required='' value=""></textarea>
<textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required='' value="" id="lab_instructor"></textarea>
Marks
<input type='text' name='marks' placeholder='Marks' class='form-control' required='' value="">
<input type='text' name='marks' placeholder='Marks' class='form-control' required='' value="" id="lab_mark">
Attachment 1
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control'>
@ -234,20 +219,18 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
Attachment 3
<input type='file' name='attachment3' placeholder='Attachment 1' class='form-control'>
Attachment 4
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control'>
<br>
Submission Type <input type='radio' name='type' value='Individual' required=''> Individual
Submission Type <input type='radio' name='type' value='Individual' required='' id="lab_individual"> Individual
<input type='radio' name='type' value='Group' required=''> Group
<input type='radio' name='type' value='Group' required='' id="lab_group"> Group
<hr>
<input type='submit' class='btn btn-primary' value='Post Lab Assignment'><br>
<input type='submit' class='btn btn-primary' value='Post Lab Assignment' id="submit_btn"><br>
</form><br><br><br><br>
<?php
}
}
}
echo "</div>";
@ -267,22 +250,17 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
$_SESSION['info_courses'] = null;
}
$result = mysqli_query($con, " SELECT `Lab_Report_ID`,Type,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, "
. "`Attachment_link_4` FROM `lab_reports_table` WHERE Course_ID=$id ORDER by Lab_Report_ID DESC");
if( $_SESSION['user_type']=="TA")
{
if ($_SESSION['user_type'] == "TA") {
echo "<b style='color:gray'>*Only Lecturer can post a new lab report assignment</b><br>";
}
if(mysqli_num_rows($result)==0)
{
if (mysqli_num_rows($result) == 0) {
echo "No assignments posted so far.";
} else { while($row = mysqli_fetch_assoc($result)) {
} else {
$counter = 0;
while ($row = mysqli_fetch_assoc($result)) {
$marks = $row['Marks'];
$title = $row['Title'];
$ins = $row['Instructions'];
@ -296,6 +274,7 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
$cours_id = $row['Course_ID'];
$as_type = $row['Type'];
$full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
$counter += 1;
if ($att2 != "") {
$full_link = $full_link . " &nbsp|&nbsp <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
@ -308,15 +287,19 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
$full_link = $full_link . " &nbsp; | &nbsp <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
}
$resultx1 = mysqli_query($con, "Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id");
while($row = mysqli_fetch_assoc($resultx1)) {$count_subs=$row['cnt'];}
while ($row = mysqli_fetch_assoc($resultx1)) {
$count_subs = $row['cnt'];
}
$resultx2 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Marks is not null");
if(mysqli_num_rows($resultx2)==0){$count_marked=0;} else { while($row = mysqli_fetch_assoc($resultx2)) {$count_marked =$row['cnt'];}}
if (mysqli_num_rows($resultx2) == 0) {
$count_marked = 0;
} else {
while ($row = mysqli_fetch_assoc($resultx2)) {
$count_marked = $row['cnt'];
}
}
$header = "Courses > " . $name . "($code) > Assignments > " . $title;
@ -326,28 +309,20 @@ New Date/Time <br><input type="date" name="date" required=""> <input type="time"
<br> <span style='font-size:8pt'>Posted : $posted Deadline : <b> $deadline </b> &nbsp; ($marks Marks) &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; "
. "<br>"
. "<span class='btn-default'> &nbsp;&nbsp; $count_subs Submissions ( $count_marked Marked ) &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href='Courses.php?course=".$url."&act=edit&cid=".$id."'>Edit</a>&nbsp;&nbsp; |&nbsp;&nbsp;<a href='~\..\Submissions.php?id=$id&header=$header&total=$marks' onclick=''> View </a> &nbsp;&nbsp; |&nbsp;&nbsp; <a href='#' onclick='extend_deadline($id)'> Extend Deadline </a> </span> <hr> Attachments : $full_link </span>"
. "<span class='btn-default'> &nbsp;&nbsp; $count_subs Submissions ( $count_marked Marked ) &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href='Courses.php?course=" . $url . "&act=edit&cid=" . $id . "'>Edit</a>&nbsp;&nbsp; |&nbsp;&nbsp;<a href='~\..\Submissions.php?id=$id&header=$header&total=$marks' onclick='' id='view_submissions_link_$counter'> View </a> &nbsp;&nbsp; |&nbsp;&nbsp; <a href='#' onclick='extend_deadline($id)' id='extend_deadline_link'> Extend Deadline </a> </span> <hr> Attachments : $full_link </span>"
. "&nbsp;&nbsp;</div>
";
}}
}
}
echo "</div>";
$resultx1 = mysqli_query($con, "SELECT course_students_table.Student_ID,users_table.Full_Name FROM
`course_students_table`
INNER JOIN users_table on users_table.Student_ID=course_students_table.Student_ID
WHERE Course_ID=$course_id");
echo "<span id='dropstudents' style='display:none;'> <select name='stdid'>";
while($row = mysqli_fetch_assoc($resultx1))
{
while ($row = mysqli_fetch_assoc($resultx1)) {
$stdid = $row['Student_ID'];
$stdname = $row['Full_Name'];
@ -357,17 +332,11 @@ WHERE Course_ID=$course_id");
. "<input type='hidden' name='url' value='$course_url'>"
. " </span>";
return;
}
?>
<div class="col-md-8">
<?php
@ -379,23 +348,20 @@ WHERE Course_ID=$course_id");
</a></div>
";
$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, "
. "`Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID where courses_table.Lecturer_User_ID=$user_d");
if($_SESSION['user_type']=="TA")
{
if ($_SESSION['user_type'] == "TA") {
$result = mysqli_query($con, "SELECT course_ta.Course_ID, `Course_Name`,
`Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table`
INNER JOIN
course_ta ON course_ta.Course_ID=courses_table.Course_ID where course_ta.TA=$user_d");
}
// $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID");
if(mysqli_num_rows($result)==0)
{} else { while($row = mysqli_fetch_assoc($result)) {
if (mysqli_num_rows($result) == 0) {
} else {
while ($row = mysqli_fetch_assoc($result)) {
$id = $row['Course_ID'];
$name = $row['Course_Name'];
$code = $row['Course_Code'];
@ -413,8 +379,6 @@ where course_ta.Course_ID=$id");
$ta = $ta . " - " . $rowTA['TA_NAME'];
}
echo "
<a href='~\..\Courses.php?course=$url'> <div class='btn btn-default'>
@ -422,15 +386,13 @@ where course_ta.Course_ID=$id");
<br> <span style='font-size:8pt'>Faculty : $faculty &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Year : $academic &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Lecturer :$lecturer &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TA:$ta </span>
</div></a>
";
}}?>
}
} ?>
</div>
<div class="col-md-4">
<br>
<b> Course Joining Requests </b>
<?php
$lecturer_id = $_SESSION['user_id'];
$result = mysqli_query($con, "SELECT course_students_table.ID,users_table.Full_Name, courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table`
@ -438,11 +400,11 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tab
INNER JOIN users_table on users_table.Student_ID=course_students_table.Student_ID
WHERE Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'");
if(mysqli_num_rows($result)==0)
{
if (mysqli_num_rows($result) == 0) {
echo "<br> <i class='fa fa-info-circle'></i> No Course joining request so far for all your courses <hr>";
} else { while($row = mysqli_fetch_assoc($result)) {
} else {
while ($row = mysqli_fetch_assoc($result)) {
$id = $row['ID'];
$name = $row['Course_Name'];
@ -455,21 +417,12 @@ WHERE Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'"
$std_name is Requesting to join <br> [($code) - $name ] &nbsp;&nbsp;&nbsp;&nbsp; <br><a href='~\..\Script.php?AcceptStudent=y&id=$id&rs=yes' class='btn-sm btn-success' onclick=return confirm(\"are you sure to join this course?\")' > Accept </a>
&nbsp;&nbsp;<a href='~\..\Script.php?AcceptStudent=y&id=$id&rs=no' class='btn-sm btn-danger' onclick=return confirm(\"are you sure to join this course?\")' > Decline </a>
</div>";
}
}
?>
<?php
if( $_SESSION['user_type']=="TA")
{
if ($_SESSION['user_type'] == "TA") {
echo "<center>Only Lecturers can Post new Lab report Assignments</center>";
}
if ($_SESSION['user_type'] == "Lecturer") { ?>
@ -480,30 +433,28 @@ WHERE Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'"
<input type="hidden" name="frm_createCourse" value="true" required="" />
<input type="hidden" name="l" value="l" required="" />
Course Name
<input type="text" name="name" placeholder="Course Name" class="form-control" required="">
<input type="text" name="name" placeholder="Course Name" class="form-control" required="" id="course_name">
Course Code
<input type="text" name="code" placeholder="Course Code" class="form-control" required="">
<input type="text" name="code" placeholder="Course Code" class="form-control" required="" id="course_code">
URL (Leave blank to use Course Code & Year)
<input type="text" name="url" placeholder="Choose Custom URL " class="form-control">
Academic Year
<input type="text" name="academic" placeholder="Academic Year" class="form-control" required="">
<input type="text" name="academic" placeholder="Academic Year" class="form-control" required="" id="academic_year">
Faculty <br>
<input type="text" name="faculty" placeholder="Faculty" class="form-control" required="">
<input type="text" name="faculty" placeholder="Faculty" class="form-control" required="" id="faculty">
<input type="hidden" name="lecturer" value="<?php echo $_SESSION['user_id']; ?>">
Verify Joining Students
<input type="radio" name="verify" value="1"> Yes
<input type="radio" name="verify" value="0" checked=""> No
<input type="radio" name="verify" value="1" id="join_yes"> Yes
<input type="radio" name="verify" value="0" checked="" id="join_no"> No
<br>
<input type="submit" class="btn btn-primary" value="Create Portal"><br>
<input type="submit" class="btn btn-primary" value="Create Portal" id="portal_btn"><br>
</form>
@ -511,16 +462,12 @@ WHERE Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'"
</div>
<!-- END LECTURER -->
<?php
}
if( $_SESSION['user_type']=="Student")
{
if ($_SESSION['user_type'] == "Student") {
?>
<!--STUDENT CODE-->
@ -540,51 +487,32 @@ if( $_SESSION['user_type']=="Student")
<div class="col-md-6"></div>
</div>
<div class="row" style="width:80%;margin:auto; text-align:left;">
<div class="col-md-6">
<?php
error_reporting(0);
$student_id = $_SESSION['user_student_id'];
// current academic year - i.e 2021 - 2022 , so we will show in search result:
// course containing either 2021 or 2022 as academic year.
$oldest_academic_year = date('Y') - 1;
if(!empty($_GET["search"]) || !empty($_GET["faculty"]))
{
$search = trim(mysqli_real_escape_string($con, $_GET["search"]));
$search = strtoupper($_GET['search']);
$faculty = mysqli_real_escape_string($con, $_GET["faculty"]);
if (!empty($_GET["search"]) || !empty($_GET["faculty"])) {
$search = trim($_GET["search"]);
$faculty = $_GET["faculty"];
// the user has not entered something under "Find course by Code"
if($faculty=="")
{
if ($faculty == "") {
echo "<h4> Search Results for Course Code $search</h4><hr>";
$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
. " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` "
. " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table"
. " ON users_table.User_ID=courses_table.Lecturer_User_ID where Academic_Year >= $oldest_academic_year and Course_Code like '%{$search}%' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id) order by Academic_Year desc");
}
// the user has entered something under "Find course by Code"
else
{
. " ON users_table.User_ID=courses_table.Lecturer_User_ID where Course_Code like '%{$search}%' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)");
} else {
echo "<h3> Find Courses under faculty $faculty</h3>";
$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,
`Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`
, users_table.Full_Name FROM `courses_table` INNER JOIN users_table
ON users_table.User_ID=courses_table.Lecturer_User_ID where Academic_Year >= $oldest_academic_year and Faculty='$faculty' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id) order by Academic_Year desc");
ON users_table.User_ID=courses_table.Lecturer_User_ID where Faculty='$faculty' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)");
}
if(mysqli_num_rows($result)==0)
{
if (mysqli_num_rows($result) == 0) {
echo "No results found for your Search <hr>";
} else {
while ($row = mysqli_fetch_assoc($result)) {
@ -597,20 +525,19 @@ if( $_SESSION['user_type']=="Student")
$id = $row['Course_ID'];
$v = $row['Verify_New_Members'];
$msg2 = "Join Course";
if($v>0)
{
if ($v > 0) {
$msg = "<i class='fa fa-exclamation-circle'></i> Lecturer verification required";
$msg2 = "Send Joining Request";
}
echo "<div class='btn btn-default' style='word-wrap:break-word'>
[$code] $name <br>($url) <br> <a href='~\..\Script.php?JoinCourse=y&id=$id&std=$student_id&joining=$v' class='btn-sm btn-success' onclick=return confirm(\"Are you sure to join this course?\")' > $msg2 </a>
[$code] $name <br>($url) <br> <a href='~\..\Script.php?JoinCourse=y&id=$id&std=$student_id&joining=$v' class='btn-sm btn-success' onclick=return confirm(\"Are you sure to join this course?\")' id='join_btn'> $msg2 </a>
<br> <span style='font-size:10pt'>Faculty: $faculty | Year: $academic | Lecturer: $lecturer </span><br>$msg</div>
";
}
}
}
// Otherwise, list the student's joined courses (already done), in reverse chronological order
echo "<h4> My Courses </h4>";
$result = mysqli_query($con, "SELECT users_table.Full_Name, course_students_table.Status, courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table`
INNER JOIN users_table
@ -618,10 +545,9 @@ INNER JOIN users_table
INNER JOIN course_students_table on course_students_table.Course_ID=courses_table.Course_ID
where course_students_table.Student_ID=$student_id order by Academic_Year desc");
where course_students_table.Student_ID=$student_id");
if(mysqli_num_rows($result)==0)
{
if (mysqli_num_rows($result) == 0) {
echo "<i class='fa fa-exclamation-circle'></i> You are not Enrolled in any Course";
} else {
while ($row = mysqli_fetch_assoc($result)) {
@ -634,15 +560,12 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tabl
$id = $row['Course_ID'];
$Status = $row['Status'];
if($Status=="Joined")
{
if ($Status == "Joined") {
echo "<a href='~\..\Course.php?url=$url'> <div class='btn btn-default' style='word-wrap:break-word'>
($code) - $name <br>($url) &nbsp;&nbsp;&nbsp; <i class='fa fa-check-circle'></i> $Status &nbsp;&nbsp;&nbsp;&nbsp; <a href='~\..\Course.php?url=$url' class='btn-sm btn-primary'> Open</a>
<br> <span style='font-size:8pt'>Faculty : $faculty Year : $academic Lecturer :$lecturer </span></div></a>
";
}
else
{
} else {
echo "<div class='btn btn-default'>
($code) - $name <i class='btn-sm btn-danger'> $Status</i>
<br> <span style='font-size:8pt'>Faculty : $faculty Year : $academic Lecturer :$lecturer </span></div>
@ -651,144 +574,45 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tabl
}
}
echo "</div><div class='col-md-6'>
<form method='get' action='Courses.php'>
<div class='row'>
<div class='col-md-10'>
<div class='row'><div class='col-md-6'> Find course by Code
<input type='text' class='form-control' name='search' maxlength='11' placeholder='Enter Course Code'>
<input type='text' class='form-control' name='search' placeholder='Enter Course Code' id='search_field'>
</div><div class='col-md-6'>
List courses by faculty
<select name='faculty' class='form-control'>";
$result = mysqli_query($con, "SELECT DISTINCT(Faculty) as Faculty FROM `courses_table`");
if (mysqli_num_rows($result) == 0) {
} else {
echo"<option value=''> Search by faculty </option>";
while ($row = mysqli_fetch_assoc($result)) {
$fname = $row['Faculty'];
echo " <option value='$fname'> $fname </option>";
}}
echo "<option value=''> Search by faculty </option> <option value='$fname'> $fname </option>";
}
}
echo "</select></div></div>
</div>
<div class='col-md-1'> <br>
<input type='submit' class='btn btn-primary' value='Find'>
<input type='submit' class='btn btn-primary' value='Find' id='find_btn'>
</div>
</div>
</form>
</div></div>";
}
?>
<style>
.form-control {
padding-top: 1px;
padding-bottom: 1px;
}
</style>

7
Download.php
View File

@ -7,11 +7,6 @@ session_start();
// 修改这一行设置你的文件下载目录
// IMPORTANT: Do not delete the following conditional test
if (strpos($_GET['file'], "../") !== false) { // 检查是否有 ../,防止用户构造路径,访问某个他不应该访问的目录
die("Sorry. Nothing to download.");
}
$file = "./../../lrr_submission".$_GET['file'];
$filename = basename($file);
@ -25,7 +20,7 @@ $type = filetype($file);
$today = date("F j, Y, g:i a");
$time = time();
if ((isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"]) > 0) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA" ) {
if ( (isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"])) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA") {
// 发送文件头部
header("Content-type: $type");
header('Content-Disposition: attachment;filename="'.urldecode($filename).'"');

6
Header.php
View File

@ -22,12 +22,6 @@ if (mysqli_connect_errno()) {
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" />
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<!-- *this css file can be used across all the websites
and any new css class can be added there.
* The reason is to make the css code reusable.
* the css file is used by submissions.php
-->
<link href = "./css/main.css" rel = "stylesheet" type = "text/css" />
<script src="./css/jquery.min.js" type="text/javascript"></script>
<script src="./css/bootsrap.min.js" type="text/javascript"></script>

2
NoDirectPhpAcess.php
View File

@ -2,6 +2,6 @@
// https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file
if (!isset($_SERVER['HTTP_REFERER']) ) {
/* choose the appropriate page to redirect users */
die( header( 'location: logout.php' ) );
die( header( 'location: index.php' ) );
}
?>

56
README.md
View File

@ -18,17 +18,15 @@ Our mission is to make the experience of submitting assignments great for tens o
# Installation Instructions
## Hui steps
## Hui's steps
I spent about two hours installing LRR to a bare, remote Ubuntu server (Ubuntu 20.04 LTS).
LRR needs Apache and MySQL to run. I followed [How To Install Linux, Apache, MySQL, PHP (LAMP) stack on Ubuntu 20.04](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-20-04) to set up these server applications. [How to install and configure PHP](https://ubuntu.com/server/docs/programming-php) is also a good guide.
LRR needs Apache and MySQL to run. I followed [How To Install Linux, Apache, MySQL, PHP (LAMP) stack on Ubuntu 20.04](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-20-04) to set up these server applications.
LRR uses a database called `lrr`. So create this database using MySQL root account. Open MySQL's prompt using `sudo mysql`. Create the database using command `CREATE DATABASE lrr;`, and grant all privileges to MySQL user `lrr` using command `GRANT ALL PRIVILEGES ON lrr.* TO 'mnc'@'localhost' WITH GRANT OPTION;`. If MySQL user mnc does not exist, create it using command `CREATE USER 'mnc'@'localhost' IDENTIFIED BY 'password'`.
To facilitate data migration, I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server.
The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.txt`, where mnc after -u is MySQL's username, and lrr after -p is the database name.
The command for importing is `mysql -u mnc -p lrr < lrr_database_dump.txt`. Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail. Do not have lrr_database_dump.txt? You can use lrr_database.sql in this repo instead.
LRR uses a database called `lrr`. I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server.
The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.txt`.
The command for importing is `mysql -u mnc -p lrr < lrr_database_dump.txt`. Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail.
LRR also needs to store assignment submissions. We store them in a folder called `../../lrr_submission`. Note that `lrr_submission` is two levels above the project folder (where many PHP files reside). I copied this folder from the existing one. I think it is also OK if you create an empty folder.
We need to set a proper owner and accessibility for `lrr_submission` using the following two commands:
@ -51,7 +49,7 @@ Enable the site lrr: `sudo a2ensite lrr`. Restart the apache server: `sudo syst
Visit the LRR application by entering this URL in a web browser: http://121.4.94.30/.
## Enock steps
## Enock's steps
Enock, a graduate student here, has made a tutorial about how he deployed LRR to a remote server (http://lanlab.org/course/2021s/spm/PuTTY-Server.txt).
@ -173,49 +171,49 @@ We can also communicate through pull requests. You make a pull request, I revie
GitHub Account - Full Name - Student number
CODEwithZAKI - Omar Mohamud Mohamed - 2020041
CODEwithZAKI - Omar Mohamud Mohamed - 202025800041
BloudYoussef - Khayat Youssef - 2020042
BloudYoussef - Khayat Youssef - 202025800042
TanakaMichelle - Tanaka Michelle Sandati - 2017134
TanakaMichelle - Tanaka Michelle Sandati - 201732120134
WhyteAsamoah - Yeboah Martha Asamoah - 2017135
WhyteAsamoah - Yeboah Martha Asamoah - 201732120135
xiaoyusoil - ZhengXiaoyu - 2017110
xiaoyusoil - ZhengXiaoyu - 201732120110
Benny123-cell - ZhangBin - 2017127
Benny123-cell - ZhangBin - 201732120127
421281726 - LiJiaxing - 2017118
421281726 - LiJiaxing - 201732120118
zhenghongyu-david - ZhengHongyu - 2017128
zhenghongyu-david - ZhengHongyu - 201732120128
wkytz - YeHantao - 2017125
wkytz - YeHantao - 201732120125
zego000 - GaoZeng - 2017117
zego000 - GaoZeng - 201732120117
Richard1427 - XieJiacong - 2017123
Richard1427 - XieJiacong - 201732120123
yutengYing - YingYuteng - 2017126
yutengYing - YingYuteng - 201732120126
Samrusike - Samantha Rusike - 2016140
Samrusike - Samantha Rusike - 201632120140
*enockkays* <enockkhondowe94@yahoo.com>
*Teecloudy* - Ashly Tafadzwa Dhani - 201150
*Teecloudy* - Ashly Tafadzwa Dhani - 201632120150
GuedaliaBonheurSPM - Guedalia Youma - 2019221
GuedaliaBonheurSPM - Guedalia Youma - 201925800221
ACorneille - Alimasi Corneille - 2019168
ACorneille - Alimasi Corneille - 201925800168
Tabithakipanga - Kipanga Dorcas - 2019170
Tabithakipanga - Kipanga Dorcas - 201925800170
Mary-AK - Mary Akussah Doe - 2019173
Mary-AK - Mary Akussah Doe - 201925800173
pkkumson - Kumson Princewill Kum - 2019166
pkkumson - Kumson Princewill Kum - 201925800166
Twizere - Twizere Pacifique - 2019174
Twizere - Twizere Pacifique - 201925800174
Nicole-Rutagengwa - Nicole Rutagengwa - 2019169
Nicole-Rutagengwa - Nicole Rutagengwa - 201925800169
*hema-001* - Ibrahim Mohamed Ibrahim Ismail - omitted

4
Reset_password.php
View File

@ -8,8 +8,8 @@
include 'Header.php';
$token = htmlspecialchars($_GET['token']);
$email = htmlspecialchars($_GET['email']);
$token=$_GET['token'];
$email=$_GET['email'];
?>
<div class="row">

251
Script.php
View File

@ -35,6 +35,7 @@ function is_valid_student_number($student_id)
// ############################### SIGN UP ##################################
if (!empty($_POST["form_signup"])) {
$student_id = trim(mysqli_real_escape_string($con, $_POST["user_student_id"]));
// validate student number
@ -52,7 +53,6 @@ if (!empty($_POST["form_signup"])) {
return;
}
// Check if the student number isn't already registered
$student_result = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
@ -98,14 +98,15 @@ if (!empty($_POST["form_signup"])) {
// check for strong password
if (!$containsAll) {
$_SESSION['info_signup'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and special characters (e.g., !?.,*^).";
$_SESSION['info_signup'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and sepcial characters (e.g., !?.,*^).";
header("Location: signup.php");
return;
}
// check if email is taken
$result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
if (mysqli_num_rows($result) != 0) {
if(mysqli_num_rows($result) != 0)
{
$_SESSION["info_signup"]="Email address ".$email." is already in use.";
$_SESSION['user_fullname'] = null;
header("Location: signup.php");
@ -146,7 +147,7 @@ if (!empty($_POST["frm_login"])) {
$password = mysqli_real_escape_string($con, $_POST["password"]);
$result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')");
if (mysqli_num_rows($result) == 0) {
$_SESSION["info_login"] = "Invalid user name information.";
$_SESSION["info_login"] = "Inavlid user name information.";
echo $_SESSION["info_login"];
header("Location: index.php");
} else {
@ -195,6 +196,7 @@ if (!empty($_POST["frm_recover_password"])) {
// validate student number
if (strlen($student_id) != 12 || is_numeric($student_id) == FALSE) {
$_SESSION["info_recover_password"] = "Invalid student number.";
#echo "Invalid student number.";
header("Location: recover_password.php");
return;
}
@ -246,7 +248,7 @@ if (!empty($_POST["frm_reset_password"])) {
// Password Update
$hashed_password = hash('sha512', $password);
$sql = "UPDATE users_table set HashPassword='$hashed_password' where User_ID='$userid';";
$sql = "UPDATE users_table set HashPassword='$hashed_password' where User_ID=$userid;";
if ($con->query($sql) === TRUE) {
error_reporting(0);
@ -268,22 +270,20 @@ if (!empty($_POST["frm_createlecturrer"])) {
$email = mysqli_real_escape_string($con, $_POST["email"]);
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
$type = mysqli_real_escape_string($con, $_POST["type"]);
$password = mysqli_real_escape_string($con, $_POST["passport"]);
$password = $passport;
// check if email is taken
$result = mysqli_query(
$con,
"SELECT * FROM Users_Table WHERE email='$email'"
);
if (mysqli_num_rows($result) != 0) {
$result = mysqli_query($con,
"SELECT * FROM Users_Table WHERE email='$email'");
if(mysqli_num_rows($result)!=0)
{
$_SESSION["info_Admin_Users"]="Email address : ".$email." is already in use.";
header("Location: Admin.php");
}
$password_hash = password_hash("$password", PASSWORD_DEFAULT);
$sql= "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
. "('$email','$password_hash','$fullname','$type')";
. "('$email','$password','$fullname','$type')";
if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"] = $type . " user created successfully. Use email " . $email . " as account name and $password as password.";
$_SESSION["info_Admin_Users"] = $type . " user Created successfully : email " . $email . " and $password as Password.";
header("Location: Admin.php");
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -300,7 +300,7 @@ function is_valid_file_format($file)
'cvc', 'c', 'class', 'cpp', 'h', 'java', 'sh', 'swift', 'zip', 'rar', 'ods', 'xlr', 'bak', 'ico', 'swf'
);
$filename = $_FILES[$file]['name'];
utf8_encode($filename = $_FILES[$file]['name']);
$ext = pathinfo($filename, PATHINFO_EXTENSION);
$result = in_array($ext, $allowed);
return $result;
@ -430,7 +430,7 @@ if (!empty($_POST["frm_uploadlab"])) {
$sql = "INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`,
`Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`,Marks,Type)
VALUES ('$course_id','$date','$deadline','$instructions','$title','$targetfile','$targetfile2','$targetfile3','$targetfile3','$marks','$type')";
VALUES ('$course_id','$date','$deadline','$instructions','$title','$targetfile','$targetfile2','$targetfile3','$targetfile3',$marks,'$type')";
if ($con->query($sql) === TRUE) {
@ -452,8 +452,10 @@ function checksize($file)
}
// ############################### Submit Assignment ##################################
if (!empty($_POST["frm_submitlab"])) {
/* Posting values to database */
$lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]);
$student_id = $_POST["student_id"];
$group_id = $_POST["group_id"];
@ -467,7 +469,7 @@ if (!empty($_POST["frm_submitlab"])) {
$date = date("Y-m-d H:i:s");
// GET UPLOADED FILES
$labName = mysqli_query($con, "SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID='$lab_id'");
$labName = mysqli_query($con, "SELECT * FROM `lab_reports_table` WHERE Lab_Report_ID=$lab_id");
while ($row = mysqli_fetch_assoc($labName)) {
$lab_name = $row['Title'];
$_SESSION['Sub_Type'] = $row['Type']; // submission type, either Individual or Group
@ -550,19 +552,19 @@ if (!empty($_POST["frm_submitlab"])) {
$targetfile4 = "";
if (strlen($_FILES['attachment1']['name']) > 2) { // why greater than 2???
$targetfile = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment1']['name']);
$targetfile = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment1']['name'];
}
if (strlen($_FILES['attachment2']['name']) > 2) {
$targetfile2 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment2']['name']);
$targetfile2 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment2']['name'];
}
if (strlen($_FILES['attachment3']['name']) > 2) {
$targetfile3 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment3']['name']);
$targetfile3 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment3']['name'];
}
if (strlen($_FILES['attachment4']['name']) > 2) {
$targetfile4 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment4']['name']);
$targetfile4 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment4']['name'];
}
// When $group_id is not properly initialized, use integer 0 as its value.
@ -571,13 +573,13 @@ if (!empty($_POST["frm_submitlab"])) {
$group_id = 0; // FIXME
}
$sql1 = "DELETE FROM lab_report_submissions where Lab_Report_ID='$lab_id' and Student_id='$student_id' and Course_Group_id='$group_id'";
$sql1 = "DELETE FROM lab_report_submissions where Lab_Report_ID=$lab_id and Student_id=$student_id and Course_Group_id=$group_id";
if ($con->query($sql1) === TRUE) {
}
$sql = "INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`,"
. " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)"
. " VALUES ('$date','$lab_id','$student_id','$group_id','$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4',"
. " VALUES ('$date',$lab_id,$student_id,$group_id,'$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4',"
. "'Pending','$title','')";
if ($con->query($sql) === TRUE) {
@ -595,9 +597,9 @@ if (!empty($_POST["frm_submitlab"])) {
// JOIN COURSE
if (!empty($_GET["JoinCourse"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]);
$student_id = mysqli_real_escape_string($con, $_GET["std"]);
$joining = mysqli_real_escape_string($con, $_GET["joining"]);
$id = $_GET["id"];
$student_id = $_GET["std"];
$joining = $_GET["joining"];
$status = "Pending";
if ($joining == 0) {
@ -624,12 +626,12 @@ if (!empty($_GET["JoinCourse"])) {
if (!empty($_GET["savemarks"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]);
$marks = mysqli_real_escape_string($con, $_GET["marks"]);
$total = mysqli_real_escape_string($con, $_GET["total"]);
$feedback = mysqli_real_escape_string($con, $_GET["feedback"]);
$header = mysqli_real_escape_string($con, $_GET["header"]);
$labid = mysqli_real_escape_string($con, $_GET["labid"]);
$id = $_GET["id"];
$marks = $_GET["marks"];
$total = $_GET["total"];
$feedback = $_GET["feedback"];
$header = $_GET["header"];
$labid = $_GET["labid"];
$status = "Marked";
if ($marks > $total) {
@ -658,14 +660,14 @@ if (!empty($_GET["savemarks"])) {
#Update Report Visibility
if (!empty($_GET["updatevisibility"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]);
$marks = mysqli_real_escape_string($con, $_GET["marks"]);
$total = mysqli_real_escape_string($con, $_GET["total"]);
$status = mysqli_real_escape_string($con, $_GET["status"]);
$header = mysqli_real_escape_string($con, $_GET["header"]);
$labid = mysqli_real_escape_string($con, $_GET["labid"]);
$id = $_GET["id"];
$marks = $_GET["marks"];
$total = $_GET["total"];
$status = $_GET["status"];
$header = $_GET["header"];
$labid = $_GET["labid"];
$sql = "UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID='$id'
$sql = "UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID=$id
";
if ($con->query($sql) === TRUE) {
@ -681,18 +683,18 @@ if (!empty($_GET["updatevisibility"])) {
if (!empty($_GET["remarking"])) {
$id = htmlspecialchars(mysqli_real_escape_string($con, $_GET["id"]));
$url = htmlspecialchars(mysqli_real_escape_string($con, $_GET["url"]));
$id = $_GET["id"];
$url = $_GET["url"];
$status = htmlspecialchars(mysqli_real_escape_string($con, $_GET["status"]));
$details = htmlspecialchars(mysqli_real_escape_string($con, $_GET["details"]));
$status = $_GET["status"];
$details = $_GET["details"];
$sql = "UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID='$id'
$sql = "UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID=$id
";
if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = "Remarking Request Sent";
$_SESSION["info_ReMarking"] = "Remarking Request Sent";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -703,13 +705,13 @@ if (!empty($_GET["remarking"])) {
if (!empty($_GET["creategroup"])) {
$student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$id = mysqli_real_escape_string($con, $_GET["id"]);
$name = mysqli_real_escape_string($con, $_GET["name"]);
$student_id = $_GET["student_id"];
$url = $_GET["url"];
$id = $_GET["id"];
$name = $_GET["name"];
$sql = "INSERT INTO `course_groups_table`(`Group_Name`,
`Group_Leader`, `Course_id`) VALUES ('$name','$student_id','$id')";
`Group_Leader`, `Course_id`) VALUES ('$name',$student_id,$id)";
if ($con->query($sql) === TRUE) {
@ -719,9 +721,9 @@ if (!empty($_GET["creategroup"])) {
}
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
VALUES ('$gid','$student_id','Created')";
VALUES ($gid,$student_id,'Created')";
if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = "Course group Created";
$_SESSION["info_ReMarking"] = "Course group Created";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -735,25 +737,18 @@ if (!empty($_GET["creategroup"])) {
if (!empty($_GET["groupinvite"])) {
$student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$courseid = mysqli_real_escape_string($con, $_GET["courseid"]);
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
$student = mysqli_query($con, "SELECT * FROM students_data WHERE Student_ID = '$student_id' ");
if (mysqli_num_rows($student) > 0) {
$student_id = $_GET["student_id"];
$url = $_GET["url"];
$courseid = $_GET["courseid"];
$groupid = $_GET["groupid"];
$result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
if (mysqli_num_rows($result) > 0) {
$_SESSION["info_general"] = $student_id . " has already been invited.";
$_SESSION["info_ReMarking"] = $student_id . " has already been invited";
header("Location: Course.php?url=" . $url);
} else {
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
VALUES ('$groupid','$student_id','Invited')";
}
} else {
$_SESSION["info_general"] = $student_id . " is an invalid student number.";
header("Location: Course.php?url=" . $url);
VALUES ($groupid,$student_id,'Invited')";
}
if ($con->query($sql) === TRUE) {
@ -771,26 +766,26 @@ if (!empty($_GET["groupinvite"])) {
if ($Group_Member == '0') {
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
$_SESSION["info_general"] = $student_id . " was invited to the group.";
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
header("Location: Course.php?url=" . $url);
} elseif ($Group_Member2 == '0') {
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member2` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
$_SESSION["info_general"] = $student_id . " was invited to the group.";
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
header("Location: Course.php?url=" . $url);
} elseif ($Group_Member3 == '0') {
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member3` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
$_SESSION["info_general"] = $student_id . " was invited to the group.";
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
header("Location: Course.php?url=" . $url);
} elseif ($Group_Member4 == '0') {
mysqli_query($con, "UPDATE `course_groups_table` SET `Group_Member4` = ('" . $student_id . "') WHERE `course_groups_table`.`Course_Group_id` = '$groupid'");
$_SESSION["info_general"] = $student_id . " was invited to the group.";
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
header("Location: Course.php?url=" . $url);
} else {
$_SESSION["info_general"] = " You cannot add any more members";
$_SESSION["info_ReMarking"] = " You cant add any more members";
header("Location: Course.php?url=" . $url);
}
}
$_SESSION["info_general"] = $student_id . " was invited to the group.";
$_SESSION["info_ReMarking"] = $student_id . " was invited to the group";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -801,57 +796,21 @@ if (!empty($_GET["groupinvite"])) {
if (!empty($_GET["acceptinvite"])) {
$student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$action = mysqli_real_escape_string($con, $_GET["action"]);
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
$student_id = $_GET["student_id"];
$url = $_GET["url"];
$action = $_GET["action"];
$groupid = $_GET["groupid"];
if ($action == 1) {
$sql = "Update `course_group_members_table` set Status='Joined' where Course_Group_id ='$groupid' and student_id='$student_id'
$sql = "Update `course_group_members_table` set Status='Joined' where Course_Group_id =$groupid and student_id=$student_id
";
} else {
$sql = "Delete from `course_group_members_table` where Course_Group_id ='$groupid' and student_id='$student_id'
$sql = "Delete from `course_group_members_table` where Course_Group_id =$groupid and student_id=$student_id
";
}
if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = " Group Invite Updated";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
}
}
#Remove a member from group
if (!empty($_GET["removemember"])) {
$student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$group_id = mysqli_real_escape_string($con, $_GET["group_id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$sql = "Delete from `course_group_members_table` where student_id=$student_id and Course_Group_id=$group_id";
if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = " Member " . $student_id . " removed from the group";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
}
}
#Delete a whole group
if (!empty($_GET["deletegroup"])) {
$group_id = mysqli_real_escape_string($con, $_GET["group_id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$sql1 = "Delete from `course_group_members_table` where Course_Group_id=$group_id";
$sql2 = "Delete from `course_groups_table` where Course_Group_id=$group_id";
if ($con->query($sql1) === TRUE && $con->query($sql2) === TRUE) {
$_SESSION["info_general"] = " Group has been deleted successfully. ";
$_SESSION["info_ReMarking"] = " Group Invite Updated";
header("Location: Course.php?url=" . $url);
} else {
echo "Error: " . $sql . "<br>" . $con->error;
@ -862,22 +821,22 @@ if (!empty($_GET["deletegroup"])) {
if (!empty($_GET["extenddeadline"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]);
$date = mysqli_real_escape_string($con, $_GET["date"]);
$time = mysqli_real_escape_string($con, $_GET["time"]);
$type = mysqli_real_escape_string($con, $_GET["type"]);
$id = $_GET["id"];
$date = $_GET["date"];
$time = $_GET["time"];
$type = $_GET["type"];
$stdid = mysqli_real_escape_string($con, $_GET["stdid"]);
$reason = mysqli_real_escape_string($con, $_GET["reason"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$stdid = $_GET["stdid"];
$reason = $_GET["reason"];
$url = $_GET["url"];
$deadline = $date . " " . $time;
if ($type == 1) {
$sql = "UPDATE `lab_reports_table` SET `Deadline`='$deadline' WHERE Lab_Report_ID='$id'";
$sql = "UPDATE `lab_reports_table` SET `Deadline`='$deadline' WHERE Lab_Report_ID=$id";
} else {
$sql = "INSERT INTO `extended_deadlines_table`(`Student_ID`, "
. "`Lab_Report_ID`, `Extended_Deadline_Date`,"
. " `ReasonsForExtension`) VALUES ('$stdid','$id','$deadline','$reason')";
. " `ReasonsForExtension`) VALUES ($stdid,$id,'$deadline','$reason')";
}
if ($con->query($sql) === TRUE) {
@ -893,13 +852,13 @@ if (!empty($_GET["extenddeadline"])) {
if (!empty($_GET["ignoreremarking"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]);
$total = mysqli_real_escape_string($con, $_GET["total"]);
$header = mysqli_real_escape_string($con, $_GET["header"]);
$id = $_GET["id"];
$total = $_GET["total"];
$header = $_GET["header"];
$subid = mysqli_real_escape_string($con, $_GET["subid"]);
$subid = $_GET["subid"];
$sql = "UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID='$subid'";
$sql = "UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID=$subid";
if ($con->query($sql) === TRUE) {
@ -914,10 +873,10 @@ if (!empty($_GET["ignoreremarking"])) {
if (!empty($_GET["assignTA"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]);
$ta = mysqli_real_escape_string($con, $_GET["ta"]);
$id = $_GET["id"];
$ta = $_GET["ta"];
$sql = "INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ('$id','$ta')";
$sql = "INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ($id,$ta)";
if ($con->query($sql) === TRUE) {
@ -932,13 +891,13 @@ if (!empty($_GET["assignTA"])) {
if (!empty($_GET["AcceptStudent"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]);
$rs = mysqli_real_escape_string($con, $_GET["rs"]);
$id = $_GET["id"];
$rs = $_GET["rs"];
if ($rs == "yes") {
$sql = "Update course_students_table set Status='Joined' Where ID='$id'";
$sql = "Update course_students_table set Status='Joined' Where ID=$id";
} else {
$sql = "Delete FROM course_students_table Where ID='$id'";
$sql = "Delete FROM course_students_table Where ID=$id";
}
if ($con->query($sql) === TRUE) {
@ -960,12 +919,12 @@ if (!empty($_GET["AcceptStudent"])) {
if (!empty($_GET["action"])) {
$action = $_GET["action"];
$uid = mysqli_real_escape_string($con, $_GET["uid"]);
$uid = $_GET["uid"];
$pass = mysqli_real_escape_string($con, $_GET["pass"]);
$pass = $_GET["pass"];
$pass = password_hash($pass, PASSWORD_DEFAULT);
$status = mysqli_real_escape_string($con, $_GET["status"]);
$status = $_GET["status"];
// validate uid
if (intval($uid) < 0) {
@ -973,8 +932,8 @@ if (!empty($_GET["action"])) {
return;
}
if ($action == "passchange" && $_SESSION['user_id'] == $uid) {
$sql = "UPDATE users_table set Password='$pass' where User_ID='$uid';";
if ($action == "passchange") {
$sql = "UPDATE users_table set Password='$pass' where User_ID=$uid;";
if ($con->query($sql) === TRUE) {
error_reporting(0);
echo "Password has been changed";
@ -987,8 +946,8 @@ if (!empty($_GET["action"])) {
}
}
if ($action == "statuschange" && $_SESSION['user_id'] == $uid && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) {
$sql = "UPDATE users_table set Status='$status' where User_ID='$uid';";
if ($action == "statuschange") {
$sql = "UPDATE users_table set Status='$status' where User_ID=$uid;";
if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"] = $type . " user Status updated successfully ";
header("Location: Admin.php");
@ -1048,8 +1007,8 @@ if (!empty($_POST["frm_createCourse"])) {
if (!empty($_GET["exportgrade"])) {
$lab = mysqli_real_escape_string($con, $_GET["lab"]);
$lab_name = mysqli_real_escape_string($con, $_GET["lab_name"]);
$lab = $_GET["lab"];
$lab_name = $_GET["lab_name"];
error_reporting(0);
@ -1061,7 +1020,7 @@ INNER JOIN lab_reports_table on lab_reports_table.Lab_Report_ID=lab_report_submi
INNER JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
WHERE lab_report_submissions.Lab_Report_ID='$lab'";
WHERE lab_report_submissions.Lab_Report_ID=$lab";
$export = mysqli_query($con, $select);
@ -1091,7 +1050,7 @@ WHERE lab_report_submissions.Lab_Report_ID='$lab'";
}
header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename=$lab_name Grade Sheet.xls");
header("Content-Disposition: attachment; filename=$lab_name Garde Sheet.xls");
header("Pragma: no-cache");
header("Expires: 0");
print "$header\n$data";

2
Student.php
View File

@ -9,7 +9,7 @@ include 'Header.php';
<div class="row" style="width:80%;margin:auto;">
<div class="col-md-6">
<h1> Student Account Created. Now you can Browse Course Portals </h1>
<h1> STUEDNT Account Created , Now you can Browse Course Portals </h1>
</div>
</div>

21
Submissions.php
View File

@ -10,7 +10,7 @@ $group_id = $_SESSION["user_group_id"];
$c_date = date("Y-m-d H:i");
if (!empty($_GET["id"])) {
$id = mysqli_real_escape_string($con, $_GET["id"]);
$id = $_GET["id"];
$course_id = $id;
}
@ -139,6 +139,7 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
if (mysqli_num_rows($result1) == 0) {
echo "No Un-Marked Submissions for this Lab Report.";
} else {
$mark_submission_btn_counter = 0;
while ($row = mysqli_fetch_assoc($result1)) {
$title = $row['Title'];
$Marks = $row['Marks'];
@ -157,6 +158,7 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
$groupname = $row['Group_Name'];
$groupleader = $row['Group_Leader'];
$student_id = $row['sub_std'];
$mark_submission_btn_counter += 1;
if ($submitted_group == 0) {
$submitted_by = $student_name . "(" . $student_id . ")";
@ -183,8 +185,8 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
}
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> by: <b> <span class = 'text-selectable'>$submitted_by </span> </b>
<br> <span style='font-size:8pt'>Submitted : $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark Submission</button><br> Attachments : $full_link </span>
$title <br> by: <b> $submitted_by </b>
<br> <span style='font-size:8pt'>Submitted : $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)' id='mark_submission_btn_$mark_submission_btn_counter'> Mark Submission</button><br> Attachments : $full_link </span>
</div></k>";
}
}
@ -262,13 +264,8 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Marked' Order by lab
if ($att4 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
}
// you will notice why i used span here to wrap the $submitted_by variable
// because if we wrap with span , the css class text-selectable can be used only by the submittedBy variable
// if you want to use text-selectable class on whole div, just call the css class
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> by : <b> <span class = 'text-selectable'>$submitted_by </span> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> &nbsp; Visibility : <b>$Visibility </b> <button class='btn-sm btn-success' style='margin-left:50px;' onclick='updatev($Submission_ID)'>Update visibility</button>
$title <br> by : <b> $submitted_by &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> &nbsp; Visibility : <b>$Visibility </b> <button class='btn-sm btn-success' style='margin-left:50px;' onclick='updatev($Submission_ID)'>Update visibility</button>
<hr> Lecturer/TA notes : $notes<br> <span style='font-size:8pt'>Submitted : $posted <b> </b> <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Re-Mark Submission</button><br> Attachments : $full_link </span>
</div></k>";
}
@ -347,7 +344,7 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
}
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> by : <b> <span class = 'text-selectable'>$submitted_by </span> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> <br> Remarking Reason : <b>$remarking_reason </b>
$title <br> by : <b> $submitted_by &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> <br> Remarking Reason : <b>$remarking_reason </b>
<hr> <span style='font-size:8pt'>Submitted : $posted <b> </b> "
. "<button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Re-Mark Submission</button>"
. " &nbsp; &nbsp;&nbsp;&nbsp;<a href='~\..\Script.php?ignoreremarking=yes&id=$id&subid=$Submission_ID&header=$header&total=$total&status=Marked' class='btn-sm btn-warning'> Ignore Request </a>"
@ -424,8 +421,8 @@ where course_group_members_table.Course_Group_id=$id");
try {
$('<form id="submit-form" method="get" action="Script.php">' + title + '(' + marks + ' marks) <input type="hidden" name="savemarks" value="true">\n\
<input type="hidden" name="total" value="' + marks + '" > <input type="hidden" name="id" value="' + id + '" ><br> Marks <input type="text" name="marks">\n\
Comments <textarea name="feedback"></textarea> \n\
<input type="hidden" name="total" value="' + marks + '" > <input type="hidden" name="id" value="' + id + '" ><br> Marks <input type="text" name="marks" id="marks">\n\
Comments <textarea name="feedback" id="feedback"></textarea> \n\
<input type="hidden" name="labid" value="<?php echo $course_id; ?>"> <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({
modal: true,
title: 'Mark Submission',

28
SubmitLab.php
View File

@ -9,22 +9,18 @@ include 'Header.php';
<div class='row' style='width:80%;margin:auto;'>
<?php
$c_date = date("Y-m-d H:i");
$student_id = $_SESSION["user_student_id"];
if(!empty($_GET["id"]))
{
$id = mysqli_real_escape_string($con, $_GET["id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
if (!empty($_GET["id"])) {
$id = $_GET["id"];
$url = $_GET["url"];
$result1 = mysqli_query($con, " SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and Deadline > '$c_date' ORDER by Lab_Report_ID DESC");
if(mysqli_num_rows($result1) == 0)
{
if (mysqli_num_rows($result1) == 0) {
echo "No active assignments for this course so far.";
} else {
while ($row = mysqli_fetch_assoc($result1)) {
@ -48,14 +44,12 @@ if(!empty($_GET["id"]))
$_SESSION["Group_ID"] = $row['Course_Group_id'];
}
if($_SESSION["Group_ID"] < 1)
{
if ($_SESSION["Group_ID"] < 1) {
echo " <center><h3> This Lab report can only be submitted by Group Admin </h3> </center> ";
return;
}
}
$full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
if ($att2 != "") {
@ -86,9 +80,6 @@ $Group_ID = $_SESSION["Group_ID"];
</div>
<div style="width:80%;margin:auto;">
<h3> Submit Lab Report Assignment </h3>
@ -97,8 +88,7 @@ $Group_ID = $_SESSION["Group_ID"];
<div class="col-md-6">
<form method='post' enctype='multipart/form-data' action='Script.php'>
<form method='post' enctype='multipart/form-data' action='Script.php' id="submit_lab_report_form">
<input type='hidden' name='frm_submitlab' value='true' required='' />
<input type='hidden' name='lab_id' value='<?php echo $id; ?>' required='' />
<input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required='' />
@ -106,10 +96,10 @@ $Group_ID = $_SESSION["Group_ID"];
<input type='hidden' name='url' value='<?php echo $url; ?>' required='' />
Title
<input type='text' name='title' placeholder='Ttle' class='form-control' required=''>
<input type='text' name='title' placeholder='Ttle' class='form-control' required='' id="title">
Attachment 1
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required='' id="attachment1">
Attachment 2
<input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
@ -125,7 +115,7 @@ $Group_ID = $_SESSION["Group_ID"];
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control'>
<br>
<input type='submit' class='btn btn-primary' value='Submit Lab Assignment'><br>
<input type='submit' class='btn btn-primary' value='Submit Lab Assignment' id="submit_lab_assignment_btn"><br>
</form>
</div>

5
batch_insert.php
View File

@ -19,7 +19,7 @@ if (!$conn) {
}
//获得用户名数据
$source = mysqli_real_escape_string($conn,$_POST['users']);
$source = $_POST['users'];
//如有多个空格,删除剩一个空格
$source1 = preg_replace('/\s\s+/', ' ', $source);
@ -31,12 +31,13 @@ $source2 = trim($source1);
//根据空格拆分
$user = explode(' ', $source2);
//插入数据
for($index=0; $index < count($user); $index++) {
$result = mysqli_query($conn, "SELECT * FROM `students_data` WHERE Student_ID='$user[$index]'");
if (mysqli_num_rows($result) < 1) {
if (! mysqli_query($conn, "REPLACE INTO `students_data`(`Student_ID`, `Passport_Number`) VALUES('$user[$index]', '')" ) ) {
echo "SQL Error: " . $sql_stmt . "<br>" .htmlspecialchars(mysqli_error($conn));
echo "SQL Error: " . $sql_stmt . "<br>" . mysqli_error($conn);
} else {
echo "<p>Student number $user[$index] added.</p>";
}

11
css/main.css
View File

@ -1,11 +0,0 @@
/* this css class is used to enable copying in text with the mouse. */
.text-selectable {
-webkit-user-select: text;
-moz-user-select: text;
-ms-user-select: text;
user-select: text;
cursor:auto
}

2
index.php
View File

@ -82,7 +82,7 @@ if (isset($_SESSION["user_fullname"])) {
<div id="footer">
LRR was originally developed as a <a href="http://lanlab.org/course/2018f/se/homepage.html" style="color:white;">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi. Please submit your suggestions or bug reports to lanhui. Last updated on 18/04/2020 by Ashly. <a href="./homepage" style="color:white;">More information ...</a>
LRR was originally developed as a <a href="http://lanlab.org/course/2018f/se/homepage.html" style="color:white;">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi. Please submit your suggestions or bug reports to lanhui _at_ zjnu.edu.cn. Last updated on 18/04/2020 by Ashly. <a href="./homepage" style="color:white;">More information ...</a>
</div>
</body>

6
logout.php
View File

@ -1,11 +1,11 @@
<?php
// Start a new session
session_start();
// Destory sessions & redirect to index
session_destroy();
session_unset();
// Start a new session
session_start();
// Generate a new session ID
session_regenerate_id(true);

6
recover_password.php
View File

@ -27,9 +27,9 @@ include 'Header.php';
<div class="panel-body">
<form method="post" action="Script.php">
<input type="hidden" name="frm_recover_password" value="true"/>
Student number <input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['student_number']); ?>">
Student number <input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo $_SESSION['student_number']; ?>">
<br/>
Email <input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['user_email']); ?>">
Email <input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo $_SESSION['user_email']; ?>">
<br/>
<input type="submit" class="btn-primary" value="Recover">
@ -38,7 +38,7 @@ include 'Header.php';
<?php
if(isset($_SESSION['info_recover_password'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.htmlspecialchars($_SESSION['info_recover_password']).'</div>';
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_recover_password'].'</div>';
$_SESSION['info_recover_password']=null;
}