“修改了部分bug” #36
1040
Course.php
1040
Course.php
File diff suppressed because it is too large
Load Diff
1143
Courses.php
1143
Courses.php
File diff suppressed because it is too large
Load Diff
|
@ -7,6 +7,11 @@ session_start();
|
|||
|
||||
|
||||
// 修改这一行设置你的文件下载目录
|
||||
// IMPORTANT: Do not delete the following conditional test
|
||||
if (strpos($_GET['file'], "../") != false) { // 检查是否有 ../,防止用户构造路径,访问某个他不应该访问的目录
|
||||
die("Sorry. Nothing to download.");
|
||||
}
|
||||
|
||||
$file = "./../../lrr_submission".$_GET['file'];
|
||||
$filename = basename($file);
|
||||
|
||||
|
@ -20,7 +25,7 @@ $type = filetype($file);
|
|||
$today = date("F j, Y, g:i a");
|
||||
$time = time();
|
||||
|
||||
if ( (isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"])) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA") {
|
||||
if ((isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"]) > 0) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA" ) {
|
||||
// 发送文件头部
|
||||
header("Content-type: $type");
|
||||
header('Content-Disposition: attachment;filename="'.urldecode($filename).'"');
|
||||
|
|
128
Script.php
128
Script.php
|
@ -35,7 +35,6 @@ function is_valid_student_number($student_id)
|
|||
|
||||
// ############################### SIGN UP ##################################
|
||||
if (!empty($_POST["form_signup"])) {
|
||||
|
||||
$student_id = trim(mysqli_real_escape_string($con, $_POST["user_student_id"]));
|
||||
|
||||
// validate student number
|
||||
|
@ -53,18 +52,19 @@ if (!empty($_POST["form_signup"])) {
|
|||
return;
|
||||
}
|
||||
|
||||
|
||||
// Check if the student number isn't already registered
|
||||
|
||||
$student_result = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
|
||||
if (mysqli_num_rows($student_result) > 0) {
|
||||
$_SESSION["info_signup"] = "This Student ID is already in use! Please contact Student Management Office <lanhui at zjnu.edu.cn> for help.";
|
||||
$_SESSION["info_signup"] = "This Student ID is already in use! Please contact Student Management Office <lanhui at zjnu.edu.cn> for help.";
|
||||
header("Location: signup.php");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
// ############################### CREATE STUDENT USER ##################################
|
||||
if (!empty($_POST["form_signup"])) {
|
||||
if (!empty($_POST["form_signup"])) {
|
||||
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
|
||||
$student_id = mysqli_real_escape_string($con, $_POST["user_student_id"]);
|
||||
$email = mysqli_real_escape_string($con, $_POST["email"]);
|
||||
|
@ -270,7 +270,7 @@ if (!empty($_POST["frm_createlecturrer"])) {
|
|||
$email = mysqli_real_escape_string($con, $_POST["email"]);
|
||||
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
|
||||
$type = mysqli_real_escape_string($con, $_POST["type"]);
|
||||
$password = $passport;
|
||||
$password = mysqli_real_escape_string($con, $_POST["passport"]);
|
||||
// check if email is taken
|
||||
$result = mysqli_query($con,
|
||||
"SELECT * FROM Users_Table WHERE email='$email'");
|
||||
|
@ -300,7 +300,7 @@ function is_valid_file_format($file)
|
|||
'cvc', 'c', 'class', 'cpp', 'h', 'java', 'sh', 'swift', 'zip', 'rar', 'ods', 'xlr', 'bak', 'ico', 'swf'
|
||||
);
|
||||
|
||||
utf8_encode($filename = $_FILES[$file]['name']);
|
||||
$filename = $_FILES[$file]['name'];
|
||||
$ext = pathinfo($filename, PATHINFO_EXTENSION);
|
||||
$result = in_array($ext, $allowed);
|
||||
return $result;
|
||||
|
@ -452,10 +452,8 @@ function checksize($file)
|
|||
}
|
||||
|
||||
// ############################### Submit Assignment ##################################
|
||||
|
||||
if (!empty($_POST["frm_submitlab"])) {
|
||||
|
||||
/* Posting values to database */
|
||||
$lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]);
|
||||
$student_id = $_POST["student_id"];
|
||||
$group_id = $_POST["group_id"];
|
||||
|
@ -552,19 +550,19 @@ if (!empty($_POST["frm_submitlab"])) {
|
|||
$targetfile4 = "";
|
||||
|
||||
if (strlen($_FILES['attachment1']['name']) > 2) { // why greater than 2???
|
||||
$targetfile = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment1']['name'];
|
||||
$targetfile = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment1']['name']);
|
||||
}
|
||||
|
||||
if (strlen($_FILES['attachment2']['name']) > 2) {
|
||||
$targetfile2 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment2']['name'];
|
||||
$targetfile2 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment2']['name']);
|
||||
}
|
||||
|
||||
if (strlen($_FILES['attachment3']['name']) > 2) {
|
||||
$targetfile3 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment3']['name'];
|
||||
$targetfile3 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment3']['name']);
|
||||
}
|
||||
|
||||
if (strlen($_FILES['attachment4']['name']) > 2) {
|
||||
$targetfile4 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment4']['name'];
|
||||
$targetfile4 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment4']['name']);
|
||||
}
|
||||
|
||||
// When $group_id is not properly initialized, use integer 0 as its value.
|
||||
|
@ -597,9 +595,9 @@ if (!empty($_POST["frm_submitlab"])) {
|
|||
// JOIN COURSE
|
||||
if (!empty($_GET["JoinCourse"])) {
|
||||
|
||||
$id = $_GET["id"];
|
||||
$student_id = $_GET["std"];
|
||||
$joining = $_GET["joining"];
|
||||
$id = mysqli_real_escape_string($con, $_GET["id"]);
|
||||
$student_id = mysqli_real_escape_string($con, $_GET["std"]);
|
||||
$joining = mysqli_real_escape_string($con, $_GET["joining"]);
|
||||
$status = "Pending";
|
||||
|
||||
if ($joining == 0) {
|
||||
|
@ -626,12 +624,12 @@ if (!empty($_GET["JoinCourse"])) {
|
|||
|
||||
if (!empty($_GET["savemarks"])) {
|
||||
|
||||
$id = $_GET["id"];
|
||||
$marks = $_GET["marks"];
|
||||
$total = $_GET["total"];
|
||||
$feedback = $_GET["feedback"];
|
||||
$header = $_GET["header"];
|
||||
$labid = $_GET["labid"];
|
||||
$id = mysqli_real_escape_string($con, $_GET["id"]);
|
||||
$marks = mysqli_real_escape_string($con, $_GET["marks"]);
|
||||
$total = mysqli_real_escape_string($con, $_GET["total"]);
|
||||
$feedback = mysqli_real_escape_string($con, $_GET["feedback"]);
|
||||
$header = mysqli_real_escape_string($con, $_GET["header"]);
|
||||
$labid = mysqli_real_escape_string($con, $_GET["labid"]);
|
||||
$status = "Marked";
|
||||
|
||||
if ($marks > $total) {
|
||||
|
@ -660,12 +658,12 @@ if (!empty($_GET["savemarks"])) {
|
|||
#Update Report Visibility
|
||||
if (!empty($_GET["updatevisibility"])) {
|
||||
|
||||
$id = $_GET["id"];
|
||||
$marks = $_GET["marks"];
|
||||
$total = $_GET["total"];
|
||||
$status = $_GET["status"];
|
||||
$header = $_GET["header"];
|
||||
$labid = $_GET["labid"];
|
||||
$id = mysqli_real_escape_string($con, $_GET["id"]);
|
||||
$marks = mysqli_real_escape_string($con, $_GET["marks"]);
|
||||
$total = mysqli_real_escape_string($con, $_GET["total"]);
|
||||
$status = mysqli_real_escape_string($con, $_GET["status"]);
|
||||
$header = mysqli_real_escape_string($con, $_GET["header"]);
|
||||
$labid = mysqli_real_escape_string($con, $_GET["labid"]);
|
||||
|
||||
$sql = "UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID=$id
|
||||
";
|
||||
|
@ -683,11 +681,11 @@ if (!empty($_GET["updatevisibility"])) {
|
|||
|
||||
if (!empty($_GET["remarking"])) {
|
||||
|
||||
$id = $_GET["id"];
|
||||
$url = $_GET["url"];
|
||||
$id = mysqli_real_escape_string($con, $_GET["id"]);
|
||||
$url = mysqli_real_escape_string($con, $_GET["url"]);
|
||||
|
||||
$status = $_GET["status"];
|
||||
$details = $_GET["details"];
|
||||
$status = mysqli_real_escape_string($con, $_GET["status"]);
|
||||
$details = mysqli_real_escape_string($con, $_GET["details"]);
|
||||
|
||||
$sql = "UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID=$id
|
||||
";
|
||||
|
@ -705,10 +703,10 @@ if (!empty($_GET["remarking"])) {
|
|||
|
||||
if (!empty($_GET["creategroup"])) {
|
||||
|
||||
$student_id = $_GET["student_id"];
|
||||
$url = $_GET["url"];
|
||||
$id = $_GET["id"];
|
||||
$name = $_GET["name"];
|
||||
$student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
|
||||
$url = mysqli_real_escape_string($con, $_GET["url"]);
|
||||
$id = mysqli_real_escape_string($con, $_GET["id"]);
|
||||
$name = mysqli_real_escape_string($con, $_GET["name"]);
|
||||
|
||||
$sql = "INSERT INTO `course_groups_table`(`Group_Name`,
|
||||
`Group_Leader`, `Course_id`) VALUES ('$name',$student_id,$id)";
|
||||
|
@ -737,10 +735,10 @@ if (!empty($_GET["creategroup"])) {
|
|||
|
||||
if (!empty($_GET["groupinvite"])) {
|
||||
|
||||
$student_id = $_GET["student_id"];
|
||||
$url = $_GET["url"];
|
||||
$courseid = $_GET["courseid"];
|
||||
$groupid = $_GET["groupid"];
|
||||
$student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
|
||||
$url = mysqli_real_escape_string($con, $_GET["url"]);
|
||||
$courseid = mysqli_real_escape_string($con, $_GET["courseid"]);
|
||||
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
|
||||
|
||||
$result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
|
||||
if (mysqli_num_rows($result) > 0) {
|
||||
|
@ -796,10 +794,10 @@ if (!empty($_GET["groupinvite"])) {
|
|||
|
||||
if (!empty($_GET["acceptinvite"])) {
|
||||
|
||||
$student_id = $_GET["student_id"];
|
||||
$url = $_GET["url"];
|
||||
$action = $_GET["action"];
|
||||
$groupid = $_GET["groupid"];
|
||||
$student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
|
||||
$url = mysqli_real_escape_string($con, $_GET["url"]);
|
||||
$action = mysqli_real_escape_string($con, $_GET["action"]);
|
||||
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
|
||||
|
||||
if ($action == 1) {
|
||||
$sql = "Update `course_group_members_table` set Status='Joined' where Course_Group_id =$groupid and student_id=$student_id
|
||||
|
@ -821,14 +819,14 @@ if (!empty($_GET["acceptinvite"])) {
|
|||
|
||||
if (!empty($_GET["extenddeadline"])) {
|
||||
|
||||
$id = $_GET["id"];
|
||||
$date = $_GET["date"];
|
||||
$time = $_GET["time"];
|
||||
$type = $_GET["type"];
|
||||
$id = mysqli_real_escape_string($con, $_GET["id"]);
|
||||
$date = mysqli_real_escape_string($con, $_GET["date"]);
|
||||
$time = mysqli_real_escape_string($con, $_GET["time"]);
|
||||
$type = mysqli_real_escape_string($con, $_GET["type"]);
|
||||
|
||||
$stdid = $_GET["stdid"];
|
||||
$reason = $_GET["reason"];
|
||||
$url = $_GET["url"];
|
||||
$stdid = mysqli_real_escape_string($con, $_GET["stdid"]);
|
||||
$reason = mysqli_real_escape_string($con, $_GET["reason"]);
|
||||
$url = mysqli_real_escape_string($con, $_GET["url"]);
|
||||
$deadline = $date . " " . $time;
|
||||
|
||||
if ($type == 1) {
|
||||
|
@ -852,11 +850,11 @@ if (!empty($_GET["extenddeadline"])) {
|
|||
|
||||
if (!empty($_GET["ignoreremarking"])) {
|
||||
|
||||
$id = $_GET["id"];
|
||||
$total = $_GET["total"];
|
||||
$header = $_GET["header"];
|
||||
$id = mysqli_real_escape_string($con, $_GET["id"]);
|
||||
$total = mysqli_real_escape_string($con, $_GET["total"]);
|
||||
$header = mysqli_real_escape_string($con, $_GET["header"]);
|
||||
|
||||
$subid = $_GET["subid"];
|
||||
$subid = mysqli_real_escape_string($con, $_GET["subid"]);
|
||||
|
||||
$sql = "UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID=$subid";
|
||||
|
||||
|
@ -873,8 +871,8 @@ if (!empty($_GET["ignoreremarking"])) {
|
|||
|
||||
if (!empty($_GET["assignTA"])) {
|
||||
|
||||
$id = $_GET["id"];
|
||||
$ta = $_GET["ta"];
|
||||
$id = mysqli_real_escape_string($con, $_GET["id"]);
|
||||
$ta = mysqli_real_escape_string($con, $_GET["ta"]);
|
||||
|
||||
$sql = "INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ($id,$ta)";
|
||||
|
||||
|
@ -891,8 +889,8 @@ if (!empty($_GET["assignTA"])) {
|
|||
|
||||
if (!empty($_GET["AcceptStudent"])) {
|
||||
|
||||
$id = $_GET["id"];
|
||||
$rs = $_GET["rs"];
|
||||
$id = mysqli_real_escape_string($con, $_GET["id"]);
|
||||
$rs = mysqli_real_escape_string($con, $_GET["rs"]);
|
||||
|
||||
if ($rs == "yes") {
|
||||
$sql = "Update course_students_table set Status='Joined' Where ID=$id";
|
||||
|
@ -919,12 +917,12 @@ if (!empty($_GET["AcceptStudent"])) {
|
|||
if (!empty($_GET["action"])) {
|
||||
|
||||
$action = $_GET["action"];
|
||||
$uid = $_GET["uid"];
|
||||
$uid = mysqli_real_escape_string($con, $_GET["uid"]);
|
||||
|
||||
$pass = $_GET["pass"];
|
||||
$pass = mysqli_real_escape_string($con, $_GET["pass"]);
|
||||
$pass = password_hash($pass, PASSWORD_DEFAULT);
|
||||
|
||||
$status = $_GET["status"];
|
||||
$status = mysqli_real_escape_string($con, $_GET["status"]);
|
||||
|
||||
// validate uid
|
||||
if (intval($uid) < 0) {
|
||||
|
@ -932,12 +930,12 @@ if (!empty($_GET["action"])) {
|
|||
return;
|
||||
}
|
||||
|
||||
if ($action == "passchange") {
|
||||
if ($action == "passchange" && $_SESSION['user_id'] == $uid) {
|
||||
$sql = "UPDATE users_table set Password='$pass' where User_ID=$uid;";
|
||||
if ($con->query($sql) === TRUE) {
|
||||
error_reporting(0);
|
||||
echo "Password has been changed";
|
||||
// return;
|
||||
//return;
|
||||
$_SESSION["infoChangePassword"] = $type . " User password was changed successfully.";
|
||||
header("Location: index.php");
|
||||
} else {
|
||||
|
@ -946,7 +944,7 @@ if (!empty($_GET["action"])) {
|
|||
}
|
||||
}
|
||||
|
||||
if ($action == "statuschange") {
|
||||
if ($action == "statuschange" && $_SESSION['user_id'] == $uid && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) {
|
||||
$sql = "UPDATE users_table set Status='$status' where User_ID=$uid;";
|
||||
if ($con->query($sql) === TRUE) {
|
||||
$_SESSION["info_Admin_Users"] = $type . " user Status updated successfully ";
|
||||
|
@ -1007,8 +1005,8 @@ if (!empty($_POST["frm_createCourse"])) {
|
|||
|
||||
if (!empty($_GET["exportgrade"])) {
|
||||
|
||||
$lab = $_GET["lab"];
|
||||
$lab_name = $_GET["lab_name"];
|
||||
$lab = mysqli_real_escape_string($con, $_GET["lab"]);
|
||||
$lab_name = mysqli_real_escape_string($con, $_GET["lab_name"]);
|
||||
|
||||
error_reporting(0);
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ $group_id = $_SESSION["user_group_id"];
|
|||
$c_date = date("Y-m-d H:i");
|
||||
|
||||
if (!empty($_GET["id"])) {
|
||||
$id = $_GET["id"];
|
||||
$id = mysqli_real_escape_string($con, $_GET["id"]);
|
||||
$course_id = $id;
|
||||
}
|
||||
|
||||
|
@ -139,7 +139,6 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
|
|||
if (mysqli_num_rows($result1) == 0) {
|
||||
echo "No Un-Marked Submissions for this Lab Report.";
|
||||
} else {
|
||||
$mark_submission_btn_counter = 0;
|
||||
while ($row = mysqli_fetch_assoc($result1)) {
|
||||
$title = $row['Title'];
|
||||
$Marks = $row['Marks'];
|
||||
|
@ -158,7 +157,6 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
|
|||
$groupname = $row['Group_Name'];
|
||||
$groupleader = $row['Group_Leader'];
|
||||
$student_id = $row['sub_std'];
|
||||
$mark_submission_btn_counter += 1;
|
||||
|
||||
if ($submitted_group == 0) {
|
||||
$submitted_by = $student_name . "(" . $student_id . ")";
|
||||
|
@ -186,7 +184,7 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
|
|||
|
||||
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
|
||||
$title <br> by: <b> $submitted_by </b>
|
||||
<br> <span style='font-size:8pt'>Submitted : $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)' id='mark_submission_btn_$mark_submission_btn_counter'> Mark Submission</button><br> Attachments : $full_link </span>
|
||||
<br> <span style='font-size:8pt'>Submitted : $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark Submission</button><br> Attachments : $full_link </span>
|
||||
</div></k>";
|
||||
}
|
||||
}
|
||||
|
@ -421,8 +419,8 @@ where course_group_members_table.Course_Group_id=$id");
|
|||
try {
|
||||
|
||||
$('<form id="submit-form" method="get" action="Script.php">' + title + '(' + marks + ' marks) <input type="hidden" name="savemarks" value="true">\n\
|
||||
<input type="hidden" name="total" value="' + marks + '" > <input type="hidden" name="id" value="' + id + '" ><br> Marks <input type="text" name="marks" id="marks">\n\
|
||||
Comments <textarea name="feedback" id="feedback"></textarea> \n\
|
||||
<input type="hidden" name="total" value="' + marks + '" > <input type="hidden" name="id" value="' + id + '" ><br> Marks <input type="text" name="marks">\n\
|
||||
Comments <textarea name="feedback"></textarea> \n\
|
||||
<input type="hidden" name="labid" value="<?php echo $course_id; ?>"> <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({
|
||||
modal: true,
|
||||
title: 'Mark Submission',
|
||||
|
@ -472,4 +470,4 @@ Update Visibility<br><select name="status"> <option> Public </option><option>Pri
|
|||
alert(e);
|
||||
}
|
||||
}
|
||||
</script>
|
||||
</script>
|
||||
|
|
188
SubmitLab.php
188
SubmitLab.php
|
@ -3,123 +3,133 @@ include 'NoDirectPhpAcess.php';
|
|||
?>
|
||||
|
||||
<?php
|
||||
$page = 'Submit LAB+';
|
||||
$page='Submit LAB+';
|
||||
include 'Header.php';
|
||||
?>
|
||||
|
||||
<div class='row' style='width:80%;margin:auto;'>
|
||||
|
||||
<?php
|
||||
|
||||
$c_date = date("Y-m-d H:i");
|
||||
$student_id = $_SESSION["user_student_id"];
|
||||
<?php
|
||||
|
||||
if (!empty($_GET["id"])) {
|
||||
$id = $_GET["id"];
|
||||
$url = $_GET["url"];
|
||||
|
||||
$result1 = mysqli_query($con, " SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and Deadline > '$c_date' ORDER by Lab_Report_ID DESC");
|
||||
if (mysqli_num_rows($result1) == 0) {
|
||||
echo "No active assignments for this course so far.";
|
||||
} else {
|
||||
|
||||
while ($row = mysqli_fetch_assoc($result1)) {
|
||||
|
||||
$Course_ID = $row['Course_ID'];
|
||||
$title = $row['Title'];
|
||||
$ins = $row['Instructions'];
|
||||
$posted = $row['Posted_Date'];
|
||||
$deadline = $row['Deadline'];
|
||||
$att1 = $row['Attachment_link_1'];
|
||||
$att2 = $row['Attachment_link_2'];
|
||||
$att3 = $row['Attachment_link_3'];
|
||||
$att4 = $row['Attachment_link_4'];
|
||||
$labid = $row['Lab_Report_ID'];
|
||||
$type = $row['Type'];
|
||||
|
||||
//----------------------------------Giving both the Group Admin and Group Members same priviledges to submit assignment--------------------------------------
|
||||
if ($type == "Group") {
|
||||
$resultx1 = mysqli_query($con, "SELECT Course_Group_id FROM `course_groups_table` WHERE (Course_id=$Course_ID) and ((Group_Member=$student_id ) or (Group_Member2=$student_id ) or (Group_Member3=$student_id ) or (Group_Member4=$student_id ) or (Group_Leader=$student_id))");
|
||||
while ($row = mysqli_fetch_assoc($resultx1)) {
|
||||
$_SESSION["Group_ID"] = $row['Course_Group_id'];
|
||||
}
|
||||
|
||||
if ($_SESSION["Group_ID"] < 1) {
|
||||
echo " <center><h3> This Lab report can only be submitted by Group Admin </h3> </center> ";
|
||||
return;
|
||||
}
|
||||
$c_date = date("Y-m-d H:i");
|
||||
$student_id = $_SESSION["user_student_id"];
|
||||
|
||||
if(!empty($_GET["id"]))
|
||||
{
|
||||
$id = mysqli_real_escape_string($con, $_GET["id"]);
|
||||
$url = mysqli_real_escape_string($con, $_GET["url"]);
|
||||
|
||||
$result1 = mysqli_query($con," SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and Deadline > '$c_date' ORDER by Lab_Report_ID DESC");
|
||||
if(mysqli_num_rows($result1) == 0)
|
||||
{
|
||||
echo "No active assignments for this course so far.";
|
||||
|
||||
} else {
|
||||
|
||||
while($row = mysqli_fetch_assoc($result1)) {
|
||||
|
||||
$Course_ID = $row['Course_ID'];
|
||||
$title = $row['Title'];
|
||||
$ins = $row['Instructions'];
|
||||
$posted = $row['Posted_Date'];
|
||||
$deadline = $row['Deadline'];
|
||||
$att1 = $row['Attachment_link_1'];
|
||||
$att2 = $row['Attachment_link_2'];
|
||||
$att3 = $row['Attachment_link_3'];
|
||||
$att4 = $row['Attachment_link_4'];
|
||||
$labid = $row['Lab_Report_ID'];
|
||||
$type = $row['Type'];
|
||||
|
||||
//----------------------------------Giving both the Group Admin and Group Members same priviledges to submit assignment--------------------------------------
|
||||
if($type=="Group"){
|
||||
$resultx1 = mysqli_query($con,"SELECT Course_Group_id FROM `course_groups_table` WHERE (Course_id=$Course_ID) and ((Group_Member=$student_id ) or (Group_Member2=$student_id ) or (Group_Member3=$student_id ) or (Group_Member4=$student_id ) or (Group_Leader=$student_id))");
|
||||
while($row = mysqli_fetch_assoc($resultx1)) {
|
||||
$_SESSION["Group_ID"] = $row['Course_Group_id'];
|
||||
}
|
||||
|
||||
if($_SESSION["Group_ID"] < 1)
|
||||
{
|
||||
echo" <center><h3> This Lab report can only be submitted by Group Admin </h3> </center> ";
|
||||
return;
|
||||
}
|
||||
|
||||
$full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
|
||||
|
||||
if ($att2 != "") {
|
||||
$full_link = $full_link . "| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
|
||||
}
|
||||
if ($att3 != "") {
|
||||
$full_link = $full_link . "| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
|
||||
}
|
||||
|
||||
if ($att4 != "") {
|
||||
$full_link = $full_link . "| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
|
||||
}
|
||||
|
||||
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
|
||||
}
|
||||
|
||||
|
||||
$full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
|
||||
|
||||
if($att2!=""){
|
||||
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
|
||||
}
|
||||
if($att3!=""){
|
||||
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
|
||||
}
|
||||
|
||||
if($att4!=""){
|
||||
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
|
||||
}
|
||||
|
||||
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
|
||||
Courses > $url > Submlit Lab Report > $title
|
||||
<br>
|
||||
</a></div>
|
||||
";
|
||||
|
||||
echo "";
|
||||
}
|
||||
echo "";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$Group_ID = $_SESSION["Group_ID"];
|
||||
$Group_ID = $_SESSION["Group_ID"];
|
||||
|
||||
?>
|
||||
?>
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
|
||||
|
||||
<div style="width:80%;margin:auto;">
|
||||
|
||||
<h3> Submit Lab Report Assignment </h3>
|
||||
<hr>
|
||||
<h3> Submit Lab Report Assignment </h3>
|
||||
<hr>
|
||||
<div class="row">
|
||||
|
||||
<div class="col-md-6">
|
||||
|
||||
|
||||
<div class="col-md-6">
|
||||
<form method='post' enctype='multipart/form-data' action='Script.php'>
|
||||
<input type='hidden' name='frm_submitlab' value='true' required=''/>
|
||||
<input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/>
|
||||
<input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/>
|
||||
<input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required=''/>
|
||||
<input type='hidden' name='url' value='<?php echo $url; ?>' required=''/>
|
||||
|
||||
Title
|
||||
<input type='text' name='title' placeholder='Ttle' class='form-control' required=''>
|
||||
|
||||
<form method='post' enctype='multipart/form-data' action='Script.php' id="submit_lab_report_form">
|
||||
<input type='hidden' name='frm_submitlab' value='true' required='' />
|
||||
<input type='hidden' name='lab_id' value='<?php echo $id; ?>' required='' />
|
||||
<input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required='' />
|
||||
<input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required='' />
|
||||
<input type='hidden' name='url' value='<?php echo $url; ?>' required='' />
|
||||
Attachment 1
|
||||
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
|
||||
|
||||
Title
|
||||
<input type='text' name='title' placeholder='Ttle' class='form-control' required='' id="title">
|
||||
Attachment 2
|
||||
<input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
|
||||
|
||||
Attachment 1
|
||||
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required='' id="attachment1">
|
||||
</div>
|
||||
|
||||
Attachment 2
|
||||
<input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
|
||||
<div class="col-md-6">
|
||||
|
||||
</div>
|
||||
Attachment 3
|
||||
<input type='file' name='attachment3' placeholder='Attachment 3' class='form-control' >
|
||||
|
||||
<div class="col-md-6">
|
||||
Attachment 4
|
||||
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
|
||||
<br>
|
||||
|
||||
<input type='submit' class='btn btn-primary' value='Submit Lab Assignment'><br>
|
||||
</form>
|
||||
|
||||
</div>
|
||||
|
||||
Attachment 3
|
||||
<input type='file' name='attachment3' placeholder='Attachment 3' class='form-control'>
|
||||
|
||||
Attachment 4
|
||||
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control'>
|
||||
<br>
|
||||
|
||||
<input type='submit' class='btn btn-primary' value='Submit Lab Assignment' id="submit_lab_assignment_btn"><br>
|
||||
</form>
|
||||
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
|
Loading…
Reference in New Issue