mrlan
/
LRR
3
0
Fork 2
Code Issues Pull Requests 7 Projects Releases Wiki Activity

“修改了部分bug” #36

Merged
liangligang merged 1 commits from LiangLigang into master 2022-05-23 14:54:10 +08:00
Conversation 0 Commits 1 Files Changed 6
6 changed files with 1358 additions and 1160 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

304
Course.php
View File

@ -2,6 +2,7 @@
include 'NoDirectPhpAcess.php'; include 'NoDirectPhpAcess.php';
?> ?>
<?php <?php
$page='Courses+'; $page='Courses+';
include 'Header.php'; include 'Header.php';
@ -9,8 +10,10 @@ $student_id = $_SESSION["user_student_id"];
$group_id = $_SESSION["user_group_id"]; $group_id = $_SESSION["user_group_id"];
$c_date = date("Y-m-d H:i"); $c_date = date("Y-m-d H:i");
if (!empty($_GET["url"])) {
$course_url = $_GET["url"]; if(!empty($_GET["url"]))
{
$course_url = mysqli_real_escape_string($con, $_GET["url"]);
$result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`," $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
. " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` " . " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` "
. " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table" . " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table"
@ -19,6 +22,7 @@ if (!empty($_GET["url"])) {
if(mysqli_num_rows($result)==0) { if(mysqli_num_rows($result)==0) {
echo "No course matching the given course URL: ".$course_url; echo "No course matching the given course URL: ".$course_url;
} else { } else {
while($row = mysqli_fetch_assoc($result)) { while($row = mysqli_fetch_assoc($result)) {
$name = $row['Course_Name']; $name = $row['Course_Name'];
@ -66,9 +70,12 @@ if (!empty($_GET["url"])) {
</div> </div>
<?php <?php
if ($_SESSION['user_type'] == "Student") { if( $_SESSION['user_type'] == "Student")
{
?> ?>
<hr> <hr>
@ -90,88 +97,7 @@ if ($_SESSION['user_type'] == "Student") {
<a class="nav-link" data-toggle="tab" href="#menu3">Submitted</a> <a class="nav-link" data-toggle="tab" href="#menu3">Submitted</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu4" id="marked_tab">Marked</a> <a class="nav-link" data-toggle="tab" href="#menu4">Marked</a>
</li>
<!----------Delete Course Button----------->
<li>
<html>
<body>
<div class="modal fade" id="delcourse">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h2 class="modal-title">Please confirm!</h2>
<button type="button" class="close red" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<div class="modal-body">
<p>Are you sure about deleting this course? This action can not be reversed!</p>
</div>
<div class="modal-footer">
<form method="POST" action="">
<button type="button" class="btn action-button blue" data-dismiss="modal">Cancel</button>
<input type="submit" name="submit" class="btn action-button red" value="Delete" />
</form>
</div>
</div>
</div>
</div>
</div>
<div class="row">
<div class="col">
<button type="button" class="btn action-button red" data-toggle="modal" data-target="#delcourse">Delete Course</button>
</div>
</div>
</div>
</div>
<?php
// Connect to MySQL database
$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
if (isset($_POST['submit'])) {
header("Location: Courses.php");
$result = mysqli_query($con, "DELETE FROM course_students_table WHERE Course_ID='$course_id'");
}
?>
<script src="https://code.jquery.com/jquery-3.2.1.slim.min.js" integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>
<style>
/*--------------------[ Delete Course Button ]*/
.action-button {
font-family: 'Pacifico', cursive;
font-size: 18px;
color: #FFF;
text-decoration: none;
}
.red {
background-color: #E74C3C;
border-bottom: 5px solid #BD3E31;
text-shadow: 0px -2px #BD3E31;
}
.blue {
background-color: #4d4dff;
border-bottom: 5px solid #4d4dff;
text-shadow: 0px -2px #4d4dff;
}
</style>
</body>
</html>
</li> </li>
</ul> </ul>
@ -184,13 +110,15 @@ if ($_SESSION['user_type'] == "Student") {
$sql="SELECT course_group_members_table.Course_Group_id FROM course_group_members_table INNER JOIN course_groups_table ON course_group_members_table.Course_Group_id = course_groups_table.Course_Group_id WHERE course_group_members_table.Student_ID=$student_id and course_groups_table.Course_id=$course_id"; $sql="SELECT course_group_members_table.Course_Group_id FROM course_group_members_table INNER JOIN course_groups_table ON course_group_members_table.Course_Group_id = course_groups_table.Course_Group_id WHERE course_group_members_table.Student_ID=$student_id and course_groups_table.Course_id=$course_id";
$resultx1 = mysqli_query($con, $sql); $resultx1 = mysqli_query($con, $sql);
while ($row = mysqli_fetch_assoc($resultx1)) { while($row = mysqli_fetch_assoc($resultx1))
{
$_SESSION['group_id'] = $row['Course_Group_id']; $_SESSION['group_id'] = $row['Course_Group_id'];
} }
$group_id = $_SESSION['group_id']; $group_id = $_SESSION['group_id'];
if ($group_id == "") { if($group_id == "")
{
$group_id = 0; // no group. If the student has a group, the group number should be greater than 0. $group_id = 0; // no group. If the student has a group, the group number should be greater than 0.
} }
@ -199,16 +127,17 @@ if ($_SESSION['user_type'] == "Student") {
// (3) none of the student's group members have already submitted // (3) none of the student's group members have already submitted
// the assignment. // the assignment.
$var = "SELECT Type, Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`" . $sql_stmt = "SELECT Type, Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`".
" FROM `lab_reports_table`". " FROM `lab_reports_table`".
" WHERE Course_ID=$course_id". " WHERE Course_ID=$course_id".
" AND (Deadline > '$c_date' OR Lab_Report_ID IN (SELECT `Lab_Report_ID` FROM `extended_deadlines_table` WHERE Student_ID=$student_id AND Extended_Deadline_Date > '$c_date' AND Lab_Report_ID IN (SELECT Lab_Report_ID FROM lab_reports_table WHERE Course_ID=$course_id)))". " AND (Deadline > '$c_date' OR Lab_Report_ID IN (SELECT `Lab_Report_ID` FROM `extended_deadlines_table` WHERE Student_ID=$student_id AND Extended_Deadline_Date > '$c_date' AND Lab_Report_ID IN (SELECT Lab_Report_ID FROM lab_reports_table WHERE Course_ID=$course_id)))".
" AND Lab_Report_ID NOT IN (SELECT Lab_Report_ID FROM lab_report_submissions WHERE Course_Group_id IN (SELECT Course_Group_id FROM course_group_members_table WHERE Student_ID=$student_id))". " AND Lab_Report_ID NOT IN (SELECT Lab_Report_ID FROM lab_report_submissions WHERE Course_Group_id IN (SELECT Course_Group_id FROM course_group_members_table WHERE Student_ID=$student_id))".
" ORDER BY Lab_Report_ID DESC"; " ORDER BY Lab_Report_ID DESC";
$result1 = mysqli_query($con, $var); $result1 = mysqli_query($con, $sql_stmt);
if (mysqli_num_rows($result1) == 0) { if(mysqli_num_rows($result1)==0)
{
echo "No active assignments for this course so far."; echo "No active assignments for this course so far.";
} else { } else {
@ -239,22 +168,23 @@ if ($_SESSION['user_type'] == "Student") {
} }
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'> echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title ($type) <br> <span style='font-size:8pt'> $ins</span> $title ($type) <br> <span style='font-size:8pt'> $ins</span>
<br> <span style='font-size:8pt'>Posted : $posted &nbsp;&nbsp;&nbsp;&nbsp; Deadline : $deadline &nbsp;&nbsp;&nbsp;&nbsp;($Marks Marks) &nbsp; &nbsp;&nbsp;&nbsp; &nbsp;<a href='~\..\SubmitLab.php?id=$labid&url=$url' class='btn-sm btn-info' style='margin-left:50px;' id='submit_lab_report_btn'> Submit Lab Report</a><br> Attachments : $full_link </span> <br> <span style='font-size:8pt'>Posted : $posted &nbsp;&nbsp;&nbsp;&nbsp; Deadline : $deadline &nbsp;&nbsp;&nbsp;&nbsp;($Marks Marks) &nbsp; &nbsp;&nbsp;&nbsp; &nbsp;<a href='~\..\SubmitLab.php?id=$labid&url=$url' class='btn-sm btn-info' style='margin-left:50px;'> Submit Lab Report</a><br> Attachments : $full_link </span>
</div></k>"; </div></k>";
}
} }}
echo ""; echo "";
?> ?>
</div> </div>
<div id="menu2" class="container tab-pane"><br> <div id="menu2" class="container tab-pane"><br>
<?php <?php
$group_id=$_SESSION['group_id']; $group_id=$_SESSION['group_id'];
if ($group_id == "") { if($group_id == ""){$group_id = -1;} // Individual assignment does not require the student to have a group id. Therefore, the group is an empty string. To make the following SQL statement work properly, initialize the group id to -1.
$group_id = -1;
} // Individual assignment does not require the student to have a group id. Therefore, the group is an empty string. To make the following SQL statement work properly, initialize the group id to -1.
$result = mysqli_query($con,"SELECT Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` $result = mysqli_query($con,"SELECT Lab_Report_ID,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
FROM `lab_reports_table` FROM `lab_reports_table`
WHERE WHERE
@ -267,8 +197,12 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
. "" . ""
. "ORDER by Lab_Report_ID DESC"); . "ORDER by Lab_Report_ID DESC");
if (mysqli_num_rows($result) == 0) {
if(mysqli_num_rows($result)==0)
{
echo "You missed no lab reports in this course."; echo "You missed no lab reports in this course.";
} else { } else {
while($row = mysqli_fetch_assoc($result)) { while($row = mysqli_fetch_assoc($result)) {
$title=$row['Title']; $title=$row['Title'];
@ -282,6 +216,9 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
$att4=$row['Attachment_link_4']; $att4=$row['Attachment_link_4'];
$id=$row['Lab_Report_ID']; $id=$row['Lab_Report_ID'];
$full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>"; $full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
if($att2!=""){ if($att2!=""){
@ -293,25 +230,28 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
if($att4!=""){ if($att4!=""){
$full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>"; $full_link= $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
}; }
;
echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'><span class='btn-sm btn-warning' style='margin-left:0px;'>MISSED</span> $title ($marks Marks) <br> <span style='font-size:8pt'> $ins</span> echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'><span class='btn-sm btn-warning' style='margin-left:0px;'>MISSED</span> $title ($marks Marks) <br> <span style='font-size:8pt'> $ins</span>
<br> <span style='font-size:8pt'>Posted: $posted<br> Deadline: $deadline &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;<br> Attachments : $full_link </span> <br> <span style='font-size:8pt'>Posted: $posted<br> Deadline: $deadline &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;<br> Attachments : $full_link </span>
</div>"; </div>";
}
} }}
echo ""; echo "";
?> ?>
</div> </div>
<div id="menu3" class="container tab-pane"><br> <div id="menu3" class="container tab-pane"><br>
<?php <?php
$group_id = $_SESSION['group_id']; $group_id = $_SESSION['group_id'];
if ($group_id == "") { if($group_id==""){$group_id=-1;} // This fixes "Submitted report not shown" http://118.25.96.118/bugzilla/show_bug.cgi?id=176
$group_id = -1;
} // This fixes "Submitted report not shown" http://118.25.96.118/bugzilla/show_bug.cgi?id=176
$sql_stmt = "SELECT Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` $sql_stmt = "SELECT Lab_Report_ID, Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, lab_reports_table.Title, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4`
FROM `lab_reports_table` FROM `lab_reports_table`
@ -320,8 +260,11 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
$resultx = mysqli_query($con, $sql_stmt); $resultx = mysqli_query($con, $sql_stmt);
if (mysqli_num_rows($resultx) == 0) {
if(mysqli_num_rows($resultx)==0)
{
echo "You have no lab report submissions in this course."; echo "You have no lab report submissions in this course.";
} else { } else {
while($row = mysqli_fetch_assoc($resultx)) { while($row = mysqli_fetch_assoc($resultx)) {
$lab_repo_id=$row['Lab_Report_ID']; $lab_repo_id=$row['Lab_Report_ID'];
@ -335,7 +278,8 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
$att3=$row['Attachment_link_3']; $att3=$row['Attachment_link_3'];
$att4=$row['Attachment_link_4']; $att4=$row['Attachment_link_4'];
$id = $row['Lab_Report_ID']; $id = $row['Lab_Report_ID'];
if ($c_date < $deadline) { if( $c_date < $deadline)
{
$submittedx="<a href='~\..\SubmitLab.php?id=$id&url=$url' class='btn-sm btn-default'><i class='fa fa-check-circle'></i> Re-Submit </a>"; $submittedx="<a href='~\..\SubmitLab.php?id=$id&url=$url' class='btn-sm btn-default'><i class='fa fa-check-circle'></i> Re-Submit </a>";
} }
@ -357,6 +301,7 @@ Lab_Report_ID not in (select Lab_Report_ID from lab_report_submissions where (St
<br> <span style='font-size:8pt'>Posted : $posted Deadline : $deadline ($marks Marks) &nbsp; &nbsp; $submittedx&nbsp; <span class='btn-sm btn-success' style='margin-left:50px;'><i class='fa fa-Edit-circle'></i> Submitted </span> <br> <span style='font-size:8pt'>Posted : $posted Deadline : $deadline ($marks Marks) &nbsp; &nbsp; $submittedx&nbsp; <span class='btn-sm btn-success' style='margin-left:50px;'><i class='fa fa-Edit-circle'></i> Submitted </span>
<br> Submitted files: "; <br> Submitted files: ";
$Sub_result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID, $Sub_result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
@ -366,8 +311,10 @@ Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$student_id')"); where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$student_id')");
if (mysqli_num_rows($Sub_result) == 0) { if(mysqli_num_rows($Sub_result) == 0)
{
echo "No Attachments found."; echo "No Attachments found.";
} else { } else {
while($row = mysqli_fetch_assoc($Sub_result)) { while($row = mysqli_fetch_assoc($Sub_result)) {
$at1=$row['Attachment1']; $at1=$row['Attachment1'];
@ -394,21 +341,32 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
} }
echo $full_link; echo $full_link;
} }
} }
echo "</span></div></k>"; echo "</span></div></k>";
}
}
}}
echo ""; echo "";
?> ?>
</div> </div>
<?php <?php
$sqli=mysqli_query($con, "SELECT * from course_groups_table WHERE Course_Group_id=$group_id and Course_id=$course_id"); $sqli=mysqli_query($con, "SELECT * from course_groups_table WHERE Course_Group_id=$group_id and Course_id=$course_id");
while ($row = mysqli_fetch_assoc($sqli)) { while($row = mysqli_fetch_assoc($sqli))
$Group_Leader = $row['Group_Leader']; { $Group_Leader=$row['Group_Leader'];
$Group_Member=$row['Group_Member']; $Group_Member=$row['Group_Member'];
$Group_Member2=$row['Group_Member2']; $Group_Member2=$row['Group_Member2'];
$Group_Member3=$row['Group_Member3']; $Group_Member3=$row['Group_Member3'];
@ -416,6 +374,8 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
} }
?> ?>
<div id="menu4" class="container tab-pane"><br> <div id="menu4" class="container tab-pane"><br>
<?php <?php
$resultx = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_reports_table.`Lab_Report_ID`, `Student_id`, " $resultx = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_reports_table.`Lab_Report_ID`, `Student_id`, "
@ -436,10 +396,14 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
. " lab_reports_table.Lab_Report_ID in (select Lab_Report_ID from lab_report_submissions" . " lab_reports_table.Lab_Report_ID in (select Lab_Report_ID from lab_report_submissions"
. " where (Status='Marked' or Status='Remarking') and (Student_id=$student_id or Course_Group_id=$group_id) and Course_ID=$course_id) ORDER by Submission_ID DESC"); . " where (Status='Marked' or Status='Remarking') and (Student_id=$student_id or Course_Group_id=$group_id) and Course_ID=$course_id) ORDER by Submission_ID DESC");
if (mysqli_num_rows($resultx) == 0) {
if(mysqli_num_rows($resultx)==0)
{
echo "You have no marked submissions in this course"; echo "You have no marked submissions in this course";
} else {
while ($row = mysqli_fetch_assoc($resultx)) { } else { while($row = mysqli_fetch_assoc($resultx)) {
$title=$row['Lab_Title']; $title=$row['Lab_Title'];
$marks=$row['Marks']; $marks=$row['Marks'];
$Originalmarks=$row['Original_marks']; $Originalmarks=$row['Original_marks'];
@ -455,17 +419,23 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
$notes=$row['Notes']; $notes=$row['Notes'];
$status= $row['Status']; $status= $row['Status'];
$remarking_reason=$row['Remarking_Reason']; $remarking_reason=$row['Remarking_Reason'];
if ($status == 'Marked') { if($status=='Marked')
{
$rm_data="\Script.php?remarking=yes&id=$Submission_ID&url=$url&status=Remarking"; $rm_data="\Script.php?remarking=yes&id=$Submission_ID&url=$url&status=Remarking";
$remarking = "<button onclick='remarking(\"$rm_data\")' class='btn-sm btn-success' id='request_remarking_btn'> Request Remarking </button>"; $remarking="<button onclick='remarking(\"$rm_data\")' class='btn-sm btn-success'> Request Remarking </button>";
} }
if ($status == 'Remarking') { if($status=='Remarking')
{
$remarking="<span style='color:orange'><i class='fa fa-info-circle'></i> Remarking Request sent </span> <br> Remarking Reason:<i>$remarking_reason </i> <br>"; $remarking="<span style='color:orange'><i class='fa fa-info-circle'></i> Remarking Request sent </span> <br> Remarking Reason:<i>$remarking_reason </i> <br>";
} }
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'> echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <b> ($marks Marks out of $Originalmarks)</b><br><small> Lecturer Feedback : $notes </small> &nbsp; $remarking <br> Submission files :"; $title <b> ($marks Marks out of $Originalmarks)</b><br><small> Lecturer Feedback : $notes </small> &nbsp; $remarking <br> Submission files :";
$Sub_result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID, $Sub_result = mysqli_query($con,"SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID,
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`,
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status,
@ -475,10 +445,11 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Student_id='$student_id'"); where Lab_Report_ID=$id and lab_report_submissions.Student_id='$student_id'");
if (mysqli_num_rows($Sub_result) == 0) { if(mysqli_num_rows($Sub_result)==0)
{
echo "No Attachments found."; echo "No Attachments found.";
} else {
while ($row = mysqli_fetch_assoc($Sub_result)) { } else { while($row = mysqli_fetch_assoc($Sub_result)) {
$at1=$row['Attachment1']; $at1=$row['Attachment1'];
$at2=$row['Attachment2']; $at2=$row['Attachment2'];
$at3=$row['Attachment3']; $at3=$row['Attachment3'];
@ -498,13 +469,21 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
} }
echo $full_link; echo $full_link;
} }
} }
}
}
}}
echo "</div></k>"; echo "</div></k>";
?> ?>
</div> </div>
</div> </div>
@ -516,14 +495,15 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
<?php <?php
$resultx1 = mysqli_query($con,"SELECT `Course_Group_id` FROM `course_groups_table` WHERE Course_id=$course_id"); $resultx1 = mysqli_query($con,"SELECT `Course_Group_id` FROM `course_groups_table` WHERE Course_id=$course_id");
while ($row = mysqli_fetch_assoc($resultx1)) { while($row = mysqli_fetch_assoc($resultx1)) {$count_groups=$row['Course_Group_id'];}
$count_groups = $row['Course_Group_id'];
}
echo " <button onclick='CreateGroup()' class='btn btn-primary' id='create_group_btn'> Create Group</button>";
echo " <button onclick='CreateGroup()' class='btn btn-primary'> Create Group</button>";
?> ?>
<hr> <hr>
<?php <?php
@ -532,19 +512,22 @@ where Lab_Report_ID=$lab_repo_id and (lab_report_submissions.Student_id='$studen
FROM `course_group_members_table` INNER JOIN course_groups_table on FROM `course_group_members_table` INNER JOIN course_groups_table on
course_groups_table.Course_Group_id=course_group_members_table.Course_Group_id WHERE Student_id=$student_id and course_groups_table.Course_id=$course_id"); course_groups_table.Course_Group_id=course_group_members_table.Course_Group_id WHERE Student_id=$student_id and course_groups_table.Course_id=$course_id");
if (mysqli_num_rows($result) == 0) { if(mysqli_num_rows($result)==0)
{
echo "You have no Group in this Course"; echo "You have no Group in this Course";
} else { } else { while($row = mysqli_fetch_assoc($result)) {
while ($row = mysqli_fetch_assoc($result)) {
$name=$row['Group_Name']; $name=$row['Group_Name'];
$id=$row['Course_Group_id']; $id=$row['Course_Group_id'];
$status=$row['Status']; $status=$row['Status'];
$extra=" - <a href='#' class='' onclick='invite($id)'> Invite Others</a></small>"; $extra=" - <a href='#' class='' onclick='invite($id)'> Invite Others</a></small>";
if ($status == "Invited") { if($status=="Invited")
{
$extra2=" <a href='#' class='' onclick='accept($id,1)'>Accept</a></small>"; $extra2=" <a href='#' class='' onclick='accept($id,1)'>Accept</a></small>";
$extra3=" <a href='#' class='' onclick='accept($id,0)'>Decline</a></small>"; $extra3=" <a href='#' class='' onclick='accept($id,0)'>Decline</a></small>";
} }
echo "<div class='btn-default'><small> $name ($status) $extra $extra2 $extra3</small></div>"; echo "<div class='btn-default'><small> $name ($status) $extra $extra2 $extra3</small></div>";
@ -559,32 +542,53 @@ where course_group_members_table.Course_Group_id=$id");
$status=$row['Status']; $status=$row['Status'];
$Student_ID=$row['Student_ID']; $Student_ID=$row['Student_ID'];
echo "<li><small> $name-$Student_ID ($status)</small></li>"; echo "<li><small> $name-$Student_ID ($status)</small></li>";
} }
} }
} }
?> ?>
</div> </div>
</div> </div>
<?php <?php
} }
include 'Footer.php'; include 'Footer.php';
?> ?>
<script src="./css/jquery-1.11.1.min.js"></script> <script src="./css/jquery-1.11.1.min.js"></script>
<script src="./css/jquery-ui.min.js"></script> <script src="./css/jquery-ui.min.js"></script>
<link rel="stylesheet" href="./css/jquery-ui.css" /> <link rel="stylesheet" href="./css/jquery-ui.css" />
<script> <script>
function CreateGroup() { function CreateGroup() {
try {
try
{
$('<form id="frm" method="get" action="Script.php"><input type="hidden" name="creategroup" value="true">\n\ $('<form id="frm" method="get" action="Script.php"><input type="hidden" name="creategroup" value="true">\n\
<input type="hidden" name="student_id" value="<?php echo $student_id; ?>" > Group Name <input type="text" name="name" id="group_name">\n\ <input type="hidden" name="student_id" value="<?php echo $student_id; ?>" > Group Name <input type="text" name="name">\n\
<input type="hidden" name="url" value="<?php echo $url; ?>"> <input type="hidden" name="id" value="<?php echo $course_id; ?>"> </form>').dialog({ <input type="hidden" name="url" value="<?php echo $url; ?>"> <input type="hidden" name="id" value="<?php echo $course_id; ?>"> </form>').dialog({
modal: true, modal: true,
title:'Create Group', title:'Create Group',
@ -602,14 +606,18 @@ include 'Footer.php';
} }
}); });
} catch (e) { } catch(e){ alert(e); }
alert(e);
}
} }
function invite(id) { function invite(id) {
try {
try
{
$('<form id="frm" method="get" action="Script.php"><input type="hidden" name="groupinvite" value="true">\n\ $('<form id="frm" method="get" action="Script.php"><input type="hidden" name="groupinvite" value="true">\n\
<input type="hidden" name="groupid" value="'+id+'" > Enter Student_ID to Invite <input type="text" name="student_id">\n\ <input type="hidden" name="groupid" value="'+id+'" > Enter Student_ID to Invite <input type="text" name="student_id">\n\
@ -630,14 +638,21 @@ include 'Footer.php';
} }
}); });
} catch (e) { } catch(e){ alert(e); }
alert(e);
}
} }
function accept(id,val) { function accept(id,val) {
try { try
{
$('<form id="frm" method="get" action="Script.php"><input type="hidden" name="acceptinvite" value="true">\n\ $('<form id="frm" method="get" action="Script.php"><input type="hidden" name="acceptinvite" value="true">\n\
<input type="hidden" name="groupid" value="'+id+'" > \n\ <input type="hidden" name="action" value="'+val+'" > \n\ <input type="hidden" name="groupid" value="'+id+'" > \n\ <input type="hidden" name="action" value="'+val+'" > \n\
@ -660,15 +675,18 @@ include 'Footer.php';
} }
}); });
} catch (e) { } catch(e){ alert(e); }
alert(e);
}
} }
function remarking(data) {
function remarking(data)
{
var details = prompt("Please enter your remarking reasons",""); var details = prompt("Please enter your remarking reasons","");
window.location.href = data+"&details="+details; window.location.href = data+"&details="+details;
} }
</script> </script>

341
Courses.php
View File

@ -2,37 +2,49 @@
include 'NoDirectPhpAcess.php'; include 'NoDirectPhpAcess.php';
?> ?>
<?php <?php
$page='Courses'; $page='Courses';
include 'Header.php'; include 'Header.php';
$user_d = $_SESSION['user_id']; $user_d = $_SESSION['user_id'];
if ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA") { if( $_SESSION['user_type']=="Lecturer" || $_SESSION['user_type']=="TA")
{
?> ?>
<!-- FOR LECTURER--> <!-- FOR LECTURER-->
<div class="row" style="width:80%;margin:auto; text-align:left;"> <div class="row" style="width:80%;margin:auto; text-align:left;">
<script src="./css/jquery-1.11.1.min.js"></script> <script src="./css/jquery-1.11.1.min.js"></script>
<script src="./css/jquery-ui.min.js"></script> <script src="./css/jquery-ui.min.js"></script>
<link rel="stylesheet" href="./css/jquery-ui.css" /> <link rel="stylesheet" href="./css/jquery-ui.css" />
<script> <script>
function extend_deadline(id) { function extend_deadline(id) {
var dropstudents=$("#dropstudents").html(); var dropstudents=$("#dropstudents").html();
try { try
{
$('<form id="frm" method="get" action="Script.php">\n\ $('<form id="frm" method="get" action="Script.php">\n\
<input type="hidden" name="extenddeadline" value="true" >\n\ <input type="hidden" name="extenddeadline" value="true" >\n\
<input type="hidden" name="id" value="'+id+'" > \n\ <input type="hidden" name="id" value="'+id+'" > \n\
New Date/Time <br><input type="date" name="date" required="" id="new_date"> <input type="time" name="time" required=""> \n\ New Date/Time <br><input type="date" name="date" required=""> <input type="time" name="time" required=""> \n\
\n\ \n\
<br><input type="radio" value="1" name="type" required="" id="extend_for_all"> Extend for All<hr> \n\ <br><input type="radio" value="1" name="type" required=""> Extend for All<hr> \n\
<input type="radio" value="2" name="type" required=""> Extend for these Individual Students \n\ <input type="radio" value="2" name="type" required=""> Extend for these Individual Students \n\
'+dropstudents+' \n\ '+dropstudents+' \n\
</form>').dialog({ </form>').dialog({
@ -52,23 +64,23 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
} }
}); });
} catch (e) { }catch(e){ alert(e); }
alert(e);
}
} }
</script> </script>
<?php <?php
if (!empty($_GET["course"])) { if(!empty($_GET["course"]))
$course_url = $_GET["course"]; {
$course_url = mysqli_real_escape_string($con, $_GET["course"]);
$result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`," $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
. " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` " . " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` "
. " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table" . " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table"
. " ON users_table.User_ID=courses_table.Lecturer_User_ID where URL='$course_url' "); . " ON users_table.User_ID=courses_table.Lecturer_User_ID where URL='$course_url' ");
if (mysqli_num_rows($result) == 0) { if(mysqli_num_rows($result)==0)
} else { {} else { while($row = mysqli_fetch_assoc($result)) {
while ($row = mysqli_fetch_assoc($result)) {
$name=$row['Course_Name']; $name=$row['Course_Name'];
$code=$row['Course_Code']; $code=$row['Course_Code'];
$faculty=$row['Faculty']; $faculty=$row['Faculty'];
@ -91,8 +103,9 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
// ------------------------------Editing Lab Assignment by Lecturer ------------------------------------ // ------------------------------Editing Lab Assignment by Lecturer ------------------------------------
if($_GET['act']=="edit"){ if($_GET['act']=="edit"){
$getid = $_GET["cid"]; $getid = mysqli_real_escape_string($con, $_GET["cid"]);
$result1 = mysqli_query($con, "SELECT * from lab_reports_table WHERE Lab_Report_ID = '$getid'"); $result1 = mysqli_query($con, "SELECT * from lab_reports_table WHERE Lab_Report_ID = '$getid'");
while($row1 = mysqli_fetch_assoc($result1)) { while($row1 = mysqli_fetch_assoc($result1)) {
@ -106,18 +119,19 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
} }
if(isset($_POST['frm_uploadlab'])){ if(isset($_POST['frm_uploadlab'])){
$deadlinedate = trim($_POST["deadlinedate"]); // remove spaces $deadlinedate = trim(mysqli_real_escape_string($con, $_POST["deadlinedate"])); // remove spaces
$deadlinetime = trim($_POST["deadlinetime"]); // remove spaces $deadlinetime = trim(mysqli_real_escape_string($con, $_POST["deadlinetime"])); // remove spaces
$instructions = $_POST["instructions"]; $instructions = mysqli_real_escape_string($con, $_POST["instructions"]);
$title = $_POST["title"]; $title = mysqli_real_escape_string($con, $_POST["title"]);
$marks = $_POST["marks"]; $marks = mysqli_real_escape_string($con, $_POST["marks"]);
$type = $_POST["type"]; $type = mysqli_real_escape_string($con, $_POST["type"]);
$Deadline = $deadlinedate." ".$deadlinetime; $Deadline = $deadlinedate." ".$deadlinetime;
$date = date("Y-m-d H:i"); $date = date("Y-m-d H:i");
$sql = "UPDATE `lab_reports_table` SET `Deadline` = ('" . $Deadline . "'), `Instructions` = ('" . $instructions . "'), `Title` = ('" . $title . "'), `Marks` = ('" . $marks . "'), `Type` = ('" . $type . "') WHERE `lab_reports_table`.`Lab_Report_ID` = '$getid'"; $sql = "UPDATE `lab_reports_table` SET `Deadline` = ('" . $Deadline . "'), `Instructions` = ('" . $instructions . "'), `Title` = ('" . $title . "'), `Marks` = ('" . $marks . "'), `Type` = ('" . $type . "') WHERE `lab_reports_table`.`Lab_Report_ID` = '$getid'";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_Updated"]="Assignment information updated successfully."; $_SESSION["info_Updated"]="Assignment information updated successfully.";
} else { } else {
// echo "Error: " . $sql . "<br>" . $con->error; // echo "Error: " . $sql . "<br>" . $con->error;
echo "Serious error happened whiling updating assignment information."; echo "Serious error happened whiling updating assignment information.";
@ -160,24 +174,25 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
Attachment 3 Attachment 3
<input type='file' name='attachment3' placeholder='Attachment 1' class='form-control' > <input type='file' name='attachment3' placeholder='Attachment 1' class='form-control' >
Attachment 4 Attachment 4
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' > <input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
<br> <br>
<?php <?php
if ($Type == "Individual") { if ($Type == "Individual") {
echo "Submission Type <input type='radio' name='type' value='Individual' checked /> Individual <input type='radio' name='type' value='Group' /> Group"; echo "Submission Type <input type='radio' name='type' value='Individual' checked /> Invidual <input type='radio' name='type' value='Group' /> Group";
} else { } else {
echo "Submission Type <input type='radio' name='type' value='Individual' /> Individual <input type='radio' name='type' value='Group' checked> Group"; echo "Submission Type <input type='radio' name='type' value='Individual' /> Invidual <input type='radio' name='type' value='Group' checked> Group";
} }
?> ?>
<hr> <hr>
<input type='submit' class='btn btn-primary' value='Post Lab Assignment'><br> <input type='submit' class='btn btn-primary' value='Post Lab Assignment'><br>
</form><br><br><br><br> </form><br><br><br><br>
<?php <?php
} }}else{
} else {
// ------------------------------Posting New Lab Assignment------------------------------------ // ------------------------------Posting New Lab Assignment------------------------------------
@ -190,7 +205,7 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
<h3> Post new Lab Assignment </a></h3> <h3> Post new Lab Assignment </a></h3>
<form method='post' enctype='multipart/form-data' action='Script.php' id="newlab_form"> <form method='post' enctype='multipart/form-data' action='Script.php'>
<?php <?php
$_SESSION['url']=$url; $_SESSION['url']=$url;
?> ?>
@ -205,11 +220,11 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
</div> </div>
Title Title
<input type='text' name='title' placeholder='Ttle' class='form-control' required='' value="" id="lab_title"> <input type='text' name='title' placeholder='Ttle' class='form-control' required='' value="">
Instructions Instructions
<textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required='' value="" id="lab_instructor"></textarea> <textarea name='instructions' placeholder='Assignment Instructions' class='form-control' required='' value=""></textarea>
Marks Marks
<input type='text' name='marks' placeholder='Marks' class='form-control' required='' value="" id="lab_mark"> <input type='text' name='marks' placeholder='Marks' class='form-control' required='' value="">
Attachment 1 Attachment 1
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control'> <input type='file' name='attachment1' placeholder='Attachment 1' class='form-control'>
@ -219,18 +234,20 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
Attachment 3 Attachment 3
<input type='file' name='attachment3' placeholder='Attachment 1' class='form-control' > <input type='file' name='attachment3' placeholder='Attachment 1' class='form-control' >
Attachment 4 Attachment 4
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' > <input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
<br> <br>
Submission Type <input type='radio' name='type' value='Individual' required='' id="lab_individual"> Individual Submission Type <input type='radio' name='type' value='Individual' required=''> Invidual
<input type='radio' name='type' value='Group' required='' id="lab_group"> Group <input type='radio' name='type' value='Group' required=''> Group
<hr> <hr>
<input type='submit' class='btn btn-primary' value='Post Lab Assignment' id="submit_btn"><br> <input type='submit' class='btn btn-primary' value='Post Lab Assignment'><br>
</form><br><br><br><br> </form><br><br><br><br>
<?php <?php
} }
} }
} }
echo "</div>"; echo "</div>";
@ -250,17 +267,22 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
$_SESSION['info_courses']=null; $_SESSION['info_courses']=null;
} }
$result = mysqli_query($con," SELECT `Lab_Report_ID`,Type,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, " $result = mysqli_query($con," SELECT `Lab_Report_ID`,Type,Marks, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, "
. "`Attachment_link_4` FROM `lab_reports_table` WHERE Course_ID=$id ORDER by Lab_Report_ID DESC"); . "`Attachment_link_4` FROM `lab_reports_table` WHERE Course_ID=$id ORDER by Lab_Report_ID DESC");
if ($_SESSION['user_type'] == "TA") {
if( $_SESSION['user_type']=="TA")
{
echo "<b style='color:gray'>*Only Lecturer can post a new lab report assignment</b><br>"; echo "<b style='color:gray'>*Only Lecturer can post a new lab report assignment</b><br>";
} }
if (mysqli_num_rows($result) == 0) { if(mysqli_num_rows($result)==0)
{
echo "No assignments posted so far."; echo "No assignments posted so far.";
} else {
$counter = 0; } else { while($row = mysqli_fetch_assoc($result)) {
while ($row = mysqli_fetch_assoc($result)) {
$marks=$row['Marks']; $marks=$row['Marks'];
$title=$row['Title']; $title=$row['Title'];
$ins=$row['Instructions']; $ins=$row['Instructions'];
@ -274,7 +296,6 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
$cours_id=$row['Course_ID']; $cours_id=$row['Course_ID'];
$as_type=$row['Type']; $as_type=$row['Type'];
$full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>"; $full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
$counter += 1;
if($att2!=""){ if($att2!=""){
$full_link= $full_link." &nbsp|&nbsp <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>"; $full_link= $full_link." &nbsp|&nbsp <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
@ -287,19 +308,15 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
$full_link= $full_link." &nbsp; | &nbsp <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>"; $full_link= $full_link." &nbsp; | &nbsp <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
} }
$resultx1 = mysqli_query($con,"Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id"); $resultx1 = mysqli_query($con,"Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id");
while ($row = mysqli_fetch_assoc($resultx1)) { while($row = mysqli_fetch_assoc($resultx1)) {$count_subs=$row['cnt'];}
$count_subs = $row['cnt'];
}
$resultx2 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Marks is not null"); $resultx2 = mysqli_query($con,"Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Marks is not null");
if (mysqli_num_rows($resultx2) == 0) { if(mysqli_num_rows($resultx2)==0){$count_marked=0;} else { while($row = mysqli_fetch_assoc($resultx2)) {$count_marked =$row['cnt'];}}
$count_marked = 0;
} else {
while ($row = mysqli_fetch_assoc($resultx2)) {
$count_marked = $row['cnt'];
}
}
$header="Courses > ".$name."($code) > Assignments > ".$title; $header="Courses > ".$name."($code) > Assignments > ".$title;
@ -309,20 +326,28 @@ New Date/Time <br><input type="date" name="date" required="" id="new_date"> <inp
<br> <span style='font-size:8pt'>Posted : $posted Deadline : <b> $deadline </b> &nbsp; ($marks Marks) &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; " <br> <span style='font-size:8pt'>Posted : $posted Deadline : <b> $deadline </b> &nbsp; ($marks Marks) &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; "
. "<br>" . "<br>"
. "<span class='btn-default'> &nbsp;&nbsp; $count_subs Submissions ( $count_marked Marked ) &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href='Courses.php?course=" . $url . "&act=edit&cid=" . $id . "'>Edit</a>&nbsp;&nbsp; |&nbsp;&nbsp;<a href='~\..\Submissions.php?id=$id&header=$header&total=$marks' onclick='' id='view_submissions_link_$counter'> View </a> &nbsp;&nbsp; |&nbsp;&nbsp; <a href='#' onclick='extend_deadline($id)' id='extend_deadline_link'> Extend Deadline </a> </span> <hr> Attachments : $full_link </span>" . "<span class='btn-default'> &nbsp;&nbsp; $count_subs Submissions ( $count_marked Marked ) &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href='Courses.php?course=".$url."&act=edit&cid=".$id."'>Edit</a>&nbsp;&nbsp; |&nbsp;&nbsp;<a href='~\..\Submissions.php?id=$id&header=$header&total=$marks' onclick=''> View </a> &nbsp;&nbsp; |&nbsp;&nbsp; <a href='#' onclick='extend_deadline($id)'> Extend Deadline </a> </span> <hr> Attachments : $full_link </span>"
. "&nbsp;&nbsp;</div> . "&nbsp;&nbsp;</div>
"; ";
}
}
}}
echo "</div>"; echo "</div>";
$resultx1 = mysqli_query($con,"SELECT course_students_table.Student_ID,users_table.Full_Name FROM $resultx1 = mysqli_query($con,"SELECT course_students_table.Student_ID,users_table.Full_Name FROM
`course_students_table` `course_students_table`
INNER JOIN users_table on users_table.Student_ID=course_students_table.Student_ID INNER JOIN users_table on users_table.Student_ID=course_students_table.Student_ID
WHERE Course_ID=$course_id"); WHERE Course_ID=$course_id");
echo "<span id='dropstudents' style='display:none;'> <select name='stdid'>"; echo "<span id='dropstudents' style='display:none;'> <select name='stdid'>";
while ($row = mysqli_fetch_assoc($resultx1)) { while($row = mysqli_fetch_assoc($resultx1))
{
$stdid=$row['Student_ID']; $stdid=$row['Student_ID'];
$stdname=$row['Full_Name']; $stdname=$row['Full_Name'];
@ -332,11 +357,17 @@ WHERE Course_ID=$course_id");
. "<input type='hidden' name='url' value='$course_url'>" . "<input type='hidden' name='url' value='$course_url'>"
. " </span>"; . " </span>";
return; return;
} }
?> ?>
<div class="col-md-8"> <div class="col-md-8">
<?php <?php
@ -348,20 +379,23 @@ WHERE Course_ID=$course_id");
</a></div> </a></div>
"; ";
$result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, " $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, "
. "`Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID where courses_table.Lecturer_User_ID=$user_d"); . "`Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID where courses_table.Lecturer_User_ID=$user_d");
if ($_SESSION['user_type'] == "TA") { if($_SESSION['user_type']=="TA")
{
$result = mysqli_query($con,"SELECT course_ta.Course_ID, `Course_Name`, $result = mysqli_query($con,"SELECT course_ta.Course_ID, `Course_Name`,
`Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table` `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table`
INNER JOIN INNER JOIN
course_ta ON course_ta.Course_ID=courses_table.Course_ID where course_ta.TA=$user_d"); course_ta ON course_ta.Course_ID=courses_table.Course_ID where course_ta.TA=$user_d");
} }
// $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID"); // $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID");
if (mysqli_num_rows($result) == 0) {
} else { if(mysqli_num_rows($result)==0)
while ($row = mysqli_fetch_assoc($result)) { {} else { while($row = mysqli_fetch_assoc($result)) {
$id=$row['Course_ID']; $id=$row['Course_ID'];
$name=$row['Course_Name']; $name=$row['Course_Name'];
$code=$row['Course_Code']; $code=$row['Course_Code'];
@ -379,6 +413,8 @@ where course_ta.Course_ID=$id");
$ta=$ta." - ".$rowTA['TA_NAME']; $ta=$ta." - ".$rowTA['TA_NAME'];
} }
echo" echo"
<a href='~\..\Courses.php?course=$url'> <div class='btn btn-default'> <a href='~\..\Courses.php?course=$url'> <div class='btn btn-default'>
@ -386,13 +422,15 @@ where course_ta.Course_ID=$id");
<br> <span style='font-size:8pt'>Faculty : $faculty &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Year : $academic &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Lecturer :$lecturer &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TA:$ta </span> <br> <span style='font-size:8pt'>Faculty : $faculty &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Year : $academic &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Lecturer :$lecturer &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TA:$ta </span>
</div></a> </div></a>
"; ";
}
} ?> }}?>
</div> </div>
<div class="col-md-4"> <div class="col-md-4">
<br> <br>
<b> Course Joining Requests </b> <b> Course Joining Requests </b>
<?php <?php
$lecturer_id= $_SESSION['user_id']; $lecturer_id= $_SESSION['user_id'];
$result = mysqli_query($con,"SELECT course_students_table.ID,users_table.Full_Name, courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table` $result = mysqli_query($con,"SELECT course_students_table.ID,users_table.Full_Name, courses_table.Course_ID, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` FROM `courses_table`
@ -400,11 +438,11 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tab
INNER JOIN users_table on users_table.Student_ID=course_students_table.Student_ID INNER JOIN users_table on users_table.Student_ID=course_students_table.Student_ID
WHERE Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'"); WHERE Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'");
if (mysqli_num_rows($result) == 0) { if(mysqli_num_rows($result)==0)
{
echo "<br> <i class='fa fa-info-circle'></i> No Course joining request so far for all your courses <hr>"; echo "<br> <i class='fa fa-info-circle'></i> No Course joining request so far for all your courses <hr>";
} else { } else { while($row = mysqli_fetch_assoc($result)) {
while ($row = mysqli_fetch_assoc($result)) {
$id=$row['ID']; $id=$row['ID'];
$name=$row['Course_Name']; $name=$row['Course_Name'];
@ -417,12 +455,21 @@ WHERE Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'"
$std_name is Requesting to join <br> [($code) - $name ] &nbsp;&nbsp;&nbsp;&nbsp; <br><a href='~\..\Script.php?AcceptStudent=y&id=$id&rs=yes' class='btn-sm btn-success' onclick=return confirm(\"are you sure to join this course?\")' > Accept </a> $std_name is Requesting to join <br> [($code) - $name ] &nbsp;&nbsp;&nbsp;&nbsp; <br><a href='~\..\Script.php?AcceptStudent=y&id=$id&rs=yes' class='btn-sm btn-success' onclick=return confirm(\"are you sure to join this course?\")' > Accept </a>
&nbsp;&nbsp;<a href='~\..\Script.php?AcceptStudent=y&id=$id&rs=no' class='btn-sm btn-danger' onclick=return confirm(\"are you sure to join this course?\")' > Decline </a> &nbsp;&nbsp;<a href='~\..\Script.php?AcceptStudent=y&id=$id&rs=no' class='btn-sm btn-danger' onclick=return confirm(\"are you sure to join this course?\")' > Decline </a>
</div>"; </div>";
} }
} }
?> ?>
<?php <?php
if ($_SESSION['user_type'] == "TA") { if( $_SESSION['user_type']=="TA")
{
echo "<center>Only Lecturers can Post new Lab report Assignments</center>"; echo "<center>Only Lecturers can Post new Lab report Assignments</center>";
} }
if( $_SESSION['user_type']=="Lecturer"){ ?> if( $_SESSION['user_type']=="Lecturer"){ ?>
@ -433,28 +480,30 @@ WHERE Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'"
<input type="hidden" name="frm_createCourse" value="true" required=""/> <input type="hidden" name="frm_createCourse" value="true" required=""/>
<input type="hidden" name="l" value="l" required=""/> <input type="hidden" name="l" value="l" required=""/>
Course Name Course Name
<input type="text" name="name" placeholder="Course Name" class="form-control" required="" id="course_name"> <input type="text" name="name" placeholder="Course Name" class="form-control" required="">
Course Code Course Code
<input type="text" name="code" placeholder="Course Code" class="form-control" required="" id="course_code"> <input type="text" name="code" placeholder="Course Code" class="form-control" required="">
URL (Leave blank to use Course Code & Year) URL (Leave blank to use Course Code & Year)
<input type="text" name="url" placeholder="Choose Custom URL " class="form-control"> <input type="text" name="url" placeholder="Choose Custom URL " class="form-control">
Academic Year Academic Year
<input type="text" name="academic" placeholder="Academic Year" class="form-control" required="" id="academic_year"> <input type="text" name="academic" placeholder="Academic Year" class="form-control" required="">
Faculty <br> Faculty <br>
<input type="text" name="faculty" placeholder="Faculty" class="form-control" required="" id="faculty"> <input type="text" name="faculty" placeholder="Faculty" class="form-control" required="">
<input type="hidden" name="lecturer" value="<?php echo $_SESSION['user_id']; ?>"> <input type="hidden" name="lecturer" value="<?php echo $_SESSION['user_id']; ?>">
Verify Joining Students Verify Joining Students
<input type="radio" name="verify" value="1" id="join_yes"> Yes <input type="radio" name="verify" value="1"> Yes
<input type="radio" name="verify" value="0" checked="" id="join_no"> No <input type="radio" name="verify" value="0" checked=""> No
<br> <br>
<input type="submit" class="btn btn-primary" value="Create Portal" id="portal_btn"><br> <input type="submit" class="btn btn-primary" value="Create Portal"><br>
</form> </form>
@ -462,12 +511,16 @@ WHERE Lecturer_User_ID=$lecturer_id and course_students_table.Status='Pending'"
</div> </div>
<!-- END LECTURER --> <!-- END LECTURER -->
<?php <?php
} }
if ($_SESSION['user_type'] == "Student") {
if( $_SESSION['user_type']=="Student")
{
?> ?>
<!--STUDENT CODE--> <!--STUDENT CODE-->
@ -487,23 +540,34 @@ if ($_SESSION['user_type'] == "Student") {
<div class="col-md-6"></div> <div class="col-md-6"></div>
</div> </div>
<div class="row" style="width:80%;margin:auto; text-align:left;"> <div class="row" style="width:80%;margin:auto; text-align:left;">
<div class="col-md-6"> <div class="col-md-6">
<?php <?php
error_reporting(0); error_reporting(0);
$student_id= $_SESSION['user_student_id']; $student_id= $_SESSION['user_student_id'];
if (!empty($_GET["search"]) || !empty($_GET["faculty"])) { if(!empty($_GET["search"]) || !empty($_GET["faculty"]))
$search = trim($_GET["search"]); {
$faculty = $_GET["faculty"]; $search = trim(mysqli_real_escape_string($con, $_GET["search"]));
$faculty = mysqli_real_escape_string($con, $_GET["faculty"]);
if ($faculty == "") {
if($faculty=="")
{
echo "<h4> Search Results for Course Code $search</h4><hr>"; echo "<h4> Search Results for Course Code $search</h4><hr>";
$result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`," $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,"
. " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` " . " `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` "
. " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table" . " , users_table.Full_Name FROM `courses_table` INNER JOIN users_table"
. " ON users_table.User_ID=courses_table.Lecturer_User_ID where Course_Code like '%{$search}%' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)"); . " ON users_table.User_ID=courses_table.Lecturer_User_ID where Course_Code like '%{$search}%' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)");
} else { }
else
{
echo "<h3> Find Courses under faculty $faculty</h3>"; echo "<h3> Find Courses under faculty $faculty</h3>";
$result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, $result = mysqli_query($con,"SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`,
`Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members`
@ -511,8 +575,11 @@ if ($_SESSION['user_type'] == "Student") {
ON users_table.User_ID=courses_table.Lecturer_User_ID where Faculty='$faculty' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)"); ON users_table.User_ID=courses_table.Lecturer_User_ID where Faculty='$faculty' and courses_table.Course_ID not in (select course_id from course_students_table where Student_ID=$student_id)");
} }
if (mysqli_num_rows($result) == 0) {
if(mysqli_num_rows($result)==0)
{
echo "No results found for your Search <hr>"; echo "No results found for your Search <hr>";
} else { } else {
while($row = mysqli_fetch_assoc($result)) { while($row = mysqli_fetch_assoc($result)) {
@ -525,13 +592,14 @@ if ($_SESSION['user_type'] == "Student") {
$id=$row['Course_ID']; $id=$row['Course_ID'];
$v=$row['Verify_New_Members']; $v=$row['Verify_New_Members'];
$msg2="Join Course"; $msg2="Join Course";
if ($v > 0) { if($v>0)
{
$msg="<i class='fa fa-exclamation-circle'></i> Lecturer verification required"; $msg="<i class='fa fa-exclamation-circle'></i> Lecturer verification required";
$msg2="Send Joining Request"; $msg2="Send Joining Request";
} }
echo "<div class='btn btn-default' style='word-wrap:break-word'> echo "<div class='btn btn-default' style='word-wrap:break-word'>
[$code] $name <br>($url) <br> <a href='~\..\Script.php?JoinCourse=y&id=$id&std=$student_id&joining=$v' class='btn-sm btn-success' onclick=return confirm(\"Are you sure to join this course?\")' id='join_btn'> $msg2 </a> [$code] $name <br>($url) <br> <a href='~\..\Script.php?JoinCourse=y&id=$id&std=$student_id&joining=$v' class='btn-sm btn-success' onclick=return confirm(\"Are you sure to join this course?\")' > $msg2 </a>
<br> <span style='font-size:10pt'>Faculty: $faculty | Year: $academic | Lecturer: $lecturer </span><br>$msg</div> <br> <span style='font-size:10pt'>Faculty: $faculty | Year: $academic | Lecturer: $lecturer </span><br>$msg</div>
"; ";
} }
@ -547,7 +615,8 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tabl
where course_students_table.Student_ID=$student_id"); where course_students_table.Student_ID=$student_id");
if (mysqli_num_rows($result) == 0) { if(mysqli_num_rows($result)==0)
{
echo "<i class='fa fa-exclamation-circle'></i> You are not Enrolled in any Course"; echo "<i class='fa fa-exclamation-circle'></i> You are not Enrolled in any Course";
} else { } else {
while($row = mysqli_fetch_assoc($result)) { while($row = mysqli_fetch_assoc($result)) {
@ -560,12 +629,15 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tabl
$id=$row['Course_ID']; $id=$row['Course_ID'];
$Status=$row['Status']; $Status=$row['Status'];
if ($Status == "Joined") { if($Status=="Joined")
{
echo "<a href='~\..\Course.php?url=$url'> <div class='btn btn-default' style='word-wrap:break-word'> echo "<a href='~\..\Course.php?url=$url'> <div class='btn btn-default' style='word-wrap:break-word'>
($code) - $name <br>($url) &nbsp;&nbsp;&nbsp; <i class='fa fa-check-circle'></i> $Status &nbsp;&nbsp;&nbsp;&nbsp; <a href='~\..\Course.php?url=$url' class='btn-sm btn-primary'> Open</a> ($code) - $name <br>($url) &nbsp;&nbsp;&nbsp; <i class='fa fa-check-circle'></i> $Status &nbsp;&nbsp;&nbsp;&nbsp; <a href='~\..\Course.php?url=$url' class='btn-sm btn-primary'> Open</a>
<br> <span style='font-size:8pt'>Faculty : $faculty Year : $academic Lecturer :$lecturer </span></div></a> <br> <span style='font-size:8pt'>Faculty : $faculty Year : $academic Lecturer :$lecturer </span></div></a>
"; ";
} else { }
else
{
echo "<div class='btn btn-default'> echo "<div class='btn btn-default'>
($code) - $name <i class='btn-sm btn-danger'> $Status</i> ($code) - $name <i class='btn-sm btn-danger'> $Status</i>
<br> <span style='font-size:8pt'>Faculty : $faculty Year : $academic Lecturer :$lecturer </span></div> <br> <span style='font-size:8pt'>Faculty : $faculty Year : $academic Lecturer :$lecturer </span></div>
@ -574,45 +646,142 @@ INNER JOIN course_students_table on course_students_table.Course_ID=courses_tabl
} }
} }
echo "</div><div class='col-md-6'> echo "</div><div class='col-md-6'>
<form method='get' action='Courses.php'> <form method='get' action='Courses.php'>
<div class='row'> <div class='row'>
<div class='col-md-10'> <div class='col-md-10'>
<div class='row'><div class='col-md-6'> Find course by Code <div class='row'><div class='col-md-6'> Find course by Code
<input type='text' class='form-control' name='search' placeholder='Enter Course Code' id='search_field'> <input type='text' class='form-control' name='search' placeholder='Enter Course Code'>
</div><div class='col-md-6'> </div><div class='col-md-6'>
List courses by faculty List courses by faculty
<select name='faculty' class='form-control'>"; <select name='faculty' class='form-control'>";
$result = mysqli_query($con,"SELECT DISTINCT(Faculty) as Faculty FROM `courses_table`"); $result = mysqli_query($con,"SELECT DISTINCT(Faculty) as Faculty FROM `courses_table`");
if (mysqli_num_rows($result) == 0) { if(mysqli_num_rows($result)==0)
} else { {} else { while($row = mysqli_fetch_assoc($result)) {
while ($row = mysqli_fetch_assoc($result)) {
$fname=$row['Faculty']; $fname=$row['Faculty'];
echo "<option value=''> Search by faculty </option> <option value='$fname'> $fname </option>"; echo "<option value=''> Search by faculty </option> <option value='$fname'> $fname </option>";
} }}
}
echo "</select></div></div> echo "</select></div></div>
</div> </div>
<div class='col-md-1'> <br> <div class='col-md-1'> <br>
<input type='submit' class='btn btn-primary' value='Find' id='find_btn'> <input type='submit' class='btn btn-primary' value='Find'>
</div> </div>
</div> </div>
</form> </form>
</div></div>"; </div></div>";
} }
?> ?>
<style> <style>
.form-control{ .form-control{
padding-top: 1px; padding-top: 1px;
padding-bottom:1px; padding-bottom:1px;
} }
</style> </style>

7
Download.php
View File

@ -7,6 +7,11 @@ session_start();
// 修改这一行设置你的文件下载目录 // 修改这一行设置你的文件下载目录
// IMPORTANT: Do not delete the following conditional test
if (strpos($_GET['file'], "../") != false) { // 检查是否有 ../,防止用户构造路径,访问某个他不应该访问的目录
die("Sorry. Nothing to download.");
}
$file = "./../../lrr_submission".$_GET['file']; $file = "./../../lrr_submission".$_GET['file'];
$filename = basename($file); $filename = basename($file);
@ -20,7 +25,7 @@ $type = filetype($file);
$today = date("F j, Y, g:i a"); $today = date("F j, Y, g:i a");
$time = time(); $time = time();
if ( (isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"])) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA") { if ((isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"]) > 0) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA" ) {
// 发送文件头部 // 发送文件头部
header("Content-type: $type"); header("Content-type: $type");
header('Content-Disposition: attachment;filename="'.urldecode($filename).'"'); header('Content-Disposition: attachment;filename="'.urldecode($filename).'"');

122
Script.php
View File

@ -35,7 +35,6 @@ function is_valid_student_number($student_id)
// ############################### SIGN UP ################################## // ############################### SIGN UP ##################################
if (!empty($_POST["form_signup"])) { if (!empty($_POST["form_signup"])) {
$student_id = trim(mysqli_real_escape_string($con, $_POST["user_student_id"])); $student_id = trim(mysqli_real_escape_string($con, $_POST["user_student_id"]));
// validate student number // validate student number
@ -53,6 +52,7 @@ if (!empty($_POST["form_signup"])) {
return; return;
} }
// Check if the student number isn't already registered // Check if the student number isn't already registered
$student_result = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'"); $student_result = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
@ -270,7 +270,7 @@ if (!empty($_POST["frm_createlecturrer"])) {
$email = mysqli_real_escape_string($con, $_POST["email"]); $email = mysqli_real_escape_string($con, $_POST["email"]);
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]); $fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
$type = mysqli_real_escape_string($con, $_POST["type"]); $type = mysqli_real_escape_string($con, $_POST["type"]);
$password = $passport; $password = mysqli_real_escape_string($con, $_POST["passport"]);
// check if email is taken // check if email is taken
$result = mysqli_query($con, $result = mysqli_query($con,
"SELECT * FROM Users_Table WHERE email='$email'"); "SELECT * FROM Users_Table WHERE email='$email'");
@ -300,7 +300,7 @@ function is_valid_file_format($file)
'cvc', 'c', 'class', 'cpp', 'h', 'java', 'sh', 'swift', 'zip', 'rar', 'ods', 'xlr', 'bak', 'ico', 'swf' 'cvc', 'c', 'class', 'cpp', 'h', 'java', 'sh', 'swift', 'zip', 'rar', 'ods', 'xlr', 'bak', 'ico', 'swf'
); );
utf8_encode($filename = $_FILES[$file]['name']); $filename = $_FILES[$file]['name'];
$ext = pathinfo($filename, PATHINFO_EXTENSION); $ext = pathinfo($filename, PATHINFO_EXTENSION);
$result = in_array($ext, $allowed); $result = in_array($ext, $allowed);
return $result; return $result;
@ -452,10 +452,8 @@ function checksize($file)
} }
// ############################### Submit Assignment ################################## // ############################### Submit Assignment ##################################
if (!empty($_POST["frm_submitlab"])) { if (!empty($_POST["frm_submitlab"])) {
/* Posting values to database */
$lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]); $lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]);
$student_id = $_POST["student_id"]; $student_id = $_POST["student_id"];
$group_id = $_POST["group_id"]; $group_id = $_POST["group_id"];
@ -552,19 +550,19 @@ if (!empty($_POST["frm_submitlab"])) {
$targetfile4 = ""; $targetfile4 = "";
if (strlen($_FILES['attachment1']['name']) > 2) { // why greater than 2??? if (strlen($_FILES['attachment1']['name']) > 2) { // why greater than 2???
$targetfile = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment1']['name']; $targetfile = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment1']['name']);
} }
if (strlen($_FILES['attachment2']['name']) > 2) { if (strlen($_FILES['attachment2']['name']) > 2) {
$targetfile2 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment2']['name']; $targetfile2 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment2']['name']);
} }
if (strlen($_FILES['attachment3']['name']) > 2) { if (strlen($_FILES['attachment3']['name']) > 2) {
$targetfile3 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment3']['name']; $targetfile3 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment3']['name']);
} }
if (strlen($_FILES['attachment4']['name']) > 2) { if (strlen($_FILES['attachment4']['name']) > 2) {
$targetfile4 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . $_FILES['attachment4']['name']; $targetfile4 = "/" . $student_id . "/" . $url . "/" . $lab_name . "/" . rawurlencode($_FILES['attachment4']['name']);
} }
// When $group_id is not properly initialized, use integer 0 as its value. // When $group_id is not properly initialized, use integer 0 as its value.
@ -597,9 +595,9 @@ if (!empty($_POST["frm_submitlab"])) {
// JOIN COURSE // JOIN COURSE
if (!empty($_GET["JoinCourse"])) { if (!empty($_GET["JoinCourse"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$student_id = $_GET["std"]; $student_id = mysqli_real_escape_string($con, $_GET["std"]);
$joining = $_GET["joining"]; $joining = mysqli_real_escape_string($con, $_GET["joining"]);
$status = "Pending"; $status = "Pending";
if ($joining == 0) { if ($joining == 0) {
@ -626,12 +624,12 @@ if (!empty($_GET["JoinCourse"])) {
if (!empty($_GET["savemarks"])) { if (!empty($_GET["savemarks"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$marks = $_GET["marks"]; $marks = mysqli_real_escape_string($con, $_GET["marks"]);
$total = $_GET["total"]; $total = mysqli_real_escape_string($con, $_GET["total"]);
$feedback = $_GET["feedback"]; $feedback = mysqli_real_escape_string($con, $_GET["feedback"]);
$header = $_GET["header"]; $header = mysqli_real_escape_string($con, $_GET["header"]);
$labid = $_GET["labid"]; $labid = mysqli_real_escape_string($con, $_GET["labid"]);
$status = "Marked"; $status = "Marked";
if ($marks > $total) { if ($marks > $total) {
@ -660,12 +658,12 @@ if (!empty($_GET["savemarks"])) {
#Update Report Visibility #Update Report Visibility
if (!empty($_GET["updatevisibility"])) { if (!empty($_GET["updatevisibility"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$marks = $_GET["marks"]; $marks = mysqli_real_escape_string($con, $_GET["marks"]);
$total = $_GET["total"]; $total = mysqli_real_escape_string($con, $_GET["total"]);
$status = $_GET["status"]; $status = mysqli_real_escape_string($con, $_GET["status"]);
$header = $_GET["header"]; $header = mysqli_real_escape_string($con, $_GET["header"]);
$labid = $_GET["labid"]; $labid = mysqli_real_escape_string($con, $_GET["labid"]);
$sql = "UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID=$id $sql = "UPDATE `lab_report_submissions` SET `Visibility`='$status' WHERE Submission_ID=$id
"; ";
@ -683,11 +681,11 @@ if (!empty($_GET["updatevisibility"])) {
if (!empty($_GET["remarking"])) { if (!empty($_GET["remarking"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$url = $_GET["url"]; $url = mysqli_real_escape_string($con, $_GET["url"]);
$status = $_GET["status"]; $status = mysqli_real_escape_string($con, $_GET["status"]);
$details = $_GET["details"]; $details = mysqli_real_escape_string($con, $_GET["details"]);
$sql = "UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID=$id $sql = "UPDATE `lab_report_submissions` SET `Status`='Remarking',Remarking_Reason='$details' WHERE Submission_ID=$id
"; ";
@ -705,10 +703,10 @@ if (!empty($_GET["remarking"])) {
if (!empty($_GET["creategroup"])) { if (!empty($_GET["creategroup"])) {
$student_id = $_GET["student_id"]; $student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$url = $_GET["url"]; $url = mysqli_real_escape_string($con, $_GET["url"]);
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$name = $_GET["name"]; $name = mysqli_real_escape_string($con, $_GET["name"]);
$sql = "INSERT INTO `course_groups_table`(`Group_Name`, $sql = "INSERT INTO `course_groups_table`(`Group_Name`,
`Group_Leader`, `Course_id`) VALUES ('$name',$student_id,$id)"; `Group_Leader`, `Course_id`) VALUES ('$name',$student_id,$id)";
@ -737,10 +735,10 @@ if (!empty($_GET["creategroup"])) {
if (!empty($_GET["groupinvite"])) { if (!empty($_GET["groupinvite"])) {
$student_id = $_GET["student_id"]; $student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$url = $_GET["url"]; $url = mysqli_real_escape_string($con, $_GET["url"]);
$courseid = $_GET["courseid"]; $courseid = mysqli_real_escape_string($con, $_GET["courseid"]);
$groupid = $_GET["groupid"]; $groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
$result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'"); $result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
if (mysqli_num_rows($result) > 0) { if (mysqli_num_rows($result) > 0) {
@ -796,10 +794,10 @@ if (!empty($_GET["groupinvite"])) {
if (!empty($_GET["acceptinvite"])) { if (!empty($_GET["acceptinvite"])) {
$student_id = $_GET["student_id"]; $student_id = mysqli_real_escape_string($con, $_GET["student_id"]);
$url = $_GET["url"]; $url = mysqli_real_escape_string($con, $_GET["url"]);
$action = $_GET["action"]; $action = mysqli_real_escape_string($con, $_GET["action"]);
$groupid = $_GET["groupid"]; $groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
if ($action == 1) { if ($action == 1) {
$sql = "Update `course_group_members_table` set Status='Joined' where Course_Group_id =$groupid and student_id=$student_id $sql = "Update `course_group_members_table` set Status='Joined' where Course_Group_id =$groupid and student_id=$student_id
@ -821,14 +819,14 @@ if (!empty($_GET["acceptinvite"])) {
if (!empty($_GET["extenddeadline"])) { if (!empty($_GET["extenddeadline"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$date = $_GET["date"]; $date = mysqli_real_escape_string($con, $_GET["date"]);
$time = $_GET["time"]; $time = mysqli_real_escape_string($con, $_GET["time"]);
$type = $_GET["type"]; $type = mysqli_real_escape_string($con, $_GET["type"]);
$stdid = $_GET["stdid"]; $stdid = mysqli_real_escape_string($con, $_GET["stdid"]);
$reason = $_GET["reason"]; $reason = mysqli_real_escape_string($con, $_GET["reason"]);
$url = $_GET["url"]; $url = mysqli_real_escape_string($con, $_GET["url"]);
$deadline = $date . " " . $time; $deadline = $date . " " . $time;
if ($type == 1) { if ($type == 1) {
@ -852,11 +850,11 @@ if (!empty($_GET["extenddeadline"])) {
if (!empty($_GET["ignoreremarking"])) { if (!empty($_GET["ignoreremarking"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$total = $_GET["total"]; $total = mysqli_real_escape_string($con, $_GET["total"]);
$header = $_GET["header"]; $header = mysqli_real_escape_string($con, $_GET["header"]);
$subid = $_GET["subid"]; $subid = mysqli_real_escape_string($con, $_GET["subid"]);
$sql = "UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID=$subid"; $sql = "UPDATE lab_report_submissions SET Status='Marked' WHERE Submission_ID=$subid";
@ -873,8 +871,8 @@ if (!empty($_GET["ignoreremarking"])) {
if (!empty($_GET["assignTA"])) { if (!empty($_GET["assignTA"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$ta = $_GET["ta"]; $ta = mysqli_real_escape_string($con, $_GET["ta"]);
$sql = "INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ($id,$ta)"; $sql = "INSERT INTO `course_ta`(`Course_ID`, `TA`) VALUES ($id,$ta)";
@ -891,8 +889,8 @@ if (!empty($_GET["assignTA"])) {
if (!empty($_GET["AcceptStudent"])) { if (!empty($_GET["AcceptStudent"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$rs = $_GET["rs"]; $rs = mysqli_real_escape_string($con, $_GET["rs"]);
if ($rs == "yes") { if ($rs == "yes") {
$sql = "Update course_students_table set Status='Joined' Where ID=$id"; $sql = "Update course_students_table set Status='Joined' Where ID=$id";
@ -919,12 +917,12 @@ if (!empty($_GET["AcceptStudent"])) {
if (!empty($_GET["action"])) { if (!empty($_GET["action"])) {
$action = $_GET["action"]; $action = $_GET["action"];
$uid = $_GET["uid"]; $uid = mysqli_real_escape_string($con, $_GET["uid"]);
$pass = $_GET["pass"]; $pass = mysqli_real_escape_string($con, $_GET["pass"]);
$pass = password_hash($pass, PASSWORD_DEFAULT); $pass = password_hash($pass, PASSWORD_DEFAULT);
$status = $_GET["status"]; $status = mysqli_real_escape_string($con, $_GET["status"]);
// validate uid // validate uid
if (intval($uid) < 0) { if (intval($uid) < 0) {
@ -932,7 +930,7 @@ if (!empty($_GET["action"])) {
return; return;
} }
if ($action == "passchange") { if ($action == "passchange" && $_SESSION['user_id'] == $uid) {
$sql = "UPDATE users_table set Password='$pass' where User_ID=$uid;"; $sql = "UPDATE users_table set Password='$pass' where User_ID=$uid;";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
error_reporting(0); error_reporting(0);
@ -946,7 +944,7 @@ if (!empty($_GET["action"])) {
} }
} }
if ($action == "statuschange") { if ($action == "statuschange" && $_SESSION['user_id'] == $uid && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) {
$sql = "UPDATE users_table set Status='$status' where User_ID=$uid;"; $sql = "UPDATE users_table set Status='$status' where User_ID=$uid;";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"] = $type . " user Status updated successfully "; $_SESSION["info_Admin_Users"] = $type . " user Status updated successfully ";
@ -1007,8 +1005,8 @@ if (!empty($_POST["frm_createCourse"])) {
if (!empty($_GET["exportgrade"])) { if (!empty($_GET["exportgrade"])) {
$lab = $_GET["lab"]; $lab = mysqli_real_escape_string($con, $_GET["lab"]);
$lab_name = $_GET["lab_name"]; $lab_name = mysqli_real_escape_string($con, $_GET["lab_name"]);
error_reporting(0); error_reporting(0);

10
Submissions.php
View File

@ -10,7 +10,7 @@ $group_id = $_SESSION["user_group_id"];
$c_date = date("Y-m-d H:i"); $c_date = date("Y-m-d H:i");
if (!empty($_GET["id"])) { if (!empty($_GET["id"])) {
$id = $_GET["id"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$course_id = $id; $course_id = $id;
} }
@ -139,7 +139,6 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
if (mysqli_num_rows($result1) == 0) { if (mysqli_num_rows($result1) == 0) {
echo "No Un-Marked Submissions for this Lab Report."; echo "No Un-Marked Submissions for this Lab Report.";
} else { } else {
$mark_submission_btn_counter = 0;
while ($row = mysqli_fetch_assoc($result1)) { while ($row = mysqli_fetch_assoc($result1)) {
$title = $row['Title']; $title = $row['Title'];
$Marks = $row['Marks']; $Marks = $row['Marks'];
@ -158,7 +157,6 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
$groupname = $row['Group_Name']; $groupname = $row['Group_Name'];
$groupleader = $row['Group_Leader']; $groupleader = $row['Group_Leader'];
$student_id = $row['sub_std']; $student_id = $row['sub_std'];
$mark_submission_btn_counter += 1;
if ($submitted_group == 0) { if ($submitted_group == 0) {
$submitted_by = $student_name . "(" . $student_id . ")"; $submitted_by = $student_name . "(" . $student_id . ")";
@ -186,7 +184,7 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'> echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'>
$title <br> by: <b> $submitted_by </b> $title <br> by: <b> $submitted_by </b>
<br> <span style='font-size:8pt'>Submitted : $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)' id='mark_submission_btn_$mark_submission_btn_counter'> Mark Submission</button><br> Attachments : $full_link </span> <br> <span style='font-size:8pt'>Submitted : $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark Submission</button><br> Attachments : $full_link </span>
</div></k>"; </div></k>";
} }
} }
@ -421,8 +419,8 @@ where course_group_members_table.Course_Group_id=$id");
try { try {
$('<form id="submit-form" method="get" action="Script.php">' + title + '(' + marks + ' marks) <input type="hidden" name="savemarks" value="true">\n\ $('<form id="submit-form" method="get" action="Script.php">' + title + '(' + marks + ' marks) <input type="hidden" name="savemarks" value="true">\n\
<input type="hidden" name="total" value="' + marks + '" > <input type="hidden" name="id" value="' + id + '" ><br> Marks <input type="text" name="marks" id="marks">\n\ <input type="hidden" name="total" value="' + marks + '" > <input type="hidden" name="id" value="' + id + '" ><br> Marks <input type="text" name="marks">\n\
Comments <textarea name="feedback" id="feedback"></textarea> \n\ Comments <textarea name="feedback"></textarea> \n\
<input type="hidden" name="labid" value="<?php echo $course_id; ?>"> <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({ <input type="hidden" name="labid" value="<?php echo $course_id; ?>"> <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({
modal: true, modal: true,
title: 'Mark Submission', title: 'Mark Submission',

28
SubmitLab.php
View File

@ -9,18 +9,22 @@ include 'Header.php';
<div class='row' style='width:80%;margin:auto;'> <div class='row' style='width:80%;margin:auto;'>
<?php <?php
$c_date = date("Y-m-d H:i"); $c_date = date("Y-m-d H:i");
$student_id = $_SESSION["user_student_id"]; $student_id = $_SESSION["user_student_id"];
if (!empty($_GET["id"])) { if(!empty($_GET["id"]))
$id = $_GET["id"]; {
$url = $_GET["url"]; $id = mysqli_real_escape_string($con, $_GET["id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$result1 = mysqli_query($con," SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and Deadline > '$c_date' ORDER by Lab_Report_ID DESC"); $result1 = mysqli_query($con," SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and Deadline > '$c_date' ORDER by Lab_Report_ID DESC");
if (mysqli_num_rows($result1) == 0) { if(mysqli_num_rows($result1) == 0)
{
echo "No active assignments for this course so far."; echo "No active assignments for this course so far.";
} else { } else {
while($row = mysqli_fetch_assoc($result1)) { while($row = mysqli_fetch_assoc($result1)) {
@ -44,12 +48,14 @@ include 'Header.php';
$_SESSION["Group_ID"] = $row['Course_Group_id']; $_SESSION["Group_ID"] = $row['Course_Group_id'];
} }
if ($_SESSION["Group_ID"] < 1) { if($_SESSION["Group_ID"] < 1)
{
echo" <center><h3> This Lab report can only be submitted by Group Admin </h3> </center> "; echo" <center><h3> This Lab report can only be submitted by Group Admin </h3> </center> ";
return; return;
} }
} }
$full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>"; $full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
if($att2!=""){ if($att2!=""){
@ -80,6 +86,9 @@ include 'Header.php';
</div> </div>
<div style="width:80%;margin:auto;"> <div style="width:80%;margin:auto;">
<h3> Submit Lab Report Assignment </h3> <h3> Submit Lab Report Assignment </h3>
@ -88,7 +97,8 @@ include 'Header.php';
<div class="col-md-6"> <div class="col-md-6">
<form method='post' enctype='multipart/form-data' action='Script.php' id="submit_lab_report_form">
<form method='post' enctype='multipart/form-data' action='Script.php'>
<input type='hidden' name='frm_submitlab' value='true' required=''/> <input type='hidden' name='frm_submitlab' value='true' required=''/>
<input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/> <input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/>
<input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/> <input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/>
@ -96,10 +106,10 @@ include 'Header.php';
<input type='hidden' name='url' value='<?php echo $url; ?>' required=''/> <input type='hidden' name='url' value='<?php echo $url; ?>' required=''/>
Title Title
<input type='text' name='title' placeholder='Ttle' class='form-control' required='' id="title"> <input type='text' name='title' placeholder='Ttle' class='form-control' required=''>
Attachment 1 Attachment 1
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required='' id="attachment1"> <input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
Attachment 2 Attachment 2
<input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'> <input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
@ -115,7 +125,7 @@ include 'Header.php';
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' > <input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
<br> <br>
<input type='submit' class='btn btn-primary' value='Submit Lab Assignment' id="submit_lab_assignment_btn"><br> <input type='submit' class='btn btn-primary' value='Submit Lab Assignment'><br>
</form> </form>
</div> </div>