mrlan
/
LRR
3
0
Fork 2
Code Issues Pull Requests 7 Projects Releases Wiki Activity

Bug430-Eden2 #62

Closed
eden wants to merge 151 commits from Bug430-Eden2 into master
pull from: Bug430-Eden2
merge into: mrlan:master
Conversation 0 Commits 151 Files Changed 34
34 changed files with 2224 additions and 3870 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
.DS_Store vendored
View File

Binary file not shown.

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
.vscode .vscode
.DS_Store

554
Admin.php
View File

@ -1,293 +1,261 @@
<?php <?php
include 'NoDirectPhpAcess.php'; include 'NoDirectPhpAcess.php';
?> ?>
<?php <?php
$page = "admin"; $page = "admin";
include 'Header.php'; include 'Header.php';
?> ?>
<?php <?php
// Only Lecturer or Admin could access this page // Only Lecturer or Admin could access this page
if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") { if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
die("Sorry. Nothing to see here."); die("Sorry. Nothing to see here.");
} }
?> ?>
<div class="container">
<style>
.col-md-4 {
border-right: 1px solid skyblue; <br>
} <h1 class="display-6"> Administration panel </h1>
</style>
<hr>
<br> <div class="row">
<div style="width: 80%;margin: auto;">
<h2> Administration Panel </h2> <div class="col-md-6">
</div>
<!-- Nav tabs -->
<hr> <ul class="nav nav-tabs" id="myTab">
<div class="row" style="width: 80%;margin: auto;">
<li class="nav-item">
<!--<h4>General system Settings</h4><hr> <a class="nav-link active" href="#tab-student-accounts" id="batch_tab">Create student accounts</a>
<a href="" class="btn btn-lg btn-primary">View System Log </a> </li>
<hr>
Lab Privacy Mode: (STUDENT VERIFICATION) <li class="nav-item">
<hr> <a class="nav-link" href="#tab-ins-accounts">Create instructor account</a>
--> </li>
<div class="col-md-6">
<li class="nav-item">
<?php <a class="nav-link" href="#tab-existing-accounts" id="existing_accounts_tab">Existing accounts</a>
if ($_SESSION['user_type'] == "Lecturer") { </li>
</ul>
echo " <h4> TA Account Management </h4>
<hr> " ; <!-- Tab panes -->
echo "<b>TA Accounts </b><br>" ; <div class="tab-content">
}
else if($_SESSION['user_type'] == "Admin"){ <!-- code contributed by Xu Xiaopeng (https://github.com/xxp1999) -->
echo " <h4> Lecturer Account Management </h4> <div id="tab-student-accounts" class="tab-pane active" style="margin-top:5px">
<hr> "; <p class="text-muted">Copy & paste student number to the following box, and separate two student numbers with a space.</p>
echo "<b>Lecturer Accounts </b><br>"; <form action="batch_insert.php" method="post" id="batch_form">
} <textarea cols="60" rows="16" name="users" required=""></textarea>
<button type="submit" class="btn btn-primary" id="register_btn">Register students</button>
?> </form>
</div>
<div class="container">
<div id="tab-ins-accounts" class="tab-pane"><br>
<!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist"> <?php
if ($_SESSION['user_type'] == "Lecturer") {
<li class="nav-item"> echo "<p class=\"text-muted\">Create TA Accounts</p>";
<a class="nav-link active" data-toggle="tab" href="#home">Create New Account</a> }
</li> else if($_SESSION['user_type'] == "Admin"){
echo "<p class=\"text-muted\">Create Lecturer Accounts</p>";
<li class="nav-item"> }
<a class="nav-link" data-toggle="tab" href="#menu2" id="batch_tab">Batch Create New Student Accounts</a>
</li> ?>
<form method="post" action="Script.php" id="create_account_form">
<li class="nav-item"> <input type="hidden" name="form_createlecturrer" value="true" required="" />
<a class="nav-link" data-toggle="tab" href="#menu1" id="existing_accounts_tab">Existing Accounts</a> Full name
</li> <input type="text" name="fullname" placeholder="Full Name" class="form-control" required=""> <br>
Email
</ul> <input type="text" name="email" placeholder="Email / Student Number" class="form-control" required=""> <br>
Passport No. (used as the initial password)
<!-- Tab panes --> <input type="text" class="form-control" name="passport" placeholder="Passport No" required=""> <br>
<div class="tab-content"> User type:
<?php
<div id="home" class="container tab-pane active"><br> if ($_SESSION['user_type'] == "Lecturer") {
echo ' <input type="radio" name="type" value="TA" required="" id="role_TA"> TA (Teaching Assistant) ';
<?php } else if ($_SESSION['user_type'] == "Admin"){
if ($_SESSION['user_type'] == "Lecturer") { echo " <input type='radio' name='type' value='Lecturer' required='' id='role_lecturer'> Lecturer ";
}
echo "<b>Create TA Accounts </b>"; ?>
<br><br>
} <button type="submit" class="btn btn-primary" id="create_btn">Create</button>
else if($_SESSION['user_type'] == "Admin"){
echo "<b>Create Lecturer Accounts </b>"; <?php
} error_reporting(E_ALL);
if (isset($_SESSION['info_Admin_Users'])) {
?> echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>';
<form method="post" action="Script.php" id="create_account_form"> $_SESSION['info_Admin_Users'] = null;
<input type="hidden" name="frm_createlecturrer" value="true" required="" /> }
Full Name if (isset($_SESSION['info_Admin_Users'])) {
<input type="text" name="fullname" placeholder="Full Name" class="form-control" required=""> echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>';
Email $_SESSION['info_Admin_Users'] = null;
<input type="text" name="email" placeholder="Email / Student Number" class="form-control" required=""> }
?>
Passport Number / ID (Used as Initial Password)
<input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required=""> </form>
<br> User Type :
</div>
<?php
if ($_SESSION['user_type'] == "Lecturer") { <div id="tab-existing-accounts" class="tab-pane"><br>
echo ' <input type="radio" name="type" value="TA" required="" id="role_TA"> TA (Teaching Assistant) '; <table class="table" style="font-size: 10pt;">
<tr style="font-size:10pt;">
} <th>ID</th>
else if($_SESSION['user_type'] == "Admin"){ <th>Name</th>
<th>Email</th>
echo " <input type='radio' name = 'type' value = 'Lecturer' required = '' id='role_lecturer' > Lecturer "; <th>Passport / ID </th>
<th>Reset password </th>
} <th>Block/Activate </th>
</tr>
?> <?php
<input type="submit" class="btn btn-primary" value="Create" id="create_btn"><br> if ($_SESSION['user_type'] == "Lecturer") {
<?php $result = mysqli_query(
$con,
error_reporting(E_ALL); "SELECT * FROM users_table WHERE UserType in ('TA')"
if (isset($_SESSION['info_Admin_Users'])) { );
echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>'; }
$_SESSION['info_Admin_Users'] = null;
} else if ($_SESSION['user_type'] == "Admin"){
if (isset($_SESSION['info_Admin_Users'])) { $result = mysqli_query(
echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Admin_Users'] . '</div>'; $con,
$_SESSION['info_Admin_Users'] = null; "SELECT * FROM users_table WHERE UserType in ('Lecturer')"
} );
}
?>
while ($row = mysqli_fetch_assoc($result)) {
</form> $pass = $row['Passport_Number'];
$btn = "<button class='btn btn-warning' onclick=\"updatePassword(" . $row['User_ID'] . ",'$pass')\">Reset</button>";
<hr> if ($row['Status'] == "Active") {
$newstatus = "Blocked";
</div> $btnBlock = "<button class='btn btn-danger' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"block_account_1\">Block</button>";
} else {
<div id="menu1" class="container tab-pane fade"><br> $newstatus = "Active";
$btnBlock = "<button class='btn btn-success' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"activate_account_1\">Activate</button>";
<table class="table-bordered" style="font-size: 10pt;"> }
<tr style="font-size:10pt;">
<th>ID</th> echo "<tr><td>" . $row['User_ID'] . "</td><td>" . $row['Full_Name'] . "</td><td>" . $row['Email'] . "</td> <td>" . $row['Passport_Number'] . "</td><td>$btn</td><td>$btnBlock</td></tr>";
<th>Name</th> }
<th>Email</th> ?>
<th>Passport / ID </th> </table>
<th>Reset Password </th> </div>
<th>Block/Activate </th>
</tr> </div>
<?php
</div>
if ($_SESSION['user_type'] == "Lecturer") {
<div class="col-md-6">
$result = mysqli_query(
$con, <ul class="nav nav-tabs" id="myTab">
"SELECT * FROM Users_Table WHERE UserType in ('TA')" <li class="nav-item">
); <a class="nav-link active" href="#tab-existing-courses" id="existing_courses">Existing courses</a>
} </li>
</ul>
else if($_SESSION['user_type'] == "Admin"){
$result = mysqli_query( <div id="tab-existing-courses" class="tab-pane active"><br>
$con,
"SELECT * FROM Users_Table WHERE UserType in ('Lecturer')" <p class="text-muted"> Past courses </p>
);
} <table class="table" style="font-size: 10pt;">
<tr>
while ($row = mysqli_fetch_assoc($result)) { <th>Course name</th>
$pass = $row['Passport_Number']; <th>Faculty</th>
$btn = "<button class='btn-primary' onclick=\"updatePass(" . $row['User_ID'] . ",'$pass')\">Reset</button>"; <th>Lecturer</th>
if ($row['Status'] == "Active") { <th>TAs</th>
$newstatus = "Blocked"; <th>Assign a new TA </th>
$btnBlock = "<button class='btn-danger' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"block_account_1\">Block</button>"; </tr>
} else {
$newstatus = "Active"; <?php
$btnBlock = "<button class='btn-success' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"activate_account_1\">Activate</button>"; $user_id = $_SESSION['user_id'];
} if ($_SESSION['user_type'] == 'Lecturer') {
$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `TA_User_ID`, `Course_Code`, `Full_Name` FROM courses_table INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID WHERE User_ID=$user_id ORDER BY Academic_Year DESC;");
echo "<tr><td>" . $row['User_ID'] . "</td><td>" . $row['Full_Name'] . "</td><td>" . $row['Email'] . "</td> <td>" . $row['Passport_Number'] . "</td><td>$btn</td><td>$btnBlock</td></tr>"; } else if ($_SESSION['user_type'] == 'Admin') {
} $result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `TA_User_ID`, `Course_Code`, `Full_Name` FROM courses_table INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID ORDER BY Academic_Year DESC;");
?> }
</table> if (mysqli_num_rows($result) != 0) {
$counter = 0;
</div> while ($row = mysqli_fetch_assoc($result)) {
$name = $row['Course_Name'];
<!-- code contributed by Xu Xiaopeng (https://github.com/xxp1999) --> $code = $row['Course_Code'];
$faculty = $row['Faculty'];
<div id="menu2" class="container tab-pane fade" style="margin-top:10px"> $lecturer = $row['Full_Name'];
<b>Separate two student numbers with a space.</b><br> $academic = $row['Academic_Year'];
<form action="batch_insert.php" method="post" id="batch_form"> $c_id = $row['Course_ID'];
<p> $counter += 1;
<textarea cols="80" rows="16" name="users" required=""></textarea>
</p> $resultTA = mysqli_query($con, "SELECT `Course_ID`, `TA`, users_table.Full_Name as TA_NAME FROM course_ta INNER JOIN users_table on users_table.User_ID=course_ta.TA where course_ta.Course_ID=$c_id");
<input type="submit" class="btn btn-primary" value="Register Students" id="register_btn"><br>
</form> $ta = "";
</div> while ($rowTA = mysqli_fetch_assoc($resultTA)) {
$ta = $ta . " " . $rowTA['TA_NAME'];
</div> }
</div>
echo "
</div> <tr> <td>$code - $name</td> <td>$faculty </td> <td>$lecturer</td><td>$ta</td> <td><form method='get' action='Script.php' id='drop_menu_form_$counter'> <select name='ta' class=''>";
<div class="col-md-6"> $resultx = mysqli_query($con, "SELECT * FROM users_table WHERE UserType='TA'");
if (mysqli_num_rows($resultx) == 0) {
<div class="container"> } else {
<!-- Nav tabs --> while ($row = mysqli_fetch_assoc($resultx)) {
<ul class="nav nav-tabs" role="tablist"> $id = $row['User_ID'];
<li class="nav-item"> $name = $row['Full_Name'];
<a class="nav-link active" data-toggle="tab" href="#menub" id="existing_courses">Existing Courses</a> echo "<option value='$id'> $name </option>";
</li> }
}
</ul>
echo "</select> <input type='hidden' name='assignTA' value='true'> <input type='hidden' name='id' value='$c_id'> <button class='btn btn-outline-secondary btn-sm' type='submit' id='assign_btn_$counter'>assign</button></form> </td></tr>
<!-- Tab panes --> ";
}
</div> }
?>
<div id="menub" class="container tab-pane active"><br>
</table>
<b> Existing Course Portals </b>
<hr> </div>
<table class="table-bordered" style="font-size: 10pt;">
<tr> </div>
<th>Course Name </th>
<th> Faculty </th> </div>
<th>Lecturer </th>
<th>TAs</th> </div>
<th>Assign new TA </th>
</tr> <?php include 'Footer.php';?>
<?php
$result = mysqli_query($con, "SELECT `Course_ID`, `Course_Name`, `Academic_Year`, `Faculty`, `Lecturer_User_ID`, `TA_User_ID`, `Course_Code`, `URL`, `Verify_New_Members` , users_table.Full_Name FROM `courses_table` INNER JOIN users_table ON users_table.User_ID=courses_table.Lecturer_User_ID"); <script>
if (mysqli_num_rows($result) == 0) { function updatePassword(id, pass) {
} else { if (!confirm('Are you sure to reset user password?')) {
$counter = 0; return;
while ($row = mysqli_fetch_assoc($result)) { }
$name = $row['Course_Name'];
$code = $row['Course_Code']; window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
$faculty = $row['Faculty']; }
$lecturer = $row['Full_Name'];
$academic = $row['Academic_Year']; function blockUser(id, status) {
$c_id = $row['Course_ID']; if (!confirm('Are you sure to change user status?')) {
$counter += 1; return;
}
$resultTA = mysqli_query($con, "SELECT `Course_ID`, `TA`,users_table.Full_Name as TA_NAME FROM `course_ta` window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status;
INNER JOIN users_table on users_table.User_ID=course_ta.TA }
where course_ta.Course_ID=$c_id");
/* For tabs to work */
$ta = ""; const triggerTabList = document.querySelectorAll('#myTab a')
while ($rowTA = mysqli_fetch_assoc($resultTA)) { triggerTabList.forEach(triggerEl => {
$ta = $ta . " - " . $rowTA['TA_NAME']; const tabTrigger = new bootstrap.Tab(triggerEl)
} triggerEl.addEventListener('click', event => {
event.preventDefault()
echo " tabTrigger.show()
<tr> <td>$code - $name</td> <td>$faculty </td> <td>$lecturer</td><td>$ta</td> <td><form method='get' action='Script.php' id='drop_menu_form_$counter'> <select name='ta' class=''>"; })
})
$resultx = mysqli_query($con, "SELECT * FROM Users_Table WHERE UserType='TA'");
if (mysqli_num_rows($resultx) == 0) { </script>
} else {
while ($row = mysqli_fetch_assoc($resultx)) {
$id = $row['User_ID']; </body>
$name = $row['Full_Name']; </html>
echo "<option value='$id'> $name </option>";
}
}
echo "</select> <input type='hidden' name='assignTA' value='true'> <input type='hidden' name='id' value='$c_id'> <input type='submit' value='assign' id='assign_btn_$counter'></form> </td></tr>
";
}
} ?>
</table>
</div>
</div>
</div>
<script>
function updatePass(id, pass) {
if (!confirm('Are you to Reset User Password')) {
return;
}
window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
}
function blockUser(id, status) {
if (!confirm('Are you to change User Status')) {
return;
}
window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status;
}
</script>

1412
Course.php
View File

File diff suppressed because it is too large Load Diff

1204
Courses.php
View File

File diff suppressed because it is too large Load Diff

2
Download.php
View File

@ -25,7 +25,7 @@ $type = filetype($file);
$today = date("F j, Y, g:i a"); $today = date("F j, Y, g:i a");
$time = time(); $time = time();
if ((isset($_SESSION["user_student_id"]) && strpos($file, $_SESSION["user_student_id"]) > 0) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA" ) { if ((isset($_SESSION["user_student_id"]) && (strpos($file, $_SESSION["user_student_id"]) > 0 || strpos($file, "Lab_Report_Assignments"))) || $_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "TA" ) {
// 发送文件头部 // 发送文件头部
header("Content-type: $type"); header("Content-type: $type");
header('Content-Disposition: attachment;filename="'.urldecode($filename).'"'); header('Content-Disposition: attachment;filename="'.urldecode($filename).'"');

7
Footer.php
View File

@ -1,4 +1,3 @@
<br><br><br><br><br><br><br><br><br> <?php
<div style="background-color:white;width:100%di"> echo "<p id='myfooter' class='text-center'>Copyright &copy; 2018-" . date("Y") . " The Authors</p>";
?>
</div>

280
Header.php
View File

@ -8,170 +8,188 @@ $con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
// Check database connection // Check database connection
if (mysqli_connect_errno()) { if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error(); echo "Failed to connect to MySQL: " . mysqli_connect_error();
} }
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
<html> <html lang="en-US">
<head> <head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>LRR</title>
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css" /> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-4bw+/aepP/YC94hEpVNVgiZdgIC5+VKNBQNGCHeKRQN+PtmoHDEXuppvnDJzQIu9" crossorigin="anonymous">
<link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" /> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/bootstrap.bundle.min.js" integrity="sha384-HwwvtgBNo3bZJJLYd8oVXjrBZt8cqVSpeBNS5n7C8IVInixGAoxmnlMuBnhbgrkm" crossorigin="anonymous"></script>
<link href="./css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<!-- *this css file can be used across all the websites
and any new css class can be added there.
* The reason is to make the css code reusable.
* the css file is used by submissions.php
-->
<link href = "./css/main.css" rel = "stylesheet" type = "text/css" />
<script src="./css/jquery.min.js" type="text/javascript"></script> <link href="./font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" />
<script src="./css/bootsrap.min.js" type="text/javascript"></script> <!-- *this css file can be used across all the websites
<script src="./css/jquery.datetimepicker.min.js" type="text/javascript"></script> and any new css class can be added there.
* The reason is to make the css code reusable.
* the css file is used by submissions.php
-->
<link href = "./css/main.css" rel="stylesheet" type="text/css" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js" integrity="sha512-3gJwYpMe3QewGELv8k/BX9vcqhryRdzRMxVfq6ngyWXwo03GFEzjsUm8Q7RZcHPHksttq7/GFoxjCVUjkjvPdw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script src="./css/jquery.datetimepicker.min.js" type="text/javascript"></script>
</head> <style>
<body> .btn-default {
border: 2px solid #f8f8f8;
width: 100%;
text-align: left;
margin: 4px auto;
}
<nav class="navbar navbar-expand-lg navbar-dark bg-dark" style="padding-left:150px;padding-right:150px;margin:auto;"> .btn-default:hover {
<a class="navbar-brand" href="~\..\index.php"> <img src="logo.png" style="width:30px;height:30px;"> LRR </a> background: #f8f8f8;
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarColor02" aria-controls="navbarColor02" aria-expanded="false" aria-label="Toggle navigation"> }
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarColor02"> h1,
<ul class="navbar-nav mr-auto"> h2,
<li class="nav-item active"> h3,
h4 {
color: #03407B;
}
<li class="nav-item active"> a {
<!-- <a class='nav-link' href='~\..\Visitors.php'> <i class='fa fa-globe'></i> Visitor Portal <span class='sr-only'>(current)</span></a> --> color: #03407B;
</li> }
<?php
if (isset($_SESSION["user_fullname"])) {
echo " <a class='nav-link' href='~\..\Courses.php'><i class='fa fa-book'></i> Courses <span class='sr-only'>(current)</span></a>"; .break-word {
?> word-wrap: break-word;
</li> white-space: -moz-pre-wrap !important;
</ul> /* Mozilla, since 1999 */
<form class="form-inline my-2 my-lg-0" style="color:#fff;"> white-space: -pre-wrap;
Welcome &nbsp; <b> <?php echo $_SESSION['user_fullname']; ?> </b> &nbsp; /* Opera 4-6 */
white-space: -o-pre-wrap;
/* Opera 7 */
white-space: pre-wrap;
/* css-3 */
word-wrap: break-word;
/* Internet Explorer 5.5+ */
white-space: -webkit-pre-wrap;
/* Newer versions of Chrome/Safari*/
word-break: break-all;
white-space: normal;
}
<?php .ui-widget-content.ui-dialog {
$c_date = date("Y-m-d H:i"); border: 2px solid #03488B;
if (isset($_SESSION['user_student_id']))
echo "(" . $_SESSION['user_type'] . " - " . $_SESSION['user_student_id'] . ") ";
else
echo "(" . $_SESSION['user_type'] . ") ";
?>
<?php }
if ($_SESSION['user_type'] == "Lecturer") {
echo "&nbsp;&nbsp;&nbsp; <i class=\"fa fa-cog\" style=\"color:#fff;\"> </i> &nbsp;<a style='color:#fff !important' href=\"~\..\Admin.php\" id=\"admin_tab\">Admin </a>";
}
?>
&nbsp;&nbsp;&nbsp; <i class="fa fa-user" style="color:#fff;"> </i> .ui-dialog>.ui-widget-header {
&nbsp;<a href="#" style='color:#fff !important' onclick="updatePass(<?php echo $_SESSION['user_id']; ?>)">Update password</a> background: #03488B;
&nbsp;&nbsp;&nbsp; <i class="fa fa-lock" style="color:#fff;"> </i> &nbsp;<a style='color:#fff !important' href="~\..\logout.php">Logout </a> color: white
}
<?php .ui-button {
} background: #03488B;
?> color: white
</form> }
</div>
</nav>
<style>
.nav-item { .ui-dialog-titlebar-close::before {
border-color: #00ff66; content: "X";
position: absolute;
top: 1px;
left: 3px;
line-height: 1rem;
} }
.nav-tabs { #footer{
border-color: #00ff66; position:fixed;
} bottom:0;
left:0;
text-align:center;
width:100%;
}
.btn-default { .form-control{
border: 2px solid #00ff66; padding-top: 1px;
width: 100%; padding-bottom:1px;
text-align: left; }
margin: 3px auto;
font-weight: bold;
font-size: 13pt;
}
.table-bordered {
padding: 5px !important;
}
.alert { </style>
font-weight: bold;
}
h1, </head>
h2,
h3,
h4 {
color: #03407B;
}
a { <body>
color: #03407B;
}
.break-word { <nav class="navbar navbar-expand-lg bg-body-tertiary" style="padding-left:180px;padding-right:150px;margin:auto;">
word-wrap: break-word; <div class="container-fluid">
white-space: -moz-pre-wrap !important;
/* Mozilla, since 1999 */
white-space: -pre-wrap;
/* Opera 4-6 */
white-space: -o-pre-wrap;
/* Opera 7 */
white-space: pre-wrap;
/* css-3 */
word-wrap: break-word;
/* Internet Explorer 5.5+ */
white-space: -webkit-pre-wrap;
/* Newer versions of Chrome/Safari*/
word-break: break-all;
white-space: normal;
}
.ui-widget-content.ui-dialog { <a class="navbar-brand" href="~\..\index.php"> <img src="logo.png" style="width:30px;height:30px;" alt="LRR Logo"> LRR </a>
border: 2px solid #03488B;
} <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNavAltMarkup" aria-controls="navbarNavAltMarkup" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
.ui-dialog>.ui-widget-header { <div class="collapse navbar-collapse" id="navbarNavAltMarkup">
background: #03488B; <div class="navbar-nav">
color: white
}
.ui-button { <a class="nav-link" href="#">
background: #03488B; <?php
color: white if (isset($_SESSION["user_fullname"])) {
} echo "<b>" . $_SESSION['user_fullname'] . "</b>";
</style> }
?>
<script> &nbsp;
function updatePass(id) {
var pass = prompt("Enter your new password : ", "Enter a strong password"); <?php
$c_date = date("Y-m-d H:i");
if (isset($_SESSION['user_student_id']))
echo "(" . $_SESSION['user_type'] . " ID: " . $_SESSION['user_student_id'] . ") ";
elseif (isset($_SESSION['user_type']))
echo "(" . $_SESSION['user_type'] . ") ";
?>
</a>
if (!confirm('Are you sure you want to reset your password?')) { <?php
return; if (isset($_SESSION["user_fullname"])) {
} if ($_SESSION['user_type'] == "Student" || $_SESSION['user_type'] == 'Lecturer') {
echo "<a class='nav-link' href='~\..\Courses.php'><i class='fa fa-book'></i> My courses </a>";
}
?>
window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
}
function blockUser(id, status) { <?php
if (!confirm('Are you sure you want to change user status?')) { if ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == 'Admin') { // Show Admin link
return; echo "&nbsp;&nbsp;&nbsp;&nbsp;<a class='nav-link' href=\"~\..\Admin.php\" id=\"admin_tab\"><i class='fa fa-cog'></i>Admin</a>";
} }
window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status; ?>
}
</script> &nbsp;&nbsp;&nbsp;&nbsp;
<a class="nav-link" href="#" onclick="updatePass(<?php echo $_SESSION['user_id']; ?>)"><i class="fa fa-user"> </i> Update password</a>
&nbsp;&nbsp;&nbsp;&nbsp;
<a class="nav-link" href="~\..\logout.php"><i class="fa fa-lock"> </i> Logout</a>
<?php
} // Closing this conditional test block: if (isset($_SESSION["user_fullname"])) { ...
?>
</div>
</div>
</div>
</nav>
<script>
function updatePass(id) {
const pass = prompt("Enter your new password : ", "Enter a strong password");
if (!confirm('Are you sure you want to reset your password?')) {
return;
}
window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
}
</script>

10
NoDirectPhpAcess.php
View File

@ -1,7 +1,7 @@
<?php <?php
// https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file // https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file
if (!isset($_SERVER['HTTP_REFERER']) ) { if (!isset($_SERVER['HTTP_REFERER']) ) {
/* choose the appropriate page to redirect users */ /* choose the appropriate page to redirect users */
die( header( 'location: logout.php' ) ); die( header( 'location: logout.php' ) );
} }
?> ?>

29
README.md
View File

@ -27,8 +27,8 @@ LRR needs Apache and MySQL to run. I followed [How To Install Linux, Apache, My
LRR uses a database called `lrr`. So create this database using MySQL root account. Open MySQL's prompt using `sudo mysql`. Create the database using command `CREATE DATABASE lrr;`, and grant all privileges to MySQL user `lrr` using command `GRANT ALL PRIVILEGES ON lrr.* TO 'mnc'@'localhost' WITH GRANT OPTION;`. If MySQL user mnc does not exist, create it using command `CREATE USER 'mnc'@'localhost' IDENTIFIED BY 'password'`. LRR uses a database called `lrr`. So create this database using MySQL root account. Open MySQL's prompt using `sudo mysql`. Create the database using command `CREATE DATABASE lrr;`, and grant all privileges to MySQL user `lrr` using command `GRANT ALL PRIVILEGES ON lrr.* TO 'mnc'@'localhost' WITH GRANT OPTION;`. If MySQL user mnc does not exist, create it using command `CREATE USER 'mnc'@'localhost' IDENTIFIED BY 'password'`.
To facilitate data migration, I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server. To facilitate data migration, I need to export the existing `lrr` to a plain text file (including many sql commands) and import that text file to the newly created `lrr` database on the new server.
The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.txt`, where mnc after -u is MySQL's username, and lrr after -p is the database name. The command for exporting the database is `mysqldump -u mnc -p lrr > lrr_database_dump.sql`, where mnc after -u is MySQL's username, and lrr after -p is the database name.
The command for importing is `mysql -u mnc -p lrr < lrr_database_dump.txt`. Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail. Do not have lrr_database_dump.txt? You can use lrr_database.sql in this repo instead. The command for importing is `mysql -u username -p lrr < lrr_database_dump.sql`. You must create database `lrr` first on your computer before doing the import. Read [How to Import and Export MySQL Databases in Linux](https://phoenixnap.com/kb/import-and-export-mysql-database) for more detail. Do not have lrr_database_dump.sql? You can use lrr_database.sql in this repo instead.
LRR also needs to store assignment submissions. We store them in a folder called `../../lrr_submission`. Note that `lrr_submission` is two levels above the project folder (where many PHP files reside). I copied this folder from the existing one. I think it is also OK if you create an empty folder. LRR also needs to store assignment submissions. We store them in a folder called `../../lrr_submission`. Note that `lrr_submission` is two levels above the project folder (where many PHP files reside). I copied this folder from the existing one. I think it is also OK if you create an empty folder.
We need to set a proper owner and accessibility for `lrr_submission` using the following two commands: We need to set a proper owner and accessibility for `lrr_submission` using the following two commands:
@ -51,6 +51,31 @@ Enable the site lrr: `sudo a2ensite lrr`. Restart the apache server: `sudo syst
Visit the LRR application by entering this URL in a web browser: http://121.4.94.30/. Visit the LRR application by entering this URL in a web browser: http://121.4.94.30/.
### Solving the coding problems in the dump file
If the database contains Chinese characters, the dump file (e.g., lrr_database_dump.sql) may contain *weird* characters, e.g., `研究生`, so weird that no one can tell their meaning.
We need to correct these abnormal characters before we import them to the new database, so that the PHP program can correctly display Chinese information.
The simplest solution is using the ftfy (fixes text for you) Python package to convert them, as follows:
```
from ftfy import fix_text
with open('lrr_database_dump.sql') as f:
content = f.read()
content2 = fix_text(content)
with open('lrr_database_dump_sql_fixed.txt', 'w') as f:
f.write(content2)
```
Now, import data using lrr_database_dump_sql_*fixed*.txt.
If you encounter the 'Unknown MySQL server host' problem during import, replace all apostrophes with a space in the dump file. For example, if a database table field contains *can't*, then the apostrophe between *n* and *t* can cause that problem.
## Enock steps ## Enock steps
Enock, a graduate student here, has made a tutorial about how he deployed LRR to a remote server (http://lanlab.org/course/2021s/spm/PuTTY-Server.txt). Enock, a graduate student here, has made a tutorial about how he deployed LRR to a remote server (http://lanlab.org/course/2021s/spm/PuTTY-Server.txt).

49
Reset_password.php
View File

@ -1,49 +0,0 @@
<?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
include 'Header.php';
$token = htmlspecialchars($_GET['token']);
$email = htmlspecialchars($_GET['email']);
?>
<div class="row">
<div class="col-md-4 list-group" style="margin:auto;">
<br>
<h4 class="list-group-item active"> Reset your password </h4>
<div class="list-group-item">
<div class="panel-body">
<form method="post" action="Script.php" >
<input type="hidden" name="frm_reset_password" value="true"/>
<input type="hidden" name="token" value="<?php echo $token ?>"/>
Email
<input type="text" name="email" readonly="" placeholder="Enter your Email" class="form-control" value="<?php echo $email; ?>">
<br>
New Password
<input type="password" name="password" placeholder="Enter your new Password" class="form-control" value="">
<br>
<input type="submit" class="btn btn-primary" value="Reset">
<br>
<?php
?>
</form>
</div>
</div>
</div>
</div>
</form>
</div>
</div>

48
Script.php
View File

@ -126,7 +126,7 @@ if (!empty($_POST["form_signup"])) {
// ################################ LOGIN ##################################### // ################################ LOGIN #####################################
if (!empty($_POST["frm_login"])) { if (!empty($_POST["form_login"])) {
$user = mysqli_real_escape_string($con, $_POST["user"]); // user could be a 12-digit student number or an email address $user = mysqli_real_escape_string($con, $_POST["user"]); // user could be a 12-digit student number or an email address
$is_student_number = 0; $is_student_number = 0;
@ -187,7 +187,7 @@ if (!empty($_POST["frm_login"])) {
// ################################ Recover Password ##################################### // ################################ Recover Password #####################################
if (!empty($_POST["frm_recover_password"])) { if (!empty($_POST["form_recover_password"])) {
$student_id = mysqli_real_escape_string($con, $_POST["sno"]); $student_id = mysqli_real_escape_string($con, $_POST["sno"]);
$email = mysqli_real_escape_string($con, $_POST["email"]); $email = mysqli_real_escape_string($con, $_POST["email"]);
@ -220,7 +220,7 @@ if (!empty($_POST["frm_recover_password"])) {
// ################################ RESET Password ##################################### // ################################ RESET Password #####################################
if (!empty($_POST["frm_reset_password"])) { if (!empty($_POST["form_reset_password"])) {
$password = mysqli_real_escape_string($con, $_POST["password"]); $password = mysqli_real_escape_string($con, $_POST["password"]);
$token = mysqli_real_escape_string($con, $_POST["token"]); $token = mysqli_real_escape_string($con, $_POST["token"]);
$email = mysqli_real_escape_string($con, $_POST["email"]); $email = mysqli_real_escape_string($con, $_POST["email"]);
@ -264,7 +264,7 @@ if (!empty($_POST["frm_reset_password"])) {
} }
// ############################### CREATE Lecturer/TA USER ################################## // ############################### CREATE Lecturer/TA USER ##################################
if (!empty($_POST["frm_createlecturrer"])) { if (!empty($_POST["form_createlecturrer"])) {
$email = mysqli_real_escape_string($con, $_POST["email"]); $email = mysqli_real_escape_string($con, $_POST["email"]);
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]); $fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
$type = mysqli_real_escape_string($con, $_POST["type"]); $type = mysqli_real_escape_string($con, $_POST["type"]);
@ -340,7 +340,7 @@ function mkdirs($path)
} }
// ############################### #Post Assignment ################################## // ############################### #Post Assignment ##################################
if (!empty($_POST["frm_uploadlab"])) { if (!empty($_POST["form_uploadlab"])) {
$course_id = mysqli_real_escape_string($con, $_POST["course_id"]); $course_id = mysqli_real_escape_string($con, $_POST["course_id"]);
$deadlinedate = $_POST["deadlinedate"]; $deadlinedate = $_POST["deadlinedate"];
@ -357,7 +357,7 @@ if (!empty($_POST["frm_uploadlab"])) {
// GET UPLOADED FILES // GET UPLOADED FILES
$target_dir = Create_dir("Lab_Report_Assignments/" . $title . "/"); $target_dir = Create_dir("./../../lrr_submission/Lab_Report_Assignments/$course_id/" . $title . "/");
$rnd = rand(10, 1000); $rnd = rand(10, 1000);
$rnd = ""; // no more required , creating folder for each lab $rnd = ""; // no more required , creating folder for each lab
@ -416,16 +416,16 @@ if (!empty($_POST["frm_uploadlab"])) {
$targetfile4 = ""; $targetfile4 = "";
if ($_FILES['attachment1']['name'] != "") { if ($_FILES['attachment1']['name'] != "") {
$targetfile = "/" . $title . "/" . $_FILES['attachment1']['name']; $targetfile = "/Lab_Report_Assignments/$course_id/" . $title . "/" . $_FILES['attachment1']['name'];
} }
if ($_FILES['attachment2']['name'] != "") { if ($_FILES['attachment2']['name'] != "") {
$targetfile2 = "/" . $title . "/" . $_FILES['attachment2']['name']; $targetfile2 = "/Lab_Report_Assignments/$course_id" . $title . "/" . $_FILES['attachment2']['name'];
} }
if ($_FILES['attachment3']['name'] != "") { if ($_FILES['attachment3']['name'] != "") {
$targetfile3 = "/" . $title . "/" . $_FILES['attachment3']['name']; $targetfile3 = "/Lab_Report_Assignments/$course_id" . $title . "/" . $_FILES['attachment3']['name'];
} }
if ($_FILES['attachment4']['name'] != "") { if ($_FILES['attachment4']['name'] != "") {
$targetfile4 = "/" . $title . "/" . $_FILES['attachment4']['name']; $targetfile4 = "/Lab_Report_Assignments/$course_id" . $title . "/" . $_FILES['attachment4']['name'];
} }
$sql = "INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, $sql = "INSERT INTO `lab_reports_table`(`Course_ID`, `Posted_Date`, `Deadline`, `Instructions`,
@ -434,7 +434,7 @@ if (!empty($_POST["frm_uploadlab"])) {
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_courses"] = $type . " lab report assignment posted successfully."; $_SESSION["info_courses"] = $type . " lab report assignment posted successfully. ";
header("Location: Courses.php?course=" . $url); header("Location: Courses.php?course=" . $url);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -452,7 +452,7 @@ function checksize($file)
} }
// ############################### Submit Assignment ################################## // ############################### Submit Assignment ##################################
if (!empty($_POST["frm_submitlab"])) { if (!empty($_POST["form_submitlab"])) {
$lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]); $lab_id = mysqli_real_escape_string($con, $_POST["lab_id"]);
$student_id = $_POST["student_id"]; $student_id = $_POST["student_id"];
@ -585,7 +585,7 @@ if (!empty($_POST["frm_submitlab"])) {
$con->query($sql = "UPDATE `lab_report_submissions` SET `Course_Group_id` = '0' WHERE `lab_report_submissions`.`Lab_Report_ID` = '$lab_id'"); $con->query($sql = "UPDATE `lab_report_submissions` SET `Course_Group_id` = '0' WHERE `lab_report_submissions`.`Lab_Report_ID` = '$lab_id'");
} }
$_SESSION["info_courses"] = "Thanks. Your lab report assignment is submitted successfully."; $_SESSION["info_courses"] = "Thanks. You have successfully submitted your assignment.";
header("Location: Course.php?url=" . $url); header("Location: Course.php?url=" . $url);
} else { } else {
echo "Error: <br>" . $con->error; echo "Error: <br>" . $con->error;
@ -648,7 +648,7 @@ if (!empty($_GET["savemarks"])) {
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_Marking"] = "Lab Report Submission Marked"; $_SESSION["info_Marking"] = "Assignment marked";
header("Location: Submissions.php?id=" . $labid . "&header=" . $header . "&total=" . $total); header("Location: Submissions.php?id=" . $labid . "&header=" . $header . "&total=" . $total);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -692,7 +692,7 @@ if (!empty($_GET["remarking"])) {
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = "Remarking Request Sent"; $_SESSION["info_general"] = "Remarking request sent";
header("Location: Course.php?url=" . $url); header("Location: Course.php?url=" . $url);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -815,7 +815,7 @@ if (!empty($_GET["acceptinvite"])) {
} }
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = " Group Invite Updated"; $_SESSION["info_general"] = " Group invitation status updated";
header("Location: Course.php?url=" . $url); header("Location: Course.php?url=" . $url);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -833,7 +833,7 @@ if (!empty($_GET["removemember"])) {
$sql = "Delete from `course_group_members_table` where student_id=$student_id and Course_Group_id=$group_id"; $sql = "Delete from `course_group_members_table` where student_id=$student_id and Course_Group_id=$group_id";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_general"] = " Member " . $student_id . " removed from the group"; $_SESSION["info_general"] = " Member " . $student_id . " is gone.";
header("Location: Course.php?url=" . $url); header("Location: Course.php?url=" . $url);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -867,7 +867,7 @@ if (!empty($_GET["extenddeadline"])) {
$time = mysqli_real_escape_string($con, $_GET["time"]); $time = mysqli_real_escape_string($con, $_GET["time"]);
$type = mysqli_real_escape_string($con, $_GET["type"]); $type = mysqli_real_escape_string($con, $_GET["type"]);
$stdid = mysqli_real_escape_string($con, $_GET["stdid"]); $studentid = mysqli_real_escape_string($con, $_GET["studentid"]);
$reason = mysqli_real_escape_string($con, $_GET["reason"]); $reason = mysqli_real_escape_string($con, $_GET["reason"]);
$url = mysqli_real_escape_string($con, $_GET["url"]); $url = mysqli_real_escape_string($con, $_GET["url"]);
$deadline = $date . " " . $time; $deadline = $date . " " . $time;
@ -877,12 +877,12 @@ if (!empty($_GET["extenddeadline"])) {
} else { } else {
$sql = "INSERT INTO `extended_deadlines_table`(`Student_ID`, " $sql = "INSERT INTO `extended_deadlines_table`(`Student_ID`, "
. "`Lab_Report_ID`, `Extended_Deadline_Date`," . "`Lab_Report_ID`, `Extended_Deadline_Date`,"
. " `ReasonsForExtension`) VALUES ('$stdid','$id','$deadline','$reason')"; . " `ReasonsForExtension`) VALUES ('$studentid','$id','$deadline','$reason')";
} }
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_courses"] = " Lab Report Deadline extended successfully."; $_SESSION["info_courses"] = " Assignment deadline extended successfully.";
header("Location: Courses.php?course=" . $url); header("Location: Courses.php?course=" . $url);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -903,7 +903,7 @@ if (!empty($_GET["ignoreremarking"])) {
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_Marking"] = "Remarking Request Ignored , Submission Updated to 'Marked' status"; $_SESSION["info_Marking"] = "Remarking request ignored.";
header("Location: Submissions.php?id=" . $id . "&header=" . $header . "&total=" . $total); header("Location: Submissions.php?id=" . $id . "&header=" . $header . "&total=" . $total);
} else { } else {
echo "Error: " . $sql . "<br>" . $con->error; echo "Error: " . $sql . "<br>" . $con->error;
@ -987,20 +987,19 @@ if (!empty($_GET["action"])) {
} }
} }
if ($action == "statuschange" && $_SESSION['user_id'] == $uid && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) { if ($action == "statuschange" && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) {
$sql = "UPDATE users_table set Status='$status' where User_ID='$uid';"; $sql = "UPDATE users_table set Status='$status' where User_ID='$uid';";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"] = $type . " user Status updated successfully "; $_SESSION["info_Admin_Users"] = $type . " user Status updated successfully ";
header("Location: Admin.php"); header("Location: Admin.php");
} else { } else {
// echo "Error: " . $sql . "<br>" . $con->error;
echo "Something really bad happened while changing status. Contact lanhui at zjnu.edu.cn. Thanks!"; echo "Something really bad happened while changing status. Contact lanhui at zjnu.edu.cn. Thanks!";
} }
} }
} }
// ############################### CREATE STUDENT USER ################################## // ############################### CREATE STUDENT USER ##################################
if (!empty($_POST["frm_createCourse"])) { if (!empty($_POST["form_createCourse"])) {
$name = mysqli_real_escape_string($con, $_POST["name"]); $name = mysqli_real_escape_string($con, $_POST["name"]);
$academic = mysqli_real_escape_string($con, $_POST["academic"]); $academic = mysqli_real_escape_string($con, $_POST["academic"]);
$lecturer = mysqli_real_escape_string($con, $_POST["lecturer"]); $lecturer = mysqli_real_escape_string($con, $_POST["lecturer"]);
@ -1096,3 +1095,4 @@ WHERE lab_report_submissions.Lab_Report_ID='$lab'";
header("Expires: 0"); header("Expires: 0");
print "$header\n$data"; print "$header\n$data";
} }
?>

29
Student.php
View File

@ -1,15 +1,14 @@
<?php <?php
$page = "student"; $page = "student";
include 'Header.php'; include 'Header.php';
?>
?>
<br><br><br>
<br><br><br>
<div class="row" style="width:80%;margin:auto;">
<div class="row" style="width:80%;margin:auto;">
<div class="col-md-6">
<div class="col-md-6"> <h1> Student account created. Now you can browse the course portal. </h1>
<h1> Student Account Created. Now you can Browse Course Portals </h1> </div>
</div>
</div>
</div>

346
Submissions.php
View File

@ -24,22 +24,26 @@ if (!empty($_GET["total"])) {
$total = 0; $total = 0;
} }
$resultx1 = mysqli_query($con, "SELECT `Lab_Report_ID`,Title, lab_reports_table.Course_ID, `Posted_Date`, `Deadline`, `Marks`, `Type` , courses_table.URL FROM `lab_reports_table` INNER JOIN courses_table ON courses_table.Course_ID=lab_reports_table.Course_ID WHERE Lab_Report_ID=$id"); $resultx1 = mysqli_query($con, "SELECT Lab_Report_ID, Title, lab_reports_table.Course_ID, Posted_Date, Deadline, Marks, Type, courses_table.URL
FROM lab_reports_table
INNER JOIN courses_table ON courses_table.Course_ID=lab_reports_table.Course_ID
WHERE Lab_Report_ID=$id");
while ($row = mysqli_fetch_assoc($resultx1)) { while ($row = mysqli_fetch_assoc($resultx1)) {
$Report_Type = $row['Type']; $report_type = $row['Type'];
$c_id = $row['Course_ID']; $c_id = $row['Course_ID'];
$Report_Title = $row['Title']; $report_title = $row['Title'];
$url = $row['URL']; $url = $row['URL'];
} }
echo "<div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='Courses.php?course=$url'>
$header
</a></div>
";
?> ?>
<div class="row" style="width:80%;margin:auto; text-align:left;"> <div class="container">
<?php
echo "<div><a href='Courses.php?course=$url'> $header </a></div>";
?>
<div class="row">
<!-- Lecturer CODE--> <!-- Lecturer CODE-->
<?php <?php
@ -55,89 +59,72 @@ echo "<div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF
error_reporting(0); error_reporting(0);
if (isset($_SESSION['info_Marking'])) { if (isset($_SESSION['info_Marking'])) {
echo '<hr><div class="alert alert-info" role="alert">' . $_SESSION['info_Marking'] . '</div>'; echo '<div class="alert alert-warning">' . $_SESSION['info_Marking'] . '</div>';
$_SESSION['info_Marking'] = null; $_SESSION['info_Marking'] = null;
} }
$resultx1 = mysqli_query($con, "Select Count(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id"); $resultx1 = mysqli_query($con, "SELECT Count(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id");
while ($row = mysqli_fetch_assoc($resultx1)) { $row = mysqli_fetch_assoc($resultx1);
$count_subs = $row['cnt']; $count_submissions = $row['cnt'];
}
$resultx2 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Marked'"); $resultx2 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id and Status='Marked'");
if (mysqli_num_rows($resultx2) == 0) { $row = mysqli_fetch_assoc($resultx2);
$count_marked = 0; $count_marked = $row['cnt'];
} else {
while ($row = mysqli_fetch_assoc($resultx2)) {
$count_marked = $row['cnt'];
}
}
$resultx3 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Pending'"); $resultx3 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id and Status='Pending'");
if (mysqli_num_rows($resultx3) == 0) { $row = mysqli_fetch_assoc($resultx3);
$count_unmarked = 0; $count_unmarked = $row['cnt'];
} else {
while ($row = mysqli_fetch_assoc($resultx3)) {
$count_unmarked = $row['cnt'];
}
}
$resultx4 = mysqli_query($con, "Select COUNT(*) as cnt from lab_report_submissions where lab_report_submissions.Lab_Report_ID=$id and Status='Remarking'"); $resultx4 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM lab_report_submissions WHERE lab_report_submissions.Lab_Report_ID=$id and Status='Remarking'");
if (mysqli_num_rows($resultx4) == 0) { $row = mysqli_fetch_assoc($resultx4);
$count_remark = 0; $count_remark = $row['cnt'];
} else {
while ($row = mysqli_fetch_assoc($resultx4)) { $resultx5 = mysqli_query($con, "SELECT COUNT(*) AS cnt FROM course_groups_table WHERE Course_id=$c_id");
$count_remark = $row['cnt']; $row = mysqli_fetch_assoc($resultx5);
} $count_group = $row['cnt'];
}
?> ?>
<b>Lab Report Submissions (<?php echo $count_subs; ?>)</b> <br>
<p class="text-muted"><b>Total submissions (<?php echo $count_submissions; ?>)</b></p>
<!-- Nav tabs --> <!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist"> <ul class="nav nav-tabs" id="myTab">
<li class="nav-item"> <li class="nav-item">
<a class="nav-link active" data-toggle="tab" href="#menu1">Un-Marked Submissions<b> (<?php echo $count_unmarked; ?>)</b></a> <a class="nav-link active" href="#menu1">Unmarked submissions (<?php echo $count_unmarked; ?>)</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu2">Marked Submissions <b>(<?php echo $count_marked; ?>)</b></a> <a class="nav-link" href="#menu2">Marked submissions (<?php echo $count_marked; ?>)</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu3">Re-Marking Requests <b>(<?php echo $count_remark; ?>)</b></a> <a class="nav-link" href="#menu3">Remarking requests (<?php echo $count_remark; ?>)</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="tab" href="#menu4"> View Course Groups</a> <a class="nav-link" href="#menu4">Course groups (<?php echo $count_group; ?>)</a>
</li> </li>
</ul> </ul>
<div class="tab-content"> <div class="tab-content">
<div id="menu1" class="container tab-pane active"><br> <div id="menu1" class="tab-pane active"><br>
<?php <?php
if ($Report_Type == "Group") { if ($report_type == "Group") {
$result1 = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID, $result1 = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, course_groups_table.Group_Name, course_groups_table.Group_Leader, users_table.Full_Name, users_table.Student_id
lab_report_submissions.Course_Group_id, `Attachment1`, FROM lab_report_submissions
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status, LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id
`Title`,course_groups_table.Group_Name,course_groups_table.Group_Leader,users_table.Full_Name, users_table.Student_id LEFT JOIN course_groups_table ON course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
FROM `lab_report_submissions` WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Pending' ORDER BY Submission_Date DESC");
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Submission_Date desc");
} else { } else {
$result1 = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID, $result1 = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, users_table.Full_Name, course_group_members_table.Student_ID
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`, FROM lab_report_submissions
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status, LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id
`Title`,users_table.Full_Name,course_group_members_table.Student_ID LEFT JOIN course_group_members_table ON course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
FROM `lab_report_submissions` WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Pending' ORDER BY Submission_Date DESC");
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Submission_Date desc");
} }
if (mysqli_num_rows($result1) == 0) { if (mysqli_num_rows($result1) == 0) {
echo "No Un-Marked Submissions for this Lab Report."; echo "No unmarked submissions.";
} else { } else {
while ($row = mysqli_fetch_assoc($result1)) { while ($row = mysqli_fetch_assoc($result1)) {
$title = $row['Title']; $title = $row['Title'];
@ -159,7 +146,7 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
$student_id = $row['sub_std']; $student_id = $row['sub_std'];
if ($submitted_group == 0) { if ($submitted_group == 0) {
$submitted_by = $student_name . "(" . $student_id . ")"; $submitted_by = $student_name . " (" . $student_id . ")";
} else { } else {
$submitted_by = "$student_name ($submitter_student_number) for group $groupname "; $submitted_by = "$student_name ($submitter_student_number) for group $groupname ";
} }
@ -182,10 +169,13 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
$full_link = $full_link . " | <a href='~\..\Download.php?file=$att4&attachment=4'>$base_att4</a>"; $full_link = $full_link . " | <a href='~\..\Download.php?file=$att4&attachment=4'>$base_att4</a>";
} }
echo " <k href='#'> <div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'> echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left:1px solid #eee;'>
$title <br> by: <b> <span class = 'text-selectable'>$submitted_by </span> </b> $title <br>
<br> <span style='font-size:8pt'>Submitted : $posted <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark Submission</button><br> Attachments : $full_link </span> By: <b> <span class='text-selectable'> $submitted_by </span> </b> <br>
</div></k>"; <small>Submitted on: $posted</small>
<button class='btn btn-sm btn-primary' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Mark </button><br>
Attachments : $full_link
</div>";
} }
} }
echo ""; echo "";
@ -193,39 +183,34 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Pending' order by Sub
</div> </div>
<div id="menu2" class="container tab-pane"><br> <div id="menu2" class="tab-pane"><br>
<?php <?php
if ($Report_Type == "Group") { if ($report_type == "Group") {
$result = mysqli_query($con, "SELECT `Submission_ID`,Visibility, `Submission_Date`, lab_report_submissions.Lab_Report_ID, $result = mysqli_query($con, "SELECT Submission_ID, Visibility, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, course_groups_table.Group_Name
lab_report_submissions.Course_Group_id, `Attachment1`, FROM lab_report_submissions
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status, LEFT JOIN course_groups_table ON course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
`Title`,course_groups_table.Group_Name WHERE Lab_Report_ID=$id and lab_report_submissions.Status='Marked'");
FROM `lab_report_submissions`
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Marked'");
} else { } else {
$result = mysqli_query($con, "SELECT `Submission_ID`,Visibility, `Submission_Date`, lab_report_submissions.Lab_Report_ID, $result = mysqli_query($con, "SELECT Submission_ID, Visibility, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, Marks, lab_report_submissions.Status, Title, users_table.Full_Name, course_group_members_table.Student_ID
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`, FROM lab_report_submissions
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, lab_report_submissions.Status, LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id
`Title`,users_table.Full_Name,course_group_members_table.Student_ID LEFT JOIN course_group_members_table ON course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
FROM `lab_report_submissions` WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Marked' ORDER BY lab_report_submissions.Student_id Desc");
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Marked' Order by lab_report_submissions.Student_id Desc");
} }
if (mysqli_num_rows($result) == 0) { if (mysqli_num_rows($result) == 0) {
echo "No Marked submissions for this lab";
echo "No marked submissions.";
} else { } else {
echo "<h3><a href='~\..\Script.php?exportgrade=true&lab=$id&lab_name=$Report_Title'><i class='fa fa-book'></i> Export Grade Sheet </a></h3>"; echo "<h3><a href='~\..\Script.php?exportgrade=true&lab=$id&lab_name=$report_title'><i class='fa fa-book'></i> Export grades</a></h3>";
while ($row = mysqli_fetch_assoc($result)) { while ($row = mysqli_fetch_assoc($result)) {
$title = $row['Title']; $title = $row['Title'];
$Marks = $row['Marks']; $Marks = $row['Marks'];
//$ins=$row['Notes'];
$posted = $row['Submission_Date']; $posted = $row['Submission_Date'];
$deadline = $row['Deadline']; $deadline = $row['Deadline'];
$att1 = $row['Attachment1']; $att1 = $row['Attachment1'];
@ -267,10 +252,12 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Marked' Order by lab
// if you want to use text-selectable class on whole div, just call the css class // if you want to use text-selectable class on whole div, just call the css class
echo " <k href='#'> <div class='btn btn-default break-word ' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'> echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap:break-word; border:1px solid #F0F0F0; border-left:1px solid #eee;'>
$title <br> by : <b> <span class = 'text-selectable'>$submitted_by </span> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> &nbsp; Visibility : <b>$Visibility </b> <button class='btn-sm btn-success' style='margin-left:50px;' onclick='updatev($Submission_ID)'>Update visibility</button> <b> $title </b> &nbsp;&nbsp; [Marks: $Marks] <button class='btn btn-light btn-sm' onclick='mark($Submission_ID,\"$title\",$total)'>Remark</button><br>
<hr> Lecturer/TA notes : $notes<br> <span style='font-size:8pt'>Submitted : $posted <b> </b> <button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Re-Mark Submission</button><br> Attachments : $full_link </span> <small>Submitted by <span class = 'text-selectable'>$submitted_by</span> on $posted</small>
</div></k>"; <span class='badge badge-info'>Marking comments</span> $notes <br>
Attachments : $full_link
</div>";
} }
} }
echo ""; echo "";
@ -278,38 +265,29 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Marked' Order by lab
</div> </div>
<div id="menu3" class="container tab-pane"><br> <div id="menu3" class="tab-pane"><br>
<?php <?php
if ($Report_Type == "Group") { if ($report_type == "Group") {
$resulty = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID, $resulty = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, lab_report_submissions.Marks, lab_report_submissions.Status, Title, course_groups_table.Group_Name
lab_report_submissions.Course_Group_id, `Attachment1`, FROM lab_report_submissions
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, lab_report_submissions.Marks, lab_report_submissions.Status, LEFT JOIN course_groups_table ON course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
`Title`,course_groups_table.Group_Name WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Remarking'");
FROM `lab_report_submissions`
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
} else { } else {
$resulty = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Lab_Report_ID, $resulty = mysqli_query($con, "SELECT Submission_ID, Submission_Date, lab_report_submissions.Lab_Report_ID, lab_report_submissions.Remarking_Reason, lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, Attachment1, Notes, Attachment2, Attachment3, Attachment4, lab_report_submissions.Marks, lab_report_submissions.Status, Title, users_table.Full_Name, course_group_members_table.Student_ID
lab_report_submissions.Remarking_Reason, FROM lab_report_submissions
lab_report_submissions.Student_id sub_std, lab_report_submissions.Course_Group_id, `Attachment1`, LEFT JOIN users_table ON users_table.Student_ID=lab_report_submissions.Student_id
`Notes`, `Attachment2`, `Attachment3`, `Attachment4`, lab_report_submissions.Marks, lab_report_submissions.Status, LEFT JOIN course_group_members_table ON course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
`Title`,users_table.Full_Name,course_group_members_table.Student_ID WHERE Lab_Report_ID=$id AND lab_report_submissions.Status='Remarking'");
FROM `lab_report_submissions`
Left JOIN users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_group_members_table on course_group_members_table.Course_Group_id=lab_report_submissions.Course_Group_id
where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
} }
if (mysqli_num_rows($resulty) == 0) { if (mysqli_num_rows($resulty) == 0) {
echo "No Remarking Request for this lab"; echo "No remarking requests.";
} else { } else {
while ($row = mysqli_fetch_assoc($resulty)) { while ($row = mysqli_fetch_assoc($resulty)) {
$title = $row['Title']; $title = $row['Title'];
$Marks = $row['Marks']; $Marks = $row['Marks'];
//$ins=$row['Notes'];
$posted = $row['Submission_Date']; $posted = $row['Submission_Date'];
$deadline = $row['Deadline']; $deadline = $row['Deadline'];
@ -346,13 +324,14 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
if ($att4 != "") { if ($att4 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>"; $full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
} }
echo " <k href='#'> <div class='btn btn-default break-word ' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 4px solid #03407B;'> echo "<div class='btn btn-default break-word' style='dislay:block; word-wrap: break-word; border: 1px solid #F0F0F0;border-left: 2px solid #eee;'>"
$title <br> by : <b> <span class = 'text-selectable'>$submitted_by </span> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marked $Marks ] </b> <br> Remarking Reason : <b>$remarking_reason </b> . "$title <br>"
<hr> <span style='font-size:8pt'>Submitted : $posted <b> </b> " . "Submitted by: <b> <span class = 'text-selectable'>$submitted_by </span> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp; [ Marks: $Marks ] </b> <br>"
. "<button class='btn-sm btn-info' style='margin-left:50px;' onclick='mark($Submission_ID,\"$title\",$total)'> Re-Mark Submission</button>" . "<span style='color:orange'><i class='fa fa-info-circle'></i> Remarking reason:</span> $remarking_reason <br>"
. " &nbsp; &nbsp;&nbsp;&nbsp;<a href='~\..\Script.php?ignoreremarking=yes&id=$id&subid=$Submission_ID&header=$header&total=$total&status=Marked' class='btn-sm btn-warning'> Ignore Request </a>" . "<button class='btn btn-light btn-sm' onclick='mark($Submission_ID,\"$title\",$total)'>Remark</button>"
. "<br> Attachments : $full_link </span> . "&nbsp; <a href='~\..\Script.php?ignoreremarking=yes&id=$id&subid=$Submission_ID&header=$header&total=$total&status=Marked' class='btn btn-sm btn-light'>Ignore request</a> <br>"
</div></k>"; . "<small>Submitted at: $posted <br> Attachments: $full_link </small>"
. "</div>";
} }
} }
echo ""; echo "";
@ -360,45 +339,47 @@ where Lab_Report_ID=$id and lab_report_submissions.Status='Remarking'");
</div> </div>
<div id="menu4" class="container tab-pane"><br> <div id="menu4" class="tab-pane"><br>
<h3>Course Groups</h3> <div class="col-md-7">
<hr>
<?php <?php
$result = mysqli_query($con, " SELECT `Course_Group_id`, `Group_Name`, `Group_Leader`, `Course_id`,users_table.Full_Name $result = mysqli_query($con, "SELECT Course_Group_id, Group_Name, Group_Leader, Course_id, users_table.Full_Name
FROM `course_groups_table` FROM course_groups_table
INNER JOIN users_table on users_table.Student_ID=course_groups_table.Group_Leader INNER JOIN users_table ON users_table.Student_ID=course_groups_table.Group_Leader
WHERE Course_id=$c_id"); WHERE Course_id=$c_id");
if (mysqli_num_rows($result) == 0) { if (mysqli_num_rows($result) == 0) {
echo "You have no Group in this Course"; echo "No student groups.";
} else { } else {
while ($row = mysqli_fetch_assoc($result)) { while ($row = mysqli_fetch_assoc($result)) {
$name = $row['Group_Name']; $name = $row['Group_Name'];
$leader = $row['Full_Name'] . "(" . $row['Group_Leader'] . ")"; $leader_student_no = $row['Group_Leader'];
$id = $row['Course_Group_id']; $id = $row['Course_Group_id'];
echo "<div class='btn-default'><small> $name - Leader : $leader </small></div>"; echo "<ul class='list-group'>";
echo " <li class='list-group-item disabled'>Group $name</li>";
$rs2 = mysqli_query($con, "SELECT `ID`, `Course_Group_id`, course_group_members_table.Student_ID, $rs2 = mysqli_query($con, "SELECT ID, Course_Group_id, course_group_members_table.Student_ID, course_group_members_table.Status, users_table.Full_Name
course_group_members_table.`Status`,users_table.Full_Name FROM `course_group_members_table` FROM course_group_members_table
INNER JOIN users_table on users_table.Student_ID=course_group_members_table.Student_ID INNER JOIN users_table ON users_table.Student_ID=course_group_members_table.Student_ID
where course_group_members_table.Course_Group_id=$id"); WHERE course_group_members_table.Student_ID AND course_group_members_table.Course_Group_id=$id");
while ($row = mysqli_fetch_assoc($rs2)) { while ($row = mysqli_fetch_assoc($rs2)) {
$name = $row['Full_Name']; $name = $row['Full_Name'];
$id = $row['Course_Group_id']; $id = $row['Course_Group_id'];
$status = $row['Status']; $status = $row['Status'];
$Student_ID = $row['Student_ID']; $Student_ID = $row['Student_ID'];
if ($leader_student_no == $Student_ID) {
echo "<li><small> $name-$Student_ID ($status)</small></li>"; echo "<li class='list-group-item'>$name ($Student_ID) - $status - Leader</li>";
} else {
echo "<li class='list-group-item'>$name ($Student_ID) - $status</li>";
}
} }
echo "</ul><br>";
} }
} }
?> ?>
</div>
</div> </div>
</div> </div>
@ -407,36 +388,49 @@ where course_group_members_table.Course_Group_id=$id");
</div> </div>
<?php <?php
} }
include 'Footer.php'; ?>
?>
<script src="http://118.25.96.118/nor/css/jquery-1.11.1.min.js"></script> <?php include 'Footer.php';?>
<script src="http://118.25.96.118/nor/css/jquery-ui.min.js"></script>
<link rel="stylesheet" href="http://118.25.96.118/nor/css/jquery-ui.css" /> </div>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/themes/base/jquery-ui.min.css" integrity="sha512-ELV+xyi8IhEApPS/pSj66+Jiw+sOT1Mqkzlh8ExXihe4zfqbWkxPRi8wptXIO9g73FSlhmquFlUOuMSoXz5IRw==" crossorigin="anonymous" referrerpolicy="no-referrer" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js" integrity="sha512-3gJwYpMe3QewGELv8k/BX9vcqhryRdzRMxVfq6ngyWXwo03GFEzjsUm8Q7RZcHPHksttq7/GFoxjCVUjkjvPdw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js" integrity="sha512-57oZ/vW8ANMjR/KQ6Be9v/+/h6bq9/l3f0Oc7vn6qMqyhvPd1cvKBRWWpzu0QoneImqr2SkmO4MSqU+RpHom3Q==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script> <script>
function mark(id, title, marks) { function mark(id, title, marks) {
try { try {
$('<form id="submit-form" method="get" action="Script.php">' + title + '(' + marks + ' marks) <input type="hidden" name="savemarks" value="true">\n\ $(`<form id="submit-form" method="get" action="Script.php">
<input type="hidden" name="total" value="' + marks + '" > <input type="hidden" name="id" value="' + id + '" ><br> Marks <input type="text" name="marks">\n\ ${title} (${marks} marks)
Comments <textarea name="feedback"></textarea> \n\ <input type="hidden" name="savemarks" value="true">
<input type="hidden" name="labid" value="<?php echo $course_id; ?>"> <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({ <input type="hidden" name="total" value="${marks}" >
modal: true, <input type="hidden" name="id" value="${id}" >
title: 'Mark Submission', <br> Marks
buttons: { <input type="text" name="marks">\n\
'Submit Marking': function() { Comments <textarea name="feedback"></textarea> \n\
<input type="hidden" name="labid" value="<?php echo $course_id; ?>">
<input type="hidden" name="header" value="<?php echo $header; ?>">
</form>`).dialog({
modal: true,
title: 'Mark submission',
close: function () {
var closeBtn = $('.ui-dialog-titlebar-close');
closeBtn.html('');
},
buttons: {
'Submit': function() {
$('#submit-form').submit(); $('#submit-form').submit();
$(this).dialog('close'); $(this).dialog('close');
}, },
'X': function() { 'Cancel': function() {
$(this).dialog('close'); $(this).dialog('close');
} }
@ -448,31 +442,17 @@ where course_group_members_table.Course_Group_id=$id");
} }
} }
function updatev(id) { /* For tabs to work */
const triggerTabList = document.querySelectorAll('#myTab a')
triggerTabList.forEach(triggerEl => {
const tabTrigger = new bootstrap.Tab(triggerEl)
triggerEl.addEventListener('click', event => {
event.preventDefault()
tabTrigger.show()
})
})
try {
$('<form id="submit-form" method="get" action="Script.php"> <input type="hidden" name="updatevisibility" value="true">\n\
<input type="hidden" name="id" value="' + id + '" > <br>\n\
Update Visibility<br><select name="status"> <option> Public </option><option>Private</option> </select> \n\
<input type="hidden" name="labid" value="<?php echo $id; ?>"> <input type="hidden" name="total" value="<?php echo $total; ?>" > <input type="hidden" name="header" value="<?php echo $header; ?>"> </form>').dialog({
modal: true,
title: 'Update Report Visibility',
buttons: {
'Update': function() {
$('#submit-form').submit();
$(this).dialog('close');
},
'X': function() {
$(this).dialog('close');
}
}
});
} catch (e) {
alert(e);
}
}
</script> </script>
</body>
</html>

230
SubmitLab.php
View File

@ -7,129 +7,123 @@ $page='Submit LAB+';
include 'Header.php'; include 'Header.php';
?> ?>
<div class='row' style='width:80%;margin:auto;'> <div class="container">
<div class='row'>
<?php <?php
$c_date = date("Y-m-d H:i"); $c_date = date("Y-m-d H:i");
$student_id = $_SESSION["user_student_id"]; $student_id = $_SESSION["user_student_id"];
if(!empty($_GET["id"]))
{
$id = mysqli_real_escape_string($con, $_GET["id"]);
$url = mysqli_real_escape_string($con, $_GET["url"]);
$result1 = mysqli_query($con," SELECT `Type`, `Lab_Report_ID`, `Course_ID`, `Posted_Date`, `Deadline`, `Instructions`, `Title`, `Attachment_link_1`, `Attachment_link_2`, `Attachment_link_3`, `Attachment_link_4` FROM `lab_reports_table` WHERE Lab_Report_ID=$id and Deadline > '$c_date' ORDER by Lab_Report_ID DESC");
if(mysqli_num_rows($result1) == 0)
{
echo "No active assignments for this course so far.";
} else {
while($row = mysqli_fetch_assoc($result1)) {
$Course_ID = $row['Course_ID'];
$title = $row['Title'];
$ins = $row['Instructions'];
$posted = $row['Posted_Date'];
$deadline = $row['Deadline'];
$att1 = $row['Attachment_link_1'];
$att2 = $row['Attachment_link_2'];
$att3 = $row['Attachment_link_3'];
$att4 = $row['Attachment_link_4'];
$labid = $row['Lab_Report_ID'];
$type = $row['Type'];
//----------------------------------Giving both the Group Admin and Group Members same priviledges to submit assignment--------------------------------------
if($type=="Group"){
$resultx1 = mysqli_query($con,"SELECT Course_Group_id FROM `course_groups_table` WHERE (Course_id=$Course_ID) and ((Group_Member=$student_id ) or (Group_Member2=$student_id ) or (Group_Member3=$student_id ) or (Group_Member4=$student_id ) or (Group_Leader=$student_id))");
while($row = mysqli_fetch_assoc($resultx1)) {
$_SESSION["Group_ID"] = $row['Course_Group_id'];
}
if($_SESSION["Group_ID"] < 1)
{
echo" <center><h3> This Lab report can only be submitted by Group Admin </h3> </center> ";
return;
}
}
$full_link="<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
if($att2!=""){
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
}
if($att3!=""){
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
}
if($att4!=""){
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
}
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
Courses > $url > Submlit Lab Report > $title
<br>
</a></div>
";
echo ""; if(!empty($_GET["id"]))
} {
} $id = mysqli_real_escape_string($con, $_GET["id"]);
} $url = mysqli_real_escape_string($con, $_GET["url"]);
$Group_ID = $_SESSION["Group_ID"]; // Get course name
$result0 = mysqli_query($con,"SELECT Course_Name FROM courses_table WHERE URL='$url'");
$row = mysqli_fetch_assoc($result0);
$course_name = $row['Course_Name'];
?> $result1 = mysqli_query($con, "SELECT Type, Lab_Report_ID, Course_ID, Posted_Date, Deadline, Instructions, Title, Attachment_link_1, Attachment_link_2, Attachment_link_3, Attachment_link_4
FROM lab_reports_table
WHERE Lab_Report_ID=$id AND Deadline>'$c_date' ORDER BY Lab_Report_ID DESC");
if(mysqli_num_rows($result1) == 0) {
echo "No active assignments for this course so far.";
} else {
while($row = mysqli_fetch_assoc($result1)) {
$Course_ID = $row['Course_ID'];
$title = $row['Title'];
$ins = $row['Instructions'];
$posted = $row['Posted_Date'];
$deadline = $row['Deadline'];
$att1 = $row['Attachment_link_1'];
$att2 = $row['Attachment_link_2'];
$att3 = $row['Attachment_link_3'];
$att4 = $row['Attachment_link_4'];
$labid = $row['Lab_Report_ID'];
$type = $row['Type'];
// Giving both the Group Admin and Group Members same priviledges to submit assignment
if ($type == "Group") {
$resultx1 = mysqli_query($con,"SELECT Course_Group_id
FROM course_groups_table
WHERE (Course_id=$Course_ID) AND ((Group_Member=$student_id ) OR (Group_Member2=$student_id ) OR (Group_Member3=$student_id ) OR (Group_Member4=$student_id ) OR (Group_Leader=$student_id))");
while ($row = mysqli_fetch_assoc($resultx1)) {
$_SESSION["Group_ID"] = $row['Course_Group_id'];
}
if ($_SESSION["Group_ID"] < 1) {
echo" <center><h3> This Lab report can only be submitted by Group Leader </h3> </center> ";
return;
}
}
$full_link = "<a href='~\..\Lab_Report_Assignments\\$att1'>$att1</a>";
if ($att2 != "") {
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att2'>$att2</a>";
}
if ($att3 != "") {
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att3'>$att3</a>";
}
if ($att4 != "") {
$full_link = $full_link."| <a href='~\..\Lab_Report_Assignments\\$att4'>$att4</a>";
}
echo "<div><a href='~\..\Course.php?url=$url'> Courses > ($url) $course_name > $title </a></div>";
}
}
}
$Group_ID = $_SESSION["Group_ID"];
?>
</div>
<div>
<h1 class="display-6">Submit assignment</h1>
<hr>
<div class="row">
<div class="col-md-6">
<form method='post' enctype='multipart/form-data' action='Script.php'>
<input type='hidden' name='form_submitlab' value='true' required=''/>
<input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/>
<input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/>
<input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required=''/>
<input type='hidden' name='url' value='<?php echo $url; ?>' required=''/>
<div class='mb-3'>
<label class='form-label'>Title</label>
<input type='text' name='title' placeholder='Assignment submission title' class='form-control' required=''>
</div>
<div class='mb-3'>
<label class='form-label'>Attachment 1</label>
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
<label class='form-label'>Attachment 2</label>
<input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
<label class='form-label'>Attachment 3</label>
<input type='file' name='attachment3' placeholder='Attachment 3' class='form-control' >
<label class='form-label'>Attachment 4</label>
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
</div>
<button type='submit' class='btn btn-primary'>Submit</button>
</form>
</div>
</div>
</div>
</div> </div>
<div style="width:80%;margin:auto;">
<h3> Submit Lab Report Assignment </h3>
<hr>
<div class="row">
<div class="col-md-6">
<form method='post' enctype='multipart/form-data' action='Script.php'>
<input type='hidden' name='frm_submitlab' value='true' required=''/>
<input type='hidden' name='lab_id' value='<?php echo $id; ?>' required=''/>
<input type='hidden' name='student_id' value='<?php echo $student_id; ?>' required=''/>
<input type='hidden' name='group_id' value='<?php echo $Group_ID; ?>' required=''/>
<input type='hidden' name='url' value='<?php echo $url; ?>' required=''/>
Title
<input type='text' name='title' placeholder='Ttle' class='form-control' required=''>
Attachment 1
<input type='file' name='attachment1' placeholder='Attachment 1' class='form-control' required=''>
Attachment 2
<input type='file' name='attachment2' placeholder='Attachment 2' class='form-control'>
</div>
<div class="col-md-6">
Attachment 3
<input type='file' name='attachment3' placeholder='Attachment 3' class='form-control' >
Attachment 4
<input type='file' name='attachment4' placeholder='Attachment 4' class='form-control' >
<br>
<input type='submit' class='btn btn-primary' value='Submit Lab Assignment'><br>
</form>
</div>
</div>
</div>

63
Visitors.php
View File

@ -1,63 +0,0 @@
<?php
$page = 'Submit LAB+';
include 'Header.php';
?>
<div class='row' style='width:80%;margin:auto;'>
<?php
echo " <div class='alert' style='margin-left:20px;border-bottom:2px solid #1D91EF;'> <a href='~\..\Courses.php?course=$url'>
LRRS > Visitor Portal > Public Lab Reports
<br> <span style='font-size:8pt'> </span>
</a></div>
";
$result = mysqli_query($con, "SELECT `Submission_ID`, `Submission_Date`, lab_report_submissions.Student_id,
`Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Marks`, `Title`, `Visibility` ,
users_table.Full_Name,course_groups_table.Group_Name
FROM `lab_report_submissions`
left join users_table on users_table.Student_ID=lab_report_submissions.Student_id
left JOIN course_groups_table on course_groups_table.Course_Group_id=lab_report_submissions.Course_Group_id
WHERE Visibility='Public' ");
if (mysqli_num_rows($result) == 0) {
} else {
while ($row = mysqli_fetch_assoc($result)) {
$att1 = $row['Attachment1'];
$att2 = $row['Attachment2'];
$sdate = $row['Submission_Date'];
$att3 = $row['Attachment3'];
$att4 = $row['Attachment4'];
$labid = $row['Lab_Report_ID'];
$title = $row['Title'];
$submitted_std = $row['Student_id'];
$submitted_group = $row['Course_Group_id'];
$Submission_ID = $row['Submission_ID'];
$sname = $row['Full_Name'];
$gname = $row['Group_Name'];
$Visibility = $row['Visibility'];
$full_link = "<a href='~\..\Lab_Report_Submisions\\$att1'>$att1</a>";
if ($att2 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att2'>$att2</a>";
}
if ($att3 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att3'>$att3</a>";
}
if ($att4 != "") {
$full_link = $full_link . "| <a href='~\..\Lab_Report_Submisions\\$att4'>$att4</a>";
}
echo "
<div class='btn btn-default'>
$title <small>by $gname $sname </small>
<br> <span style='font-size:8pt'>Submission Date :$sdate &nbsp;&nbsp; &nbsp; Files : $full_link </span>
</div>
";
}
} ?>
</div>

4
css/jquery-1.11.1.min.js vendored
View File

File diff suppressed because one or more lines are too long

1225
css/jquery-ui.css vendored
View File

File diff suppressed because it is too large Load Diff

13
css/jquery-ui.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
css/main.css
View File

@ -8,4 +8,4 @@
user-select: text; user-select: text;
cursor:auto cursor:auto
} }

13
doc/IncreaseSessionDuration.txt Normal file
View File

@ -0,0 +1,13 @@
Increasing session duration
---------------------------
By default, the session duration in PHP is set to 1,440 seconds (24
minutes). However, this is not convenient in most software
systems. Therefore, we may need to increase the duration to allow
users to have more session time. To increase the session duration, we
need to edit the variable *session.gc_maxlifetime* in **php.ini**. We
can increase its default value to whatever we want (e.g., 7200). On
Ubuntu, the file is located at */etc/php/7.2/apache2/php.ini*. On
XAMPP, the file is located at */xampp/php/php.ini*.
*Last modified on 20 April 2022 by Umar*

25
doc/Issues.txt
View File

@ -1,7 +1,26 @@
Todo
----
3. Filter file format and size upon upload.
4.1. Upon Change password it must ask the old password first before new password.
4.2. It should not use the GET REQUEST on password which puts user's data at risk since it displays in the URL.
* Allow submission without file upload * Allow submission without file upload
* Lecturer/TA should see his/her feedback on submissions
* Lecturer/TA should see his/her feedback on submissions
* Remarking request details required
Done
----
1. The connect.php should not echo 'Connected' since there is a redirect already in the header.php [Resolved]
2. The header.php is connecting to the database twice through inline connection and an external connect.php [Resolved]
4. Added css into the header.php
* Check Spelling Issues * Check Spelling Issues
* Remarking request details required

26
doc/QuickStart.txt Normal file
View File

@ -0,0 +1,26 @@
Quick Start Guide
* Use Admin User to Create Lecturer Accounts
Account: Admin
Password: admin@123
* Create a Lecturer account
* Login to Lecturer account
* Create a course ( You can determine whether or not students need approval before they can join the course. )
* As Student
You can Sign up with your Student ID, then provide your email address and password.
* Browse Courses by Deartment
- Or Search by Course Course
- Join Course
- You can see the list of your courses in Course Home page

32
doc/Quick_Start.txt
View File

@ -1,32 +0,0 @@
<h1> Quick Start Guide </h1>
<hr>
* Use Admin User to Create Lecturer Accounts
user : Admin
Password : admin@123
* Create Lecturer
* Login to Lecturer Account
* Create Course ( You can define whether or not students require approval to join the course )
* As Student
You can Sign up with your Student ID
Then Provide your Email and Password
* Browse Courses by Deartment
- Or Search by Course Course
- Join Course
- You can see the list of your courses in Course Home page
*

4
doc/Reset_Database.txt → doc/ResetDatabase.txt
View File

@ -7,8 +7,8 @@ delete from course_Group_Members_table;
delete from course_students_table; delete from course_students_table;
delete from course_ta; delete from course_ta;
delete from extended_deadlines_table;
delete from extended_deadlines_table;
delete from lab_reports_table; delete from lab_reports_table;
@ -16,4 +16,4 @@ delete from lab_report_submissions;
delete from students_data; delete from students_data;
Delete from users_table; delete from users_table;

24
doc/ResetPassword.txt Normal file
View File

@ -0,0 +1,24 @@
Resetting password
------------------
We can reset a user's password by directly modifying the MySQL
database table called `users_table`. More specifically, we delete
that user's information from `users_table` so that the user could sign
up again. Suppose the user's student number is 201131129138.
To do so, LRR administrator logs in to MySQL using the following
command: `mysql -u mnc -p`. Type the correct password to access
the MySQL database.
After that, issue the following commands in the mysql prompt.
- `use lrr;`
- `delete from users_table where Student_ID="201131129138";`
The first one uses a database called lrr in MySQL. The second one
deletes a record from `users_table` where the student number is
201131129138.
*Last modified on 20 April 2022 by Umar*

26
doc/UserDoc.md
View File

@ -1,26 +0,0 @@
LRR User Documentation
======================
Resetting password
-------------------
We can reset a user's password by directly modifying the MySQL database table called `users_table`. More specifically, we delete that user's information from `users_table` so that the user could sign up again. Suppose the user's student number is 201131129138.
To do so, LRR administrator logs in to MySQL using the following command: `mysql -u username -p`. Type the correct password to access the MySQL database.
After that, issue the following commands in the mysql prompt.
- `use lrr;`
- `delete from users_table where Student_ID="201131129138";`
The first one uses a database called lrr in MySQL. The second one deletes a record from `users_table` where the student number is 201131129138.
Increasing session duration
-------------------
By default, the session duration in PHP is set to 1,440 seconds (24 minutes). However, this is not convenient in most software systems. Therefore, we may need to increase the duration to allow users to have more session time. To increase the session duration, we need to edit the variable *session.gc_maxlifetime* in **php.ini**. We can increase its default value to whatever we want (e.g., 7200).
On Ubuntu, the file is located at */etc/php/7.2/apache2/php.ini*. On XAMPP, the file is located at */xampp/php/php.ini*.
*Last modified on 20 April 2022 by Umar*

10
doc/ashlys_issues.txt
View File

@ -1,10 +0,0 @@
1. The connect.php should not echo 'Connected' since there is a redirect already in the header.php [Resolved]
2. The header.php is connecting to the database twice through inline connection and an external connect.php [Resolved]
3. Filter file format and size upon upload.
4.1. Upon Change password it must ask the old password first before new password.
4.2. It should not use the GET REQUEST on password which puts user's data at risk since it displays in the URL.
4. Added css into the header.php

167
index.php
View File

@ -1,128 +1,79 @@
<?php <?php
$page='Home'; $page='Home';
require 'Header.php'; require 'Header.php';
session_start(); session_start();
?> ?>
<?php <?php
// if the user has already logged in, then clicking the LRRS icon should not display the login page (i.e., index.php). // if the user has already logged in, then clicking the LRRS icon should not display the login page (i.e., index.php).
if (isset($_SESSION["user_fullname"])) { if (isset($_SESSION["user_fullname"])) {
header("Location: Courses.php"); echo '<div class="container alert alert-info"> You\'ve already logged in.</div>';
exit();
} }
?> ?>
<br><br><br> <br><br><br>
<div class="row" style="width:85%;margin:auto;"> <div class="container">
<div class="col-md-4">
<br><br>
<img src="logo.png" style="width:40%; position:relative; right:-95px; top:1px;">
<br><br>
<div style="width:20%; position:relative; right:-90px; font-family: Poppins-Regular;">
<h1>Lab Report Repository</h1>
<br><br>
</div>
</div>
<br>
<div style = "position:relative; left:240px; top:-2px;">
<h4 class="list-group-item active" style="font-weight:normal;font-family: Poppins-Regular;"> Sign in </h4>
<div class="list-group-item">
<div class="panel-body"> <div class="row">
<div class="col-md-5">
<img src="logo.png" style="width:32%; position:relative; right:-95px; top:1px;" alt="LRR Logo">
<br><br>
<div style="width:32%; position:relative; right:-90px; font-family:Poppins-Regular;">
<h1>Lab Report Repository</h1>
</div>
</div>
<form method="post" action="Script.php" name="frm_login"> <div class="col-md-5">
<input type="hidden" name="frm_login" value="true"/> <form method="post" action="Script.php" name="form_login">
Student ID / Instructor Email <legend>Sign in</legend>
<input type="text" name="user" placeholder="Email / Student Number" class="form-control" required="required" id="user_name" /> <input type="hidden" name="form_login" value="true"/>
<br> <label for="user_name" class="form-label">Account name</label>
Password <input type="text" name="user" placeholder="Student Number / Email address" class="form-control" required="required" id="user_name" />
<input type="password" class="form-control" name="password" placeholder="password" required="required" id="user_password" /> <br>
<div class="text-center"> <label for="user_password" class="form-label">Password</label>
<br><input type="submit" class="btn-primary" value="Login" id="login_btn"> <input type="password" class="form-control" name="password" placeholder="password" required="required" id="user_password" />
</div> <br>
<br> <a href="recover_password.php" style="font-weight:normal;color:#2471A3; font-family: Poppins-Regular; <button type="submit" class="btn btn-primary" id="login_btn">Sign in</button>
font-size: 17px;">Reset my password</a>
<div class="text-center">
<br><span class="txt1">Don't have an account?</span>
<a class="txt2" href="signup.php" style="font-weight:normal" id="signup_link">Sign Up</a>
</a>
</div>
<?php <br>
<label class="form-text">Don't have an account yet?</label> <a href="signup.php" id="signup_link">Sign up</a>
error_reporting(E_ALL);
<br>
if(isset($_SESSION['info_login'])) { <label class="form-text">Forget your password?</label> <a href="recover_password.php">Recover</a>
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_login'].'</div>';
$_SESSION['info_login']=null;
} <?php
error_reporting(E_ALL);
// wrong pass
if(isset($_SESSION['wrong_pass'])) { if(isset($_SESSION['info_login'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['wrong_pass'].'</div>'; echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_login'].'</div>';
$_SESSION['wrong_pass']=null; $_SESSION['info_login'] = null;
} }
if(isset($_SESSION['infoChangePassword'])) { // wrong password
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['infoChangePassword'].'</div>'; if(isset($_SESSION['wrong_pass'])) {
$_SESSION['infoChangePassword']=null; echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['wrong_pass'].'</div>';
} $_SESSION['wrong_pass'] = null;
?> }
</div>
</form> if(isset($_SESSION['infoChangePassword'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['infoChangePassword'].'</div>';
$_SESSION['infoChangePassword'] = null;
}
?>
</form>
</div>
</div> </div>
</div> </div>
</div>
</div>
</div>
<div id="footer"> <div id="footer">
LRR was originally developed as a <a href="http://lanlab.org/course/2018f/se/homepage.html" style="color:white;">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi. Please submit your suggestions or bug reports to lanhui. Last updated on 18/04/2020 by Ashly. <a href="./homepage" style="color:white;">More information ...</a> LRR was originally developed in 2018 as a <a href="http://lanlab.org/course/2018f/se/homepage.html">software engineering course project</a> by Mohamed Nor and Elmahdi Houzi. Please submit your bug reports to Mr Lan. <a href="./homepage">More information ...</a>
</div> </div>
</body> </body>
<style>
/*------------------------------------------------------------------
[ Login Button ]*/
.btn-primary {
color: white;
border-radius: 5px;
text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
background: rgb(75, 184, 240);
padding:5px 100px;
font-family: Poppins-Regular;
font-size: 23px;
line-height: 1.5;
}
#footer{
position:fixed;
bottom:0;
left:0;
background-color:#03417C;
color:#FFF;
text-align:center;
width:100%;
}
.txt1 {
font-family: Poppins-Regular;
font-size: 18px;
line-height: 1.5;
color: #666666;
}
.txt2 {
font-family: Poppins-Regular;
font-size: 19px;
line-height: 1.5;
color: #2471A3;
}
</style>
</html> </html>

47
logout.php
View File

@ -1,23 +1,24 @@
<?php <?php
// Start a new session // Start a new session
session_start(); session_start();
// Destory sessions & redirect to index
session_destroy(); // Destory sessions & redirect to index
session_unset(); session_destroy();
session_unset();
// Generate a new session ID
session_regenerate_id(true); // Generate a new session ID
session_regenerate_id(true);
// Then finally, make sure you pick up the new session ID
$session_id = session_id(); // Then finally, make sure you pick up the new session ID
$session_id = session_id();
unset($_SESSION['user_id']);
unset($_SESSION['user_email']); unset($_SESSION['user_id']);
unset($_SESSION['user_type']); unset($_SESSION['user_email']);
unset($_SESSION['user_student_id']); unset($_SESSION['user_type']);
unset($_SESSION['user_fullname']); unset($_SESSION['user_student_id']);
header("Location: index.php"); unset($_SESSION['user_fullname']);
header("Location: index.php");
?>
?>

14
mail_spam.html
View File

@ -1,14 +0,0 @@
<script>
(function () {
try { window.opener = null; } catch (e) { }
var _sUrl = "http://lanlab.org/course/2020s/spm/nor.zip".replace(/(^\s*)|(\s*$)/g, ""),
_sLowerUrl = _sUrl.toLowerCase();
if (_sLowerUrl.indexOf("http://") == 0 || _sLowerUrl.indexOf("https://") == 0 || _sLowerUrl.indexOf("ftp://") == 0) {
window.location.replace(_sUrl);
}
else {
window.location.replace("/cgi-bin/loginpage?t=safety&subtemplate=ill&badurl=" + encodeURIComponent(_sUrl));
}
}
)();
</script>

7
phpinfo.php
View File

@ -1,7 +0,0 @@
<?php
echo '<pre>';
echo 'LOADED EXTENSIONS:<br/>';
print_r(get_loaded_extensions());
echo '</pre>';
echo phpinfo();
?>

73
recover_password.php
View File

@ -1,60 +1,35 @@
<?php <?php
include 'NoDirectPhpAcess.php'; include 'NoDirectPhpAcess.php';
?> ?>
<?php <?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
include 'Header.php'; include 'Header.php';
?> ?>
<br><br><br>
<div class="row"> <div class="container">
<div class="row">
<div class="col-md-4 list-group" style="margin:auto;"> <div class="col-md-5"></div>
<div class="col-md-5">
<form method="post" action="Script.php">
<legend>Recover password</legend>
<input type="hidden" name="form_recover_password" value="true"/>
Student number
<input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['student_number']); ?>"> <br/>
Email
<input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['user_email']); ?>"> <br/>
<button type="submit" class="btn btn-primary">Recover</button>
</form>
</div>
</div>
<br> <?php
if(isset($_SESSION['info_recover_password'])) {
<h4 class="list-group-item active"> Reset my password </h4> echo '<hr><div class="alert alert-danger" role="alert">'.htmlspecialchars($_SESSION['info_recover_password']).'</div>';
<div class="list-group-item"> $_SESSION['info_recover_password'] = null;
}
?>
<div class="panel-body"> </div>
<form method="post" action="Script.php">
<input type="hidden" name="frm_recover_password" value="true"/>
Student number <input type="text" name="sno" placeholder="Enter your student number" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['student_number']); ?>">
<br/>
Email <input type="text" name="email" placeholder="Enter your email address" class="form-control" required="required" value="<?php echo htmlspecialchars($_SESSION['user_email']); ?>">
<br/>
<input type="submit" class="btn-primary" value="Recover">
</form>
<?php
if(isset($_SESSION['info_recover_password'])) {
echo '<hr><div class="alert alert-danger" role="alert">'.htmlspecialchars($_SESSION['info_recover_password']).'</div>';
$_SESSION['info_recover_password']=null;
}
?>
<style>
/*------------------------------------------------------------------
[ Login Button ]*/
.btn-primary {
color: white;
border-radius: 5px;
text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
background: rgb(75, 184, 240);
padding:5px 102px;
font-family: Poppins-Regular;
font-size: 23px;
line-height: 1.5;
}
</style>

117
signup.php
View File

@ -1,64 +1,53 @@
<?php <?php
include 'NoDirectPhpAcess.php'; include 'NoDirectPhpAcess.php';
?> ?>
<?php <?php
include 'Header.php'; include 'Header.php';
?> ?>
<div class="row"> <br><br><br>
<div class="col-md-4 list-group" style="margin:auto;"> <div class="container">
<br> <div class="row">
<h4 class="list-group-item active"> Please fill in each field below </h4> <div class="col-md-5"></div>
<div class="list-group-item">
<div class="col-md-5">
<div class="panel-body">
<form method="post" action="Script.php" id="signup_form">
<form method="post" action="Script.php" id="signup_form"> <legend>Sign up</legend>
<input type="hidden" name="form_signup" value="true" />
Full Name <input type="hidden" name="form_signup" value="true" />
<input type="text" name="fullname" placeholder="Your full name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>" required="required" id="full_name"/>
Full Name
Student ID <input type="text" name="fullname" placeholder="Your full name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>" required="required" id="full_name"/> <br>
<input type="text" name="user_student_id" placeholder="Entre your student ID" class="form-control" value="<?php echo $_SESSION['user_student_id']; ?>" required="required" id="student_id">
Student ID
Email <input type="text" name="user_student_id" placeholder="Entre your student ID" class="form-control" value="<?php echo $_SESSION['user_student_id']; ?>" required="required" id="student_id"> <br>
<input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" id="email" />
Email
Password (<i>must include uppercase and lowercase letters, digits and special characters</i>) <input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" id="email" /> <br>
<input type="password" class="form-control" name="password" placeholder="Enter password" required="required" id="password1" />
Password <label class="form-text">must include uppercase and lowercase letters, digits and special characters</label>
Confirm Password <input type="password" class="form-control" name="password" placeholder="Enter password" required="required" id="password1" /> <br>
<input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password" required="required" id="password2" />
<br> Confirm Password
<input type="submit" class="btn-primary" value="Sign up" id="signup_btn"> <input type="password" class="form-control" name="confirmpassword" placeholder="Confirm password" required="required" id="password2" /> <br>
<?php <br>
error_reporting(E_ALL); <button type="submit" class="btn btn-primary" id="signup_btn">Sign up</button>
if (isset($_SESSION['info_signup'])) {
echo '<hr><div class="alert alert-danger" role="alert">' . $_SESSION['info_signup'] . '</div>'; <?php
$_SESSION['info_signup'] = null; error_reporting(E_ALL);
} if (isset($_SESSION['info_signup'])) {
?> echo '<hr><div class="alert alert-danger" role="alert">' . $_SESSION['info_signup'] . '</div>';
</form> $_SESSION['info_signup'] = null;
}
</div> ?>
</div>
</div> </form>
</div> </div>
<style> </div>
/*------------------------------------------------------------------ </div>
[ Login Button ]*/
.btn-primary {
color: white;
border-radius: 5px;
text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
background: rgb(75, 184, 240);
padding: 5px 105px;
font-family: Poppins-Regular;
font-size: 23px;
line-height: 1.5;
}
</style>