Sindbad~EG File Manager
<?php
// Shows the grades for a given class in a table with rows labeled by secretNumber and columns by assignment.
// 9.10.10, added code to process late submissions.
require_once('DB.php');
require_once('../queryWebGrades.php');
$ClassName = $_POST['ClassName'];
$Teacher = $_POST['Teacher'];
$School = $_POST['School'];
$StartDate = $_POST['StartDate'];
$AssignmentNumber= $_POST['AssignmentNumber'];
$AssignmentFile = $_POST['AssignmentFile'];
$Email = $_POST['Email'];
$SecretNumber = $_POST['SecretNumber'];
function dumpTable($table)
{
$sql = "SELECT * FROM `$table`";
$result = Query($sql);
echo "<table border = \"2\">";
while($r=$result->fetchRow())
{ echo "<tr>"; foreach($r as $item) { echo "<td> $item </td>";} echo "</tr>"; }
echo "</table>";
}
/*__________________________________________________*/
function getStudentNumber($SecretNumber)
// the secret number is congruent to 17 mod 23
// but student numbers auto-increment from 0
// Do not change this scheme as it is built into WebGrades.php
{ return (int) ($SecretNumber / 23);
}
/*__________________________________________________*/
function getSecretNumber($StudentNumber)
{ return 23 * $StudentNumber + 17;
}
/*____________________________________________________*/
function validEmail($email)
// return true if it's a legal email address, false if not
{ return eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email);
}
/*__________________________________________________*/
function getCourseID( $ClassName, $Teacher, $School, $StartDate )
{
$sql = "SELECT * FROM `Classes` WHERE ClassName='$ClassName' AND Teacher='$Teacher' AND School='$School' AND StartDate='$StartDate';";
$r = Query($sql);
$found = false;
$row = $r->fetchRow();
if($row==NULL)
{ return "Class not found. Check the data specified in the web page that contained the form you submitted";
}
else
return $row[0];
}
/*__________________________________________________*/
function displaySecretNumbers()
// for professor's use in setting up his or her spreadsheet
{
$sql = "SELECT * FROM `Students`";
$result = Query($sql);
echo "<table border=\"2\">";
while($r = $result->fetchRow())
{ $StudentNumber = $r[0];
$Email = $r[1];
$FirstName = $r[2];
$LastName = $r[3];
$SecretNumber = getSecretNumber($StudentNumber);
echo "<tr><td>$SecretNumber</td><td>$LastName, </td><td>$FirstName </td><td>$Email</td></tr>";
}
echo "</table>";
}
/*__________________________________________________*/
function dumpRawGrades($SecretNumber)
// display all the submissions of one student
{ $StudentNumber = getStudentNumber($SecretNumber);
$sql = "SELECT * FROM `Homework` WHERE StudentNumber='$StudentNumber' ORDER BY SubmissionDate";
$r = Query($sql);
while( $row = $r->fetchRow())
{ foreach($row as $item)
{ echo "$item ";
}
echo "<br>";
}
}
/*__________________________________________________*/
function getProblemNumbers( $ClassName, $Teacher, $School, $StartDate, $AssignmentFile, $AssignmentNumber)
// return an array $problemNumbers. $problemNumbers[$TopicOrFilename] is an array of the assigned problem numbers on that topic in the specified assignment.
{ $CourseID = getCourseID($ClassName, $Teacher, $School, $StartDate);
$L = file($AssignmentFile); // read the assignment file into an array of lines
$found = false;
$ans = array();
foreach ($L as $line)
{ $line = trim($line);
if(substr($line,0,2)=="//") continue; // a comment-only line
if($line == "") continue; // a blank line
$line = split("//", $line);
$line = trim($line[0]); // discard comments
// is this a line starting a new assignment?
$start = substr($line,0,3);
if($start == "Ass")
{ // yes, it does start a new assignment
if($found)
return $ans;
$p = explode(":", $line);
$p1 = preg_split("/[\s]+/",trim($p[0])); // allowing multiple spaces as in "Assignment 5"
$AssignmentNumber2 = trim($p1[1]); // it will be a number if the assignment file is correctly formatted.
if($AssignmentNumber2 == $AssignmentNumber)
$found = true; // this is not the desired assignment
}
if(!$found)
continue;
// now read the next line of the assignment
$p = explode(":",$line);
$q = $p[1];
$TopicOrFilename = trim($p[0]);
echo "got here $TopicOrFilename<br>";
// now put the problem numbers specified in $q into this array
$y = split("-",$q);
$J = 0;
$next = array();
if(count($y) == 2 && is_numeric($y[0]) && is_numeric($y[1])) // as in 1-12
{ for($k=$y[0]; $k <= $y[1]; $k++)
{ $next[$J] = $k;
$J++;
}
}
$ans[$TopicOrFilename] = $next;
}
return $ans; // we get here if the last assignment was the one specified
}
/*________________________________________________*/
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Homework Grades</title>
</head>
<body>
<?php
$stop = false;
$ProblemNumbers = getProblemNumbers($ClassName, $Teacher,$School, $StartDate, $AssignmentFile, $AssignmentNumber);
$Email = trim($Email);
$SecretNumber = trim($SecretNumber);
// sanitize $Email and $SecretNumber to prevent an attacker from entering code fragments into those text fields
if($Email != "")
{ if(strlen($Email) > 64)
{ $stop = true;
echo "That email address is too long. It should not exceed 64 characters.<br>";
}
else if(!validEmail($Email))
{ $stop = true;
echo "Invalid email address.<br>";
}
else
{ $sql = "SELECT * FROM Students WHERE Email='$Email';";
}
}
else if($SecretNumber != "")
{ if(strlen($SecretNumber) > 24)
{ $stop = true;
echo "Secret Number is too long.<br>";
}
else if(!is_numeric($SecretNumber))
{ echo "Your secret number should be a number.<br>";
$stop =true;
}
else if($SecretNumber % 23 != 17)
{ $stop = true;
echo "That secret number is invalid.<br>";
}
else
{ $StudentNumber = getStudentNumber($SecretNumber);
$sql = "SELECT * FROM Students WHERE StudentNumber='$StudentNumber';";
}
}
else
{ echo "Enter the email address you used to register for WebGrades, or your secret number.<br>";
$stop = true;
}
if(!$stop)
echo "<p> The following table shows your submissions for Assignment $AssignmentNumber. If you don't see the submissions you were expecting, a possible cause is that you submitted some different problems that were not on this assignment. </p>";
if(!$stop)
{ $q = Query($sql);
$r = $q->fetchRow();
if(!isset($r[0]))
{ echo "Cannot find you in the database. Enter the email address you used to register for WebGrades, or your secret number.<br>";
}
else
{ $StudentNumber = $r[0];
echo "<table border=\"2\">";
echo "<hr> <td>Problem Number</td> <td>Submission Date</td> </hr>";
$sql = "SELECT * FROM `Homework` WHERE StudentNumber='$StudentNumber' ORDER BY SubmissionDate";
$r = Query($sql);
while( $row = $r->fetchRow())
{ $Topic = $row[1];
$Filename = $row[2];
$ProblemNumber = $row[3];
$SubmissionDate = $row[4];
$problems = $ProblemNumbers[$Topic];
$problems2 = $ProblemNumbers[$Filename];
if(is_array($problems)) echo "<tr><td>yes</td> <td>Topic = $Topic </td><td> ProblemNumber = $ProblemNumber</td></tr>";
if((is_array($problems) && in_array($ProblemNumber,$problems)) || (is_array($problems2) && in_array($ProblemNumber, $problems2)))
{ echo "<tr> <td>$ProblemNumber</td><td>$SubmissionDate</td>";
}
}
$x = count($problems);
echo "<tr><td>$x</td></tr>";
echo "</table>";
}
}
?>
</body>
</html>
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists