protected function body()
{
if (!$this->isInputValid(array('id' => 'isIndex'))) {
return false;
}
$id = $this->getParams('id');
/**
* @var $submission \Submission
*/
$submission = Repositories::findEntity(Repositories::Submission, $id);
$userId = User::instance()->getId();
if ($submission->getUser()->getId() != $userId) {
return $this->death(StringID::HackerError);
}
// First, if you handed something off previously, it is no longer handed off
/**
* @var $yourSubmissions \Submission[]
*/
$yourSubmissions = Repositories::getRepository(Repositories::Submission)->findBy(['user' => $userId, 'assignment' => $submission->getAssignment()->getId()]);
foreach ($yourSubmissions as $previouslyHandedOffSubmission) {
if ($previouslyHandedOffSubmission->getStatus() == \Submission::STATUS_REQUESTING_GRADING || $previouslyHandedOffSubmission->getStatus() == \Submission::STATUS_LATEST) {
$previouslyHandedOffSubmission->setStatus(\Submission::STATUS_NORMAL);
Repositories::persistAndFlush($previouslyHandedOffSubmission);
}
}
// Next, hand off the submission
$submission->setStatus(\Submission::STATUS_REQUESTING_GRADING);
Repositories::persistAndFlush($submission);
$emailText = file_get_contents(Config::get("paths", "newSubmissionEmail"));
$emailText = str_replace("%{RealName}", User::instance()->getRealName(), $emailText);
$emailText = str_replace("%{Email}", User::instance()->getEmail(), $emailText);
$emailText = str_replace("%{Link}", Config::getHttpRoot() . "#correctionAll#submission#" . $submission->getId(), $emailText);
$lines = explode("\n", $emailText);
$subject = $lines[0];
// The first line is subject.
$text = preg_replace('/^.*\\n/', '', $emailText);
// Everything except the first line.
$to = $submission->getAssignment()->getGroup()->getOwner();
if ($to->getSendEmailOnNewSubmission()) {
if (!Core::sendEmail($to->getEmail(), $subject, $text)) {
return $this->death(StringID::MailError);
}
}
return true;
}
/**
* Runs this script.
* @return bool Is it successful?
* @throws \Exception Should never occur.
*/
protected function body()
{
$inputs = array('name' => array('isAlphaNumeric', 'hasLength' => array('min_length' => Constants::UsernameMinLength, 'max_length' => Constants::UsernameMaxLength)), 'realname' => array('isNotEmpty', 'isName'), 'email' => 'isEmail', 'pass' => array(), 'repass' => array());
if (!$this->isInputValid($inputs)) {
return false;
}
// Extract input data
$username = strtolower($this->getParams('name'));
$realname = $this->getParams('realname');
$email = $this->getParams('email');
$pass = $this->getParams('pass');
$repass = $this->getParams('repass');
$id = $this->getParams('id');
$type = $this->getParams('type');
$user = null;
$isIdSet = $id !== null && $id !== '';
$isTypeSet = $type !== null && $type !== '';
// Extract database data
if ($id) {
$user = Repositories::findEntity(Repositories::User, $id);
}
$userExists = $user != null;
$sameNameUserExists = count(Repositories::getRepository(Repositories::User)->findBy(['name' => $username])) > 0;
// Custom verification of input data
if ($pass !== $repass) {
return $this->death(StringID::InvalidInput);
}
if ($userExists) {
if ((strlen($pass) < Constants::PasswordMinLength || strlen($pass) > Constants::PasswordMaxLength) && $pass !== "") {
return $this->death(StringID::InvalidInput);
}
} else {
// A new user must have full password
if (strlen($pass) < Constants::PasswordMinLength || strlen($pass) > Constants::PasswordMaxLength) {
return $this->death(StringID::InvalidInput);
}
}
$code = '';
$unhashedPass = $pass;
$pass = Security::hash($pass, Security::HASHTYPE_PHPASS);
$canAddUsers = User::instance()->hasPrivileges(User::usersAdd);
$canEditUsers = User::instance()->hasPrivileges(User::usersManage);
$isEditingSelf = $id == User::instance()->getId();
// This must not be a strict comparison.
/**
* @var $user \User
*/
if (!$userExists && !$sameNameUserExists) {
if ($this->getParams('fromRegistrationForm')) {
if ($type != Repositories::StudentUserType) {
return $this->death(StringID::InsufficientPrivileges);
}
$code = md5(uniqid(mt_rand(), true));
$emailText = file_get_contents(Config::get("paths", "registrationEmail"));
$emailText = str_replace("%{Username}", $username, $emailText);
$emailText = str_replace("%{ActivationCode}", $code, $emailText);
$emailText = str_replace("%{Link}", Config::getHttpRoot() . "#activate", $emailText);
$lines = explode("\n", $emailText);
$subject = $lines[0];
// The first line is subject.
$text = preg_replace('/^.*\\n/', '', $emailText);
// Everything except the first line.
$returnCode = Core::sendEmail($email, $subject, $text);
if (!$returnCode) {
return $this->stop(ErrorCode::mail, 'user registration failed', 'email could not be sent');
}
} else {
if (!$canAddUsers) {
return $this->death(StringID::InsufficientPrivileges);
}
}
$user = new \User();
/** @var \UserType $typeEntity */
$typeEntity = Repositories::findEntity(Repositories::UserType, $type);
$user->setType($typeEntity);
$user->setPass($pass);
$user->setName($username);
$user->setEmail($email);
$user->setActivationCode($code);
$user->setEncryptionType(Security::HASHTYPE_PHPASS);
$user->setRealName($realname);
Repositories::persistAndFlush($user);
} elseif ($isIdSet) {
if (!$canEditUsers && ($isTypeSet || !$isEditingSelf)) {
return $this->stop(ErrorCode::lowPrivileges, 'cannot edit data of users other than yourself');
}
$type = $isTypeSet ? $type : $user->getType()->getId();
/** @var \UserType $typeEntity */
$typeEntity = Repositories::findEntity(Repositories::UserType, $type);
if ($unhashedPass) {
$user->setPass($pass);
$user->setEncryptionType(Security::HASHTYPE_PHPASS);
}
$user->setType($typeEntity);
$user->setEmail($email);
$user->setActivationCode('');
$user->setRealName($realname);
Repositories::persistAndFlush($user);
} else {
return $this->death(StringID::UserNameExists);
}
return true;
}
protected function generateAttachmentHtml($data)
{
echo '<span class="attachmentLabel">[attachment: ', $data['type'], ']</span>';
switch ($data['type']) {
case 'code':
echo '<pre class="attachment">', htmlspecialchars($this->getAttachmentContents($data['file'])), '</pre>';
break;
case 'image':
$httpRoot = Config::getHttpRoot();
echo '<img class="attachment" src="', $httpRoot, '/core/request.php', '?action=DownloadAttachment&id=', $data['id'], '"/>';
break;
default:
echo '<span class="attachment">', $this->getAttachmentContents($data['file']), '</span>';
}
}
protected function body()
{
// Validate input.
$inputs = array('group' => 'isIndex', 'problem' => 'isIndex', 'deadline' => 'isDate', 'reward' => 'isNonNegativeInt');
if (!$this->isInputValid($inputs)) {
return false;
}
// Load input
$id = $this->getParams('id');
$group = $this->getParams('group');
$problem = $this->getParams('problem');
$deadline = $this->getParams('deadline');
$reward = $this->getParams('reward');
// Adjust input
$deadline = $deadline . ' 23:59:59';
// Load from database
/**
* @var $groupEntity \Group
* @var $assignmentEntity \Assignment
* @var $problemEntity \Problem
*/
$groupEntity = Repositories::getEntityManager()->find('Group', $group);
$problemEntity = Repositories::getEntityManager()->find('Problem', $problem);
if ($groupEntity === null || $problemEntity === null) {
return $this->stop('Group or problem does not exist.', 'Assignment cannot be edited.');
}
// Authenticate
$user = User::instance();
if (!$user->hasPrivileges(User::groupsManageAll) && (!$user->hasPrivileges(User::groupsManageOwn) || $groupEntity->getOwner()->getId() !== $user->getId())) {
return $this->stop(Language::get(StringID::InsufficientPrivileges));
}
// Already exists?
if ($id !== null && $id !== '') {
$assignmentEntity = Repositories::getEntityManager()->find('Assignment', $id);
$assignmentEntity->setDeadline(\DateTime::createFromFormat("Y-m-d H:i:s", $deadline));
$assignmentEntity->setReward($reward);
Repositories::getEntityManager()->persist($assignmentEntity);
Repositories::getEntityManager()->flush($assignmentEntity);
} else {
// Verify integrity
if ($problemEntity->getLecture()->getId() !== $groupEntity->getLecture()->getId()) {
return $this->stop('You are adding an assignment for problem belonging to lecture X to a group that belongs to lecture Y. This is not possible.');
}
// Create new
$assignmentEntity = new \Assignment();
$assignmentEntity->setGroup($groupEntity);
$assignmentEntity->setProblem($problemEntity);
$assignmentEntity->setDeadline(\DateTime::createFromFormat("Y-m-d H:i:s", $deadline));
$assignmentEntity->setReward($reward);
Repositories::getEntityManager()->persist($assignmentEntity);
Repositories::getEntityManager()->flush($assignmentEntity);
// Send e-mail
/**
* @var $subscription \Subscription
*/
$query = Repositories::getEntityManager()->createQuery('SELECT s, u FROM Subscription s JOIN s.user u WHERE s.group = :group');
$query->setParameter('group', $groupEntity);
$subscriptions = $query->getResult();
foreach ($subscriptions as $subscription) {
if (!$subscription->getUser()->getSendEmailOnNewAssignment()) {
continue;
}
$to = $subscription->getUser()->getEmail();
$email = file_get_contents(Config::get("paths", "newAssignmentEmail"));
$email = str_replace("%{Problem}", $problemEntity->getName(), $email);
$email = str_replace("%{Deadline}", $deadline, $email);
$email = str_replace("%{Group}", $groupEntity->getName(), $email);
$email = str_replace("%{Link}", Config::getHttpRoot() . "#studentAssignments#" . $assignmentEntity->getId(), $email);
$email = str_replace("%{Date}", date("Y-m-d H:i:s"), $email);
$lines = explode("\n", $email);
$subject = $lines[0];
// The first line is subject.
$text = preg_replace('/^.*\\n/', '', $email);
// Everything except the first line.
if (!Core::sendEmail($to, trim($subject), $text)) {
Core::logError(Error::create(Error::levelWarning, "E-mail could not be sent to {$to}."));
}
}
}
return true;
}
