?> " /> <title>by Paper</title> <link rel="stylesheet" type="text/css" href="../../css/body.css" /> <link rel="stylesheet" type="text/css" href="../../css/header.css" /> <style type="text/css"> body {font-size:80%} .divider {font-size:80%; font-weight:bold; padding-left:6px} .s {padding-left:6px} .q_no {text-align:right; width:35px} .mee { display: inline; } <?php echo QuestionStatus::generate_status_css($status_array); ?> </style> <script type="text/javascript" src="../../js/jquery-1.11.1.min.js"></script> <script type="text/javascript" src="../../js/jquery-migrate-1.2.1.min.js"></script> <script type="text/javascript" src="../../tools/mee/mee/js/mee_src.js"></script> <script> function Qpreview(qID) { parent.previewurl.location = '../view_question.php?q_id=' + qID; } function populateTicks() { q_array = parent.top.controls.document.getElementById('questions_to_add').value.split(","); for (i=0; i<q_array.length; i++) { if (q_array[i]!='') {
$staff_modules_sql .= ") OR users.id=" . $userObject->get_user_ID() . ") "; } else { // Reset to just look for current owners paper if not on any teams. $staff_modules_sql .= "AND users.id=" . $userObject->get_user_ID() . " "; } } if ($module_sql != '') { $module_sql = 'AND (' . $module_sql . ')'; } if ($keyword != '%' and $keyword != '') { $keyword = ' AND keywordID=' . $keyword; } else { $keyword = ''; } $display_no = 0; $retired_in = '-1,' . implode(',', QuestionStatus::get_retired_status_ids($status_array)); $questions = array(); if (isset($_GET['sortby'])) { $sortby = $_GET['sortby']; } else { if (isset($state['sortby'])) { $sortby = $state['sortby']; } else { $sortby = 'leadin'; } } if (isset($_GET['ordering'])) { $ordering = $_GET['ordering']; } else { if (isset($state['ordering'])) { $ordering = $state['ordering'];
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/sysadmin_auth.inc'; require_once '../classes/question_status.class.php'; // Check if we have any faculties $statuses = QuestionStatus::get_all_statuses($mysqli, $string); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta http-equiv="content-type" content="text/html;charset=<?php echo $configObject->get('cfg_page_charset'); ?> " /> <title>Rogō: <?php echo $string['questionstatuses'] . ' ' . $configObject->get('cfg_install_type'); ?> </title>
$result = $mysqli->prepare("INSERT INTO relationships (SELECT NULL, idMod, ? as paper_id, question_id, ?, ?, vle_api, map_level" . " FROM relationships WHERE question_id IN ({$qids}) AND paper_id = ? AND obj_id = ?)"); foreach ($mappings_copy_objID as $oldmapid => $newmapid) { $result->bind_param('iisii', $new_paper_id, $newmapid, $new_calendar_year, $paperid, $oldmapid); $result->execute(); } $result->close(); } } } } else { // Copy the paper and the questions. // Copy the properties (properties table) $new_paper_id = copyProperties($mysqli, $calendar_year, $new_calendar_year, $moduleIDs, $userObject, $configObject); // Get question statuses $default_status = -1; $status_array = QuestionStatus::get_all_statuses($mysqli, $string, true); // Set copies of retired questions to default statuses foreach ($status_array as $tmp_status) { if ($tmp_status->get_is_default()) { $default_status = $tmp_status->id; break; } } // Copy the question and option data (questions and options tables) $old_qids = array(); $new_qids = array(); $q_no = 0; $result = $mysqli->prepare("SELECT question, screen, display_pos FROM papers WHERE paper = ? ORDER BY display_pos"); $result->bind_param('i', $paperid); $result->execute(); $result->store_result();
// along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * Delete a question status. * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/sysadmin_auth.inc'; require_once '../include/errors.inc'; require_once '../classes/question_status.class.php'; $status_id = check_var('status_id', 'POST', true, false, true); try { $status = new QuestionStatus($mysqli, $string, $status_id); } catch (DatabaseException $ex) { $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email')); $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true); } $status->delete(); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta http-equiv="content-type" content="text/html;charset=<?php echo $configObject->get('cfg_page_charset'); ?> " />
$data['is_default'] = isset($_POST['is_default']) ? true : false; $data['change_locked'] = isset($_POST['change_locked']) ? true : false; $data['validate'] = isset($_POST['validate']) ? true : false; $data['display_warning'] = isset($_POST['display_warning']) ? true : false; $data['colour'] = $_POST['colour']; if (isset($q_status)) { $q_status->set_name($data['name']); $q_status->set_exclude_marking($data['exclude_marking']); $q_status->set_retired($data['retired']); $q_status->set_is_default($data['is_default']); $q_status->set_change_locked($data['change_locked']); $q_status->set_validate($data['validate']); $q_status->set_display_warning($data['display_warning']); $q_status->set_colour($data['colour']); } else { $q_status = new QuestionStatus($mysqli, $string, $data); } try { if ($q_status->save()) { header("location: list_statuses.php"); exit; } } catch (ItemExistsException $ex) { $error = 'duplicate'; } } $em_checked = $q_status->get_exclude_marking() ? ' checked="checked"' : ''; $es_checked = $q_status->get_retired() ? ' checked="checked"' : ''; $default_checked = $q_status->get_is_default() ? ' checked="checked"' : ''; $locked_checked = $q_status->get_change_locked() ? ' checked="checked"' : ''; $validate_checked = $q_status->get_validate() ? ' checked="checked"' : '';
/** * create the database and users if they do not exist * */ static function createDatabase($dbname, $dbcharset) { global $string; $res = self::$db->prepare("SHOW DATABASES LIKE '{$dbname}'"); $res->execute(); $res->store_result(); @ob_flush(); @flush(); if ($res->num_rows > 0) { self::displayError(array('010' => sprintf($string['displayerror1'], $dbname))); } $res->close(); switch ($dbcharset) { case 'utf8': $collation = 'utf8_general_ci'; break; default: $collation = 'latin1_swedish_ci'; } self::$db->query("CREATE DATABASE {$dbname} CHARACTER SET = {$dbcharset} COLLATE = {$collation}"); //have to use query here oldvers of php throw an error if (self::$db->errno != 0) { self::displayError(array('011' => $string['displayerror2'])); } //select the newly created database self::$db->change_user(self::$db_admin_username, self::$db_admin_passwd, self::$cfg_db_name); //create tables $tables = new databaseTables($dbcharset); self::$db->autocommit(false); while ($sql = $tables->next()) { $res = self::$db->query($sql); @ob_flush(); @flush(); if (self::$db->errno != 0) { self::displayError(array('012' => $string['displayerror3'] . self::$db->error . "<br /> {$sql}")); try { $err = self::$db->error; $mess = self::$db->errno; throw new Exception("MySQL error {$err}", $mess); } catch (Exception $e) { echo "Error No: " . $e->getCode() . " - " . $e->getMessage() . "<br />"; } self::$db->rollback(); } } self::$db->commit(); self::$cfg_db_username = self::$cfg_db_basename . '_auth'; self::$cfg_db_password = gen_password() . gen_password(); self::$cfg_db_student_user = self::$cfg_db_basename . '_stu'; self::$cfg_db_student_passwd = gen_password() . gen_password(); self::$cfg_db_staff_user = self::$cfg_db_basename . '_staff'; self::$cfg_db_staff_passwd = gen_password() . gen_password(); self::$cfg_db_external_user = self::$cfg_db_basename . '_ext'; self::$cfg_db_external_passwd = gen_password() . gen_password(); self::$cfg_db_sysadmin_user = self::$cfg_db_basename . '_sys'; self::$cfg_db_sysadmin_passwd = gen_password() . gen_password(); self::$cfg_db_sct_user = self::$cfg_db_basename . '_sct'; self::$cfg_db_sct_passwd = gen_password() . gen_password(); self::$cfg_db_inv_user = self::$cfg_db_basename . '_inv'; self::$cfg_db_inv_passwd = gen_password() . gen_password(); self::$cfg_cron_user = '******'; self::$cfg_cron_passwd = gen_password() . gen_password(); $priv_SQL = array(); //create 'database user authentication user' and grant permissions self::$db->query("CREATE USER '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "' IDENTIFIED BY '" . self::$cfg_db_password . "'"); if (self::$db->errno != 0) { self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_username . $string['wnotcreated'] . ' ' . self::$db->error)); } //$priv_SQL[] = "REVOKE ALL PRIVILEGES ON $dbname.* FROM '". self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".admin_access TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".courses TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".client_identifiers TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".labs TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".lti_keys TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".lti_user TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".modules_student TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".paper_metadata_security TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, UPDATE, INSERT, DELETE ON " . $dbname . ".password_tokens TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".schools TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".sid TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".special_needs TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".sys_errors TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT,INSERT ON " . $dbname . ".temp_users TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".users TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".users_metadata TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".denied_log TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "FLUSH PRIVILEGES"; foreach ($priv_SQL as $sql) { self::$db->query($sql); @ob_flush(); @flush(); if (self::$db->errno != 0) { self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_username . $string['wnotpermission'] . ' ' . self::$db->error)); self::$db->rollback(); } } self::$db->commit(); $priv_SQL = array(); //create 'database user student user' and grant permissions self::$db->query("CREATE USER '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "' IDENTIFIED BY '" . self::$cfg_db_student_passwd . "'"); if (self::$db->errno != 0) { self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_student_user . $string['wnotcreated'] . ' ' . self::$db->error)); } //$priv_SQL[] = "REVOKE ALL PRIVILEGES ON $dbname.* FROM '". self::$cfg_db_student_user . "'@'". self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".announcements TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".cache_median_question_marks TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".cache_paper_stats TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".cache_student_paper_marks TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".exam_announcements TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".feedback_release TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".help_log TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".help_searches TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".help_tutorial_log TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".client_identifiers TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".keywords_question TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".labs TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log0 TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log1 TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log2 TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log3 TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log4 TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log4_overall TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log5 TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log6 TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".log_extra_time TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".log_lab_end_time TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log_late TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log_metadata TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".lti_resource TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".lti_context TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".marking_override TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".modules TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".modules_student TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".objectives TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".options TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".paper_feedback TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".paper_metadata_security TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".papers TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties_modules TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".questions TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".question_exclude TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".question_statuses TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".reference_material TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".reference_modules TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".reference_papers TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".relationships TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".schools TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".sid TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".sessions TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".std_set TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".std_set_questions TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".state TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".student_help TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".special_needs TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".sys_errors TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".temp_users TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".users TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".users_metadata TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".access_log TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".denied_log TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".killer_questions TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".save_fail_log TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "FLUSH PRIVILEGES"; foreach ($priv_SQL as $sql) { self::$db->query($sql); @ob_flush(); @flush(); if (self::$db->errno != 0) { self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_student_user . $string['wnotpermission'] . ' ' . self::$db->error)); self::$db->rollback(); } } self::$db->commit(); $priv_SQL = array(); //create 'database user external user' and grant permissions self::$db->query("CREATE USER '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "' IDENTIFIED BY '" . self::$cfg_db_external_passwd . "'"); if (self::$db->errno != 0) { self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_external_user . $string['wnotcreated'] . ' ' . self::$db->error)); } //$priv_SQL[] = "REVOKE ALL PRIVILEGES ON $dbname.* FROM '". self::$cfg_db_external_user . "'@'". self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".help_log TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".help_searches TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".keywords_question TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log0 TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log1 TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log2 TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log3 TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log4 TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log4_overall TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log5 TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log_late TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log_metadata TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".modules TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".modules_staff TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".options TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".papers TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".questions TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".question_statuses TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".reference_material TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".reference_modules TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".reference_papers TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".review_comments TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".review_metadata TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".special_needs TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".std_set TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".std_set_questions TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".staff_help TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".student_help TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".sys_errors TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".users TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".access_log TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".denied_log TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties_reviewers TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".client_identifiers TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".labs TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties_modules TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".log_extra_time TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".log_lab_end_time TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".schools TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".paper_metadata_security TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".modules_student TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".question_exclude TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".users_metadata TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".marking_override TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".sid TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".student_notes TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".paper_notes TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".exam_announcements TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".relationships TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".feedback_release TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".cache_paper_stats TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".paper_feedback TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "FLUSH PRIVILEGES"; foreach ($priv_SQL as $sql) { self::$db->query($sql); @ob_flush(); @flush(); if (self::$db->errno != 0) { self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_external_user . $string['wnotpermission'] . ' ' . self::$db->error)); self::$db->rollback(); } } self::$db->commit(); $priv_SQL = array(); //create 'database user staff user' and grant permissions self::$db->query("CREATE USER '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "' IDENTIFIED BY '" . self::$cfg_db_staff_passwd . "'"); if (self::$db->errno != 0) { self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_staff_user . $string['wnotcreated'] . ' ' . self::$db->error)); } //$priv_SQL[] = "REVOKE ALL PRIVILEGES ON $dbname.* FROM '". self::$cfg_db_staff_user . "'@'". self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".* TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".cache_median_question_marks TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".cache_paper_stats TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".cache_student_paper_marks TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".ebel TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".exam_announcements TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".feedback_release TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".folders TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".folders_modules_staff TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".help_log TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".help_searches TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".help_tutorial_log TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".hofstee TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".keywords_question TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".keywords_user TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log0 TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log1 TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log2 TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log3 TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".log4 TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".log4_overall TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".log5 TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log6 TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".log_late TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".log_metadata TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".lti_resource TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".lti_context TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".marking_override TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".modules TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".modules_staff TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".modules_student TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".objectives TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".options TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".paper_metadata_security TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".paper_notes TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".paper_feedback TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".papers TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".password_tokens TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".performance_main TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".performance_details TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".properties TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".properties_modules TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".question_exclude TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".questions TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".question_statuses TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".questions_metadata TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".questions_modules TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".recent_papers TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".reference_material TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".reference_modules TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".reference_papers TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".relationships TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".review_comments TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".review_metadata TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, DELETE ON " . $dbname . ".scheduling TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".sessions TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".sid TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".sms_imports TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".special_needs TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".std_set TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".std_set_questions TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".state TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".student_notes TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".temp_users TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".textbox_marking TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".textbox_remark TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".track_changes TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".users TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".users_metadata TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".access_log TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".denied_log TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".properties_reviewers TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".sys_errors TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".killer_questions TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".save_fail_log TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, UPDATE ON " . $dbname . ".toilet_breaks TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "FLUSH PRIVILEGES"; foreach ($priv_SQL as $sql) { self::$db->query($sql); @ob_flush(); @flush(); if (self::$db->errno != 0) { self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_staff_user . $string['wnotpermission'] . ' ' . self::$db->error)); self::$db->rollback(); } } self::$db->commit(); $priv_SQL = array(); //create 'database user SCT user' and grant permissions self::$db->query("CREATE USER '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "' IDENTIFIED BY '" . self::$cfg_db_sct_passwd . "'"); if (self::$db->errno != 0) { self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_sct_user . $string['wnotcreated'] . ' ' . self::$db->error)); } //$priv_SQL[] = "REVOKE ALL PRIVILEGES ON $dbname.* FROM '". self::$cfg_db_sct_user . "'@'". self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".options TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".paper_metadata_security TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".paper_notes TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".papers TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".questions TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".question_statuses TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".questions_metadata TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".sct_reviews TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".denied_log TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "FLUSH PRIVILEGES"; foreach ($priv_SQL as $sql) { self::$db->query($sql); if (self::$db->errno != 0) { self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_sct_user . $string['wnotpermission'] . ' ' . self::$db->error)); self::$db->rollback(); } } self::$db->commit(); $priv_SQL = array(); //create 'database user Invigilator user' and grant permissions self::$db->query("CREATE USER '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "' IDENTIFIED BY '" . self::$cfg_db_inv_passwd . "'"); if (self::$db->errno != 0) { self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_inv_user . $string['wnotcreated'] . ' ' . self::$db->error)); } //$priv_SQL[] = "REVOKE ALL PRIVILEGES ON $dbname.* FROM '". self::$cfg_db_inv_user . "'@'". self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".exam_announcements TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".client_identifiers TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".labs TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".log2 TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".log_metadata TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".log_extra_time TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".log_lab_end_time TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".modules_student TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".paper_notes TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties_modules TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".modules TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".papers TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".questions TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".question_statuses TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".student_notes TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".sid TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".special_needs TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".users TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".access_log TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".denied_log TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, DELETE ON " . $dbname . ".toilet_breaks TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "FLUSH PRIVILEGES"; foreach ($priv_SQL as $sql) { self::$db->query($sql); @ob_flush(); @flush(); if (self::$db->errno != 0) { self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_inv_user . $string['wnotpermission'] . ' ' . self::$db->error)); self::$db->rollback(); } } self::$db->commit(); $priv_SQL = array(); //create 'database user sysadmin user' and grant permissions self::$db->query("CREATE USER '" . self::$cfg_db_sysadmin_user . "'@'" . self::$cfg_web_host . "' IDENTIFIED BY '" . self::$cfg_db_sysadmin_passwd . "'"); if (self::$db->errno != 0) { self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_sysadmin_user . $string['wnotcreated'] . ' ' . self::$db->error)); } //$priv_SQL[] = "REVOKE ALL PRIVILEGES ON $dbname.* FROM '". self::$cfg_db_sysadmin_user . "'@'". self::$cfg_web_host . "'"; $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE, ALTER, DROP ON " . $dbname . ".* TO '" . self::$cfg_db_sysadmin_user . "'@'" . self::$cfg_web_host . "'"; $priv_SQL[] = "FLUSH PRIVILEGES"; foreach ($priv_SQL as $sql) { self::$db->query($sql); @ob_flush(); @flush(); if (self::$db->errno != 0) { echo self::$db->error . "<br />"; self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_sysadmin_user . $string['wnotpermission'] . ' ' . self::$db->error)); self::$db->rollback(); } } self::$db->commit(); //create sysadmin user UserUtils::create_user($_POST['SysAdmin_username'], $_POST['SysAdmin_password'], $_POST['SysAdmin_title'], $_POST['SysAdmin_first'], $_POST['SysAdmin_last'], $_POST['SysAdmin_email'], 'University Lecturer', '', '1', 'Staff,SysAdmin', '', self::$db); //create cron user UserUtils::create_user(self::$cfg_cron_user, self::$cfg_cron_passwd, '', '', 'cron', '', '', '', '', 'Staff,SysCron', '', self::$db); //create 100 guest accounts for ($i = 1; $i <= 100; $i++) { UserUtils::create_user('user' . $i, '', 'Dr', 'A', 'User' . $i, '', 'none', '', '1', 'Student', '', self::$db); } self::$db->commit(); //add unknown school & faculty $facultyID = FacultyUtils::add_faculty('UNKNOWN Faculty', self::$db); $scoolID = SchoolUtils::add_school($facultyID, 'UNKNOWN School', self::$db); //add traing school $facultyID = FacultyUtils::add_faculty('Administrative and Support Units', self::$db); $scoolID = SchoolUtils::add_school($facultyID, 'Training', self::$db); //create special modules module_utils::add_modules('TRAIN', 'Training Module', 1, $scoolID, '', '', 0, false, false, false, true, null, null, self::$db, 0, 0, 1, 1, '07/01'); module_utils::add_modules('SYSTEM', 'Online Help', 1, $scoolID, '', '', 0, true, true, true, true, null, null, self::$db, 0, 0, 1, 1, '07/01'); self::$db->commit(); // Create default question statuses $statuses = array(array('name' => 'Normal', 'exclude_marking' => false, 'retired' => false, 'is_default' => true, 'change_locked' => true, 'validate' => true, 'display_warning' => 0, 'colour' => '#000000', 'display_order' => 0), array('name' => 'Retired', 'exclude_marking' => false, 'retired' => true, 'is_default' => false, 'change_locked' => true, 'validate' => false, 'display_warning' => 1, 'colour' => '#808080', 'display_order' => 1), array('name' => 'Incomplete', 'exclude_marking' => false, 'retired' => false, 'is_default' => false, 'change_locked' => false, 'validate' => false, 'display_warning' => 1, 'colour' => '#000000', 'display_order' => 2), array('name' => 'Experimental', 'exclude_marking' => true, 'retired' => false, 'is_default' => false, 'change_locked' => false, 'validate' => true, 'display_warning' => 0, 'colour' => '#808080', 'display_order' => 3), array('name' => 'Beta', 'exclude_marking' => false, 'retired' => false, 'is_default' => false, 'change_locked' => false, 'validate' => true, 'display_warning' => 1, 'colour' => '#000000', 'display_order' => 4)); foreach ($statuses as $data) { $qs = new QuestionStatus(self::$db, $string, $data); $qs->save(); } //FLUSH PRIVILEGES self::$db->query("FLUSH PRIVILEGES"); if (self::$db->errno != 0) { self::logWarning(array('014' => $string['logwarning20'])); } self::$db->commit(); self::$db->autocommit(false); }
public static function get_all_statuses_by_name($db, $lang_strings) { return QuestionStatus::get_all_statuses_by_type($db, $lang_strings, 'name'); }
private function load_performance_stats() { $this->stats = array('veryeasy' => 0, 'easy' => 0, 'moderate' => 0, 'hard' => 0, 'veryhard' => 0, 'highest' => 0, 'high' => 0, 'intermediate' => 0, 'low' => 0); $status_array = QuestionStatus::get_all_statuses($this->db, $this->string, true); $retired_in = '-1,' . implode(',', QuestionStatus::get_retired_status_ids($status_array)); $sql = 'SELECT DISTINCT p, d, questions.q_id FROM questions, questions_modules, performance_main, performance_details WHERE questions.q_id = questions_modules.q_id AND questions.q_id = performance_main.q_id AND performance_main.id = performance_details.perform_id AND idMod = ? AND deleted IS NULL AND status NOT IN (' . $retired_in . ')'; $result = $this->db->prepare($sql); $result->bind_param('i', $this->idMod); $result->execute(); $result->bind_result($p, $d, $q_id); while ($result->fetch()) { if ($p >= 80 and $p <= 100) { $this->stats['veryeasy']++; } elseif ($p >= 60 and $p < 80) { $this->stats['easy']++; } elseif ($p >= 40 and $p < 60) { $this->stats['moderate']++; } elseif ($p >= 20 and $p < 40) { $this->stats['hard']++; } elseif ($p >= 0 and $p < 20) { $this->stats['veryhard']++; } if ($d >= 35 and $d <= 100) { $this->stats['highest']++; } elseif ($d >= 25 and $d < 35) { $this->stats['high']++; } elseif ($d >= 15 and $d < 25) { $this->stats['intermediate']++; } elseif ($d >= 0 and $d < 15) { $this->stats['low']++; } } $result->close(); }
/** * IMPORT: Loads a ZIP file, parses and adds contents to the database. */ public function import($paperID = 0) { if ($paperID != 0) { $this->properties = PaperProperties::get_paper_properties_by_id($paperID, $this->db, $this->string); } $this->logger = new Logger($this->db); $this->status_array = QuestionStatus::get_all_statuses_by_name($this->db, $this->string); $this->get_keyword_ids(); $this->zip_filename = $this->userID . '_raf.zip'; $tmp_path = $this->configObj->get('cfg_tmpdir'); if (!move_uploaded_file($_FILES['raffile']['tmp_name'], $tmp_path . $this->zip_filename)) { echo uploadError($_FILES['raffile']['error']); exit; } $dest_dir = $tmp_path . $this->userID; if (!file_exists($dest_dir)) { mkdir($dest_dir, 0700); } $zip = new ZipArchive(); if ($zip->open($tmp_path . $this->zip_filename) === TRUE) { $zip->extractTo($dest_dir); if (file_exists($dest_dir . '/raf.json')) { $this->data = file_get_contents($dest_dir . '/raf.json'); } else { $zip->close(); $msg = sprintf($this->string['furtherassistance'], $this->configObj->get('support_email'), $this->configObj->get('support_email')); $this->notice->display_notice_and_exit($this->db, $this->string['invalidraf'], $msg, $this->string['invalidraf'], '../artwork/exclamation_48.png', '#C00000', true, true); } $this->copy_images($dest_dir, $tmp_path); $this->load_raf_data(); unlink($dest_dir . '/raf.json'); $zip->close(); } else { $msg = sprintf($this->string['furtherassistance'], $this->configObj->get('support_email'), $this->configObj->get('support_email')); $this->notice->display_notice_and_exit($this->db, $this->string['invalidzip'], $msg, $this->string['invalidzip'], '../artwork/exclamation_48.png', '#C00000', true, true); } }
public function __construct($studentsonly, $percent, $ordering, $absent, $sortby, $userObject, $propertyObj, $startdate, $enddate, $repcourse, $repmodule, $db, $string) { $this->db = $db; $this->demo = is_demo($userObject); $this->paperID = $propertyObj->get_property_id(); $this->paper_type = $propertyObj->get_paper_type(); $this->calendar_year = $propertyObj->get_calendar_year(); $this->startdate = $startdate; $this->enddate = $enddate; $this->absent = $absent; $this->studentsonly = $studentsonly; $this->marking = $propertyObj->get_marking(); $this->percent = $percent; $this->ordering = $ordering; $this->sortby = $sortby; $this->repcourse = $repcourse; $this->repmodule = $repmodule; $this->pass_mark = $propertyObj->get_pass_mark(); $this->distinction_mark = $propertyObj->get_distinction_mark(); $this->log_late = array(); $this->q_medians = array(); $this->random_q_ids = array(); $this->config = Config::get_instance(); $this->propertyObj = $propertyObj; $this->exclusions = new Exclusion($this->paperID, $this->db); $this->display_excluded = ''; $this->user_no = 0; $this->marking_overrides = array(); $this->string = $string; $unmarked_calculation = false; $unmarked_textbox = false; $this->question_statuses = QuestionStatus::get_all_statuses($db, array(), true); }