// GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/sysadmin_auth.inc'; require '../include/sidebar_menu.inc'; require '../include/errors.inc'; require '../include/year_tabs.inc'; $current_year = check_var('calyear', 'GET', true, false, true); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta http-equiv="content-type" content="text/html;charset=<?php echo $configObject->get('cfg_page_charset'); ?> " /> <title>Rogō: <?php echo $string['summativeexamfeedback'] . ' ' . $configObject->get('cfg_install_type'); ?> </title>
// but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * @author Anthony Brown, Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/staff_auth.inc'; require_once '../include/errors.inc'; $modID = (int) check_var('module', 'GET', true, false, true); if (!module_utils::get_moduleid_from_id($modID, $mysqli)) { $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email')); $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true); } if (isset($_POST['Save'])) { //save session $identifier = time(); $occurrence = $_POST['session_year'] . '-' . $_POST['session_month'] . '-' . $_POST['session_day'] . ' ' . $_POST['session_time']; $stmt = $mysqli->prepare("INSERT INTO sessions VALUES (NULL, ?, ?, ?, ?, ?, ?)"); $identifier = intVal($identifier); $stmt->bind_param('ssssss', $identifier, $modID, $_POST['session_title'], $_POST['url'], $_POST['session'], $occurrence); $stmt->execute(); $stmt->close(); $result = $mysqli->prepare("SELECT MAX(obj_id) AS largest FROM objectives"); $result->execute();
// GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Rogo. If not, see <http://www.gnu.org/licenses/>. /** * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/staff_auth.inc'; require_once '../include/errors.inc'; require_once '../include/paper_security.inc'; require_once '../classes/paperproperties.class.php'; $paperID = check_var('paperID', 'GET', true, false, true); // Get some paper properties $propertyObj = PaperProperties::get_paper_properties_by_id($paperID, $mysqli, $string); $paper_title = $propertyObj->get_paper_title(); $start_date = $propertyObj->get_start_date(); $end_date = $propertyObj->get_end_date(); $calendar_year = $propertyObj->get_calendar_year(); $paper_bgcolor = $propertyObj->get_bgcolor(); $paper_fgcolor = $propertyObj->get_fgcolor(); $paper_themecolor = $propertyObj->get_themecolor(); $paper_labelcolor = $propertyObj->get_labelcolor(); $type = $propertyObj->get_rubric(); $paper_prologue = $propertyObj->get_paper_prologue(); $marking = $propertyObj->get_marking(); $display_photos = $propertyObj->get_display_correct_answer(); $labs = $propertyObj->get_labs();
// along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/staff_auth.inc'; require_once '../include/survey_quantitative.inc.php'; require_once '../include/errors.inc'; require_once '../classes/stringutils.class.php'; require_once '../classes/paperproperties.class.php'; $paperID = check_var('paperID', 'GET', true, false, true); $startdate = check_var('startdate', 'GET', true, false, true); $enddate = check_var('enddate', 'GET', true, false, true); // Get some paper properties $propertyObj = PaperProperties::get_paper_properties_by_id($paperID, $mysqli, $string); header('Pragma: public'); header('Content-disposition: attachment; filename=report.xml'); header('Content-type: text/xml'); function displayQuestion($q_id, $theme, $scenario, $leadin, $q_type, $correct, $q_media, $q_media_width, $q_media_height, $options, $log, $correct_buf, $screen, $question_number, $candidates) { global $old_likert_scale, $old_display_method, $table_on; // Remove spaces $theme = str_replace(' ', ' ', $theme); $scenario = str_replace(' ', ' ', $scenario); $leadin = str_replace(' ', ' ', $leadin); $old_likert_scale = str_replace(' ', ' ', $old_likert_scale); // Remove nasty non-utf8 chars $theme = StringUtils::wordToUtf8(strip_tags($theme));
// // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * Delete a user account. * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/sysadmin_auth.inc'; require_once '../include/errors.inc'; require_once '../classes/userutils.class.php'; $userID = check_var('id', 'POST', true, false, true); // Check that all the past user IDs actually exist. $id_list = explode(',', $userID); foreach ($id_list as $id) { if ($id != '') { if (!UserUtils::userid_exists($id, $mysqli)) { $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email')); $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true); } } } foreach ($id_list as $single_id) { if ($single_id != '') { UserUtils::delete_userID($single_id, $mysqli); } }
<?php // This file is part of Rogō // // Rogō is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // Rogō is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../../include/staff_auth.inc'; require '../../include/errors.inc'; $announcementID = check_var('announcementID', 'GET', true, false, true); $_SESSION['announcement' . $announcementID] = 'hide';
* * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../../include/staff_auth.inc'; require '../../include/errors.inc'; require_once '../../classes/paperproperties.class.php'; require_once '../../plugins/questions/enhancedcalc/enhancedcalc.class.php'; require_once '../../plugins/questions/enhancedcalc/helpers/enhancedcalc_helper.php'; set_time_limit(0); //header('Content-Type: text/html; charset=' + $configObject->get('cfg_page_charset')); $paperID = check_var('paperID', 'REQUEST', true, false, true); $startdate = check_var('startdate', 'REQUEST', true, false, true); $enddate = check_var('enddate', 'REQUEST', true, false, true); $properties = PaperProperties::get_paper_properties_by_id($paperID, $mysqli, $string); $questions = $properties->get_questions(); $paper_type = $properties->get_paper_type(); $error = false; // Get the enhanced calculation questions on the paper. $q_ids = array(); $result = $mysqli->prepare("SELECT question, settings FROM papers, questions WHERE papers.question = questions.q_id AND q_type = 'enhancedcalc' AND paper = ?"); $result->bind_param('i', $paperID); $result->execute(); $result->bind_result($q_id, $settings); while ($result->fetch()) { $q_ids[$q_id] = $settings; } $result->close(); $possible = array();
* @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../../include/staff_auth.inc'; require '../../include/errors.inc'; $status = 'ERROR'; $paperID = check_var('paper_id', 'POST', true, false, true); $q_id = check_var('q_id', 'POST', true, false, true); $log_id = check_var('log_id', 'POST', true, false, true); $marker_id = check_var('marker_id', 'POST', true, false, true); $mark = check_var('mark', 'POST', true, false, true); $comments = isset($_POST['comments']) ? $_POST['comments'] : ''; $phase = check_var('phase', 'POST', true, false, true); $log = check_var('log', 'POST', true, false, true); $user_id = check_var('user_id', 'POST', true, false, true); $reminders = isset($_POST['reminders']) ? $_POST['reminders'] : ''; if ($mark != 'NULL') { $sql = <<<QUERY INSERT INTO textbox_marking (paperID, q_id, answer_id, markerID, mark, comments, date, phase, logtype, student_userID, reminders) VALUES (?, ?, ?, ?, ?, ?, NOW(), ?, ?, ?, ?) ON DUPLICATE KEY UPDATE markerID = ?, mark = ?, comments = ?, reminders = ?, date = NOW() QUERY; try { $result = $mysqli->prepare($sql); $x = $mysqli->error; if ($result) { $result->bind_param('iiiidsiiisidss', $paperID, $q_id, $log_id, $marker_id, $mark, $comments, $phase, $log, $user_id, $reminders, $marker_id, $mark, $comments, $reminders); $result2 = $result->execute(); if ($result !== false) { $status = 'OK';
// GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * Confirm that it is OK to proceed deleting a reference material. * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/staff_auth.inc'; require '../include/errors.inc'; $refID = check_var('refID', 'GET', true, false, true); if (!refmaterials_utils::refmaterials_exist($refID, $mysqli)) { $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email')); $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true); } $mysqli->close(); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta http-equiv="content-type" content="text/html;charset=<?php echo $configObject->get('cfg_page_charset'); ?> " />
// // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * Delete a question(s) in the question bank. * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/staff_auth.inc'; require '../include/errors.inc'; require_once '../classes/questionutils.class.php'; $qIDs = check_var('q_id', 'POST', true, false, true); if ($qIDs[0] == ',') { $qIDs = substr($qIDs, 1); } $tmp_q_ids = explode(',', $_POST['q_id']); $result = $mysqli->prepare("SELECT DISTINCT paper_title, paper, paper_type FROM (papers, properties) WHERE papers.paper = properties.property_id AND properties.deleted IS NULL AND question IN ({$qIDs})"); $result->execute(); $result->store_result(); $result->bind_result($paper_title, $paper, $paper_type); $found = $result->num_rows; $result->close(); if ($found == 0) { // Only delete if the question is on zero papers. for ($i = 1; $i < count($tmp_q_ids); $i++) { $qID = $tmp_q_ids[$i]; QuestionUtils::delete_question($qID, $mysqli);
// This file is part of Rogō // // Rogō is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // Rogō is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../../include/sysadmin_auth.inc'; // Only let SysAdmin staff delete pages. require '../../include/errors.inc'; require_once '../../classes/helputils.class.php'; $originalID = check_var('id', 'GET', true, false, true); $help_system = new OnlineHelp($userObject, $configObject, $string, $notice, 'staff', $language, $mysqli); $help_system->delete_page($originalID); $mysqli->close(); header("location: index.php?id=1");
// GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * Confirm that it is OK to proceed deleting a course. * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/sysadmin_auth.inc'; require '../include/errors.inc'; $courseID = check_var('courseID', 'GET', true, false, true); $mysqli->close(); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta http-equiv="content-type" content="text/html;charset=<?php echo $configObject->get('cfg_page_charset'); ?> " /> <title><?php echo $string['confirmdelete']; ?> </title>
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/staff_auth.inc'; require '../include/errors.inc'; ini_set("auto_detect_line_endings", true); $modID = check_var('module', 'REQUEST', true, false, true); if (isset($_POST['submit'])) { $session = $_POST['session']; $session_flag = false; if ($_FILES['txtfile']['name'] != 'none' and $_FILES['txtfile']['name'] != '') { if (!move_uploaded_file($_FILES['txtfile']['tmp_name'], $configObject->get('cfg_tmpdir') . $userObject->get_user_ID() . '_load_objectives.txt')) { echo uploadError($_FILES['txtfile']['error']); exit; } else { $result = $mysqli->prepare("SELECT MAX(obj_id) AS largest FROM objectives"); $result->execute(); $result->bind_result($largest); $i = 0; while ($result->fetch()) { $obj_id = $largest + 1; }
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * Delete a lab and all the client identifiers in it - Admin only. * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/admin_auth.inc'; require '../include/errors.inc'; $labID = check_var('labID', 'POST', true, false, true); $lab_no = 0; $result = $mysqli->prepare("SELECT name FROM labs WHERE id = ?"); $result->bind_param('i', $labID); $result->execute(); $result->store_result(); $result->bind_result($lab_name); $result->fetch(); $lab_no = $result->num_rows; $result->close(); if ($lab_no == 0) { $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email')); $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true); } $result = $mysqli->prepare("DELETE FROM client_identifiers WHERE lab = ?"); $result->bind_param('i', $labID);
<td valign=top>Message (<i>No HTML</i>):</td> <td><textarea rows=10 cols=40 name=msg></textarea></td> </tr> <tr> <td colspan=2> <input type=hidden name=submitted value=1> <input type=submit value="Add Entry"> </td> </tr> </table> <form> <?php } else { check_var('fullname'); check_var('msg'); check_var('email'); $res = mysql_query("insert into guestbook (name, email, msg, remote_host) values " . "('" . addslashes($_REQUEST['fullname']) . "', '" . addslashes($_REQUEST['email']) . "', '" . addslashes(htmlspecialchars($_REQUEST['msg'])) . "', '" . addslashes($_SERVER['REMOTE_ADDR']) . "') "); if ($res === false) { die("Cannot insert entry into guestbook: " . mysql_error() . "\n"); } print "<b>Entry successfully added</b>\n"; } ?> <hr> <?php /* Display entries */ $qh = mysql_query("select name, email, msg from guestbook order by entry_id desc"); if ($qh === false) { die("Cannot select entries from guestbook: " . mysql_error() . "\n"); } function disprow($id, $val)
* * Copies a paper (e.g. properties table) and possibly the questions on the paper. * * @author Simon Wilkinson, Anthony Brown * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require_once '../include/staff_auth.inc'; require_once '../include/errors.inc'; require_once '../include/media.inc'; require_once '../include/mapping.inc'; require_once '../classes/question_status.class.php'; require_once '../classes/paperutils.class.php'; require_once '../classes/logger.class.php'; $paperid = check_var('paperID', 'POST', true, false, true); if (!Paper_utils::paper_exists($paperid, $mysqli)) { $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email')); $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true); } if (!Paper_utils::is_paper_title_unique($_POST['new_paper'], $mysqli)) { // If the paper title is unique. ?> <html> <head> <meta http-equiv="content-type" content="text/html;charset=<?php echo $configObject->get('cfg_page_charset'); ?> " /> <title>Rogō</title> <link rel="stylesheet" type="text/css" href="../css/body.css" />
// // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/staff_auth.inc'; require_once '../include/media.inc'; require_once '../include/errors.inc'; require_once '../classes/paperproperties.class.php'; require_once '../classes/folderutils.class.php'; $paperID = check_var('paperID', 'REQUEST', true, false, true); $properties = PaperProperties::get_paper_properties_by_id($paperID, $mysqli, $string); $paper_title = $properties->get_paper_title(); function saveResponseData($optID, $experts, $max_experts, $db) { $marks = $max_experts > 0 ? $experts / $max_experts : 0; $stmt = $db->prepare("UPDATE options SET correct = ?, marks_correct = ? WHERE id_num = ?"); $stmt->bind_param('sdi', $experts, $marks, $optID); $stmt->execute(); $stmt->close(); } function display_question($question, &$question_no, $reviews, &$string, $db) { $question_no++; if ($question['scenario'] != '') { echo "<tr><td class=\"q_no\">" . $question_no . ". </td><td style=\"background-color:#E4EEFC; border-bottom:1px solid #B5C4DF; font-weight:bold; padding:2px; color:#000040\">{$string['clinicalvignette']}</td></tr>\n";
// GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/staff_auth.inc'; require_once '../include/errors.inc'; require_once '../classes/logger.class.php'; $userID = check_var('userID', 'GET', true, false, true); $temp_userID = check_var('temp_userID', 'GET', true, false, true); // Get start time of the paper. $papers = array(); $paper_no = 0; $result = $mysqli->prepare("SELECT DISTINCT paperID, started FROM log_metadata WHERE userID = ?"); $result->bind_param('i', $temp_userID); $result->execute(); $result->bind_result($q_paper, $started); while ($result->fetch()) { $papers[$paper_no]['ID'] = $q_paper; $papers[$paper_no]['started'] = $started; $paper_no++; } $result->close(); // Get grade and student of the user. $result = $mysqli->prepare("SELECT grade, yearofstudy, username FROM users WHERE id = ?");
/** * * Shows information on the currently selected user: name, username, email, etc * plus the details of any taken assessment or survey. SysAdmin users also have the ability * to edit personal details such as name, username, password, etc. * * @author Simon Wilkinson, Anthony Brown * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require_once '../include/sysadmin_auth.inc'; require_once '../include/errors.inc'; require_once '../include/demo_replace.inc'; require_once '../classes/userutils.class.php'; $userID = check_var('userID', 'GET', true, false, true); $errors = false; $user_details = UserUtils::get_user_details($userID, $mysqli); if ($user_details === false) { $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email')); $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true); } if (isset($_POST['submit']) and $_POST['username'] != $_POST['prev_username']) { // Check new username is not already used. Overwriting usernames could screw up other accounts. if (UserUtils::username_exists($_POST['username'], $mysqli)) { $errors = 'Username exists'; } } if (isset($_POST['submit']) and !$errors) { $cfg_web_root = $configObject->get('cfg_web_root'); if (!empty($_FILES['photofile']['name'])) {
// along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * @author Adam Clarke * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require_once '../include/staff_auth.inc'; require_once '../include/errors.inc'; require_once 'include/inc.php'; $file = check_var('file', 'GET', true, false, true); $file = str_replace("..", "", $file); $path = check_var('path', 'GET', true, false, true); $path = str_replace("..", "", $path); $title = check_var('path', 'GET', true, false, true); $base_dir = $cfg_web_root . 'qti/exports/'; $accessfile = $base_dir . $path . "/access.xml"; if (!file_exists($accessfile)) { exit; } $xmlStr = file_get_contents($accessfile); $xml = simplexml_load_string($xmlStr); if ($userObject->get_user_ID() != $xml->owner) { exit; } $xmlfile = $base_dir . $path . "/" . $file; $ext = strtolower(substr($file, strrpos($file, ".") + 1)); $filename = $file; if ($title) { $filename = CleanFileName($title) . "." . $ext;
// GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * Displays tasks for the papers frame (papers_menu.php). * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/sysadmin_auth.inc'; require '../include/errors.inc'; $errorID = check_var('errorID', 'GET', true, false, true); $row_no = 0; $result = $mysqli->prepare("SELECT sys_errors.id, auth_user, title, initials, surname, DATE_FORMAT(occurred,'%d/%m/%y %H:%i:%s'), userID, errtype, errstr, errfile, errline, php_self, query_string, request_method, DATE_FORMAT(fixed,'%d/%m/%y %H:%i:%s'), paperID, post_data, variables, backtrace FROM sys_errors LEFT JOIN users ON sys_errors.userID=users.id WHERE sys_errors.id=?"); $result->bind_param('i', $errorID); $result->execute(); $result->store_result(); $result->bind_result($error_id, $auth_user, $title, $initials, $surname, $occurred, $uID, $errtype, $errstr, $errfile, $errline, $php_self, $query_string, $request_method, $fixed, $paperID, $post_data, $variables, $backtrace); $row_no = $result->num_rows; $result->fetch(); $result->close(); if ($row_no == 0) { $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email')); $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true); } if (isset($_POST['submit'])) { $result = $mysqli->prepare("UPDATE sys_errors SET fixed = NOW() WHERE errstr = ? AND errfile = ? AND errline = ?");
// // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../../include/staff_auth.inc'; require '../../include/errors.inc'; require '../../include/question_types.inc'; require_once '../../classes/questionutils.class.php'; require_once '../../classes/question_status.class.php'; $question_paper = check_var('question_paper', 'GET', true, false, true); if (!Paper_utils::paper_exists($question_paper, $mysqli)) { $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email')); $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../../artwork/page_not_found.png', '#C00000', true, true); } // Get question statuses $status_array = QuestionStatus::get_all_statuses($mysqli, $string, true); ?> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta http-equiv="content-type" content="text/html;charset=<?php echo $configObject->get('cfg_page_charset'); ?> " />
* @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require_once '../include/staff_auth.inc'; require_once '../include/icon_display.inc'; require_once '../include/sidebar_menu.inc'; require_once '../include/errors.inc'; require_once '../include/demo_replace.inc'; require_once '../classes/dateutils.class.php'; require_once '../classes/moduleutils.class.php'; require_once '../classes/folderutils.class.php'; require_once '../classes/paperutils.class.php'; require_once '../classes/stateutils.class.php'; require_once '../classes/questionbank.class.php'; $module = check_var('module', 'GET', true, false, true); if ((int) $module != $module) { $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email')); $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true); } $add_member = false; if (!isset($module_details) and $_GET['module'] != '0') { $module_details = module_utils::get_full_details_by_ID($module, $mysqli); if (!$module_details) { $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email')); $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true); } elseif ($module_details['active'] == 0) { $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email')); $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true); } } else {
// GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../../include/sysadmin_auth.inc'; require '../../include/errors.inc'; require_once '../../classes/helputils.class.php'; require_once '../../classes/userutils.class.php'; $pageid = check_var('id', 'REQUEST', true, false, true); $help_system = new OnlineHelp($userObject, $configObject, $string, $notice, 'staff', $language, $mysqli); header('Content-Type: text/html; charset=utf8'); $page_details = $help_system->get_page_details($pageid); if ($page_details === false) { $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email')); $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '/artwork/page_not_found.png', '#C00000', true, true); } if (isset($_POST['save_changes'])) { // Update help file record $tmp_body = $_POST['edit1']; $tmp_title = $_POST['page_title']; $tmp_roles = $_POST['page_roles']; $help_system->save_page($tmp_title, $tmp_body, $tmp_roles, $pageid, $_POST['edit_id']); $mysqli->close(); header("location: index.php?id={$pageid}");
// You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * Confirm that it is OK to proceed deleting a status. * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/sysadmin_auth.inc'; require_once '../include/errors.inc'; require_once '../classes/question_status.class.php'; require_once '../classes/questionutils.class.php'; $status_id = check_var('id', 'GET', true, false, true); try { $status = new QuestionStatus($mysqli, $string, $status_id); } catch (DatabaseException $ex) { $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email')); $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true); } $q_count = QuestionUtils::get_question_count_by_status($status_id, $mysqli); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta http-equiv="content-type" content="text/html;charset=<?php echo $configObject->get('cfg_page_charset'); ?>
*/ require '../include/staff_auth.inc'; require '../include/print_functions.inc'; require '../include/media.inc'; require '../config/index.inc'; require_once '../include/errors.inc'; //HTML5 part require_once '../lang/' . $language . '/question/edit/hotspot_correct.txt'; require_once '../lang/' . $language . '/question/edit/area.txt'; require_once '../lang/' . $language . '/paper/hotspot_answer.txt'; require_once '../lang/' . $language . '/paper/hotspot_question.txt'; require_once '../lang/' . $language . '/paper/label_answer.txt'; $jstring = $string; //to pass it to JavaScript HTML5 modules //HTML5 part check_var('id', 'GET', true, false, false); function randomQOverwrite(&$questions, $random_q_data, $paper_type, $user_answers, $current_screen, $q_no) { global $mysqli, $used_questions; $selected_q_id = ''; if (isset($user_answers[$current_screen])) { //match user's answers with random question ID. $question_on_screen = array_keys($user_answers[$current_screen]); $selected_q_id = current($question_on_screen); for ($i = 1; $i < $q_no; $i++) { $selected_q_id = next($question_on_screen); } } if ($selected_q_id == '') { // Generate a random question ID. $random_q_no = count($random_q_data['options']);
* @version 1.0 * @copyright Copyright (c) 2013 The University of Nottingham * @package */ require '../include/staff_auth.inc'; require_once '../include/sort.inc'; require_once '../lang/' . $language . '/include/question_types.inc'; require_once '../classes/stateutils.class.php'; require_once '../classes/moduleutils.class.php'; require_once '../classes/keywordutils.class.php'; require_once '../classes/dateutils.class.php'; require_once '../classes/question_status.class.php'; require_once '../classes/questionbank.class.php'; require_once '../classes/questionutils.class.php'; require_once '../include/errors.inc'; $type = check_var('type', 'GET', true, false, true); $state = $stateutil->getState(); $_SESSION['nav_page'] = $_SERVER['SCRIPT_NAME']; $_SESSION['nav_query'] = $_SERVER['QUERY_STRING']; // Get question statuses $status_array = QuestionStatus::get_all_statuses($mysqli, $string, true); $statusSQL = ''; if (isset($_GET['status'])) { $statusSQL = " AND status = " . $_GET['status']; } if (isset($_GET['userid'])) { $userid = $_GET['userid']; } else { $userid = ''; } if (isset($_GET['keyword'])) {
// // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * Confirm that it is OK to proceed deleting a school. * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/sysadmin_auth.inc'; require_once '../include/errors.inc'; require_once '../classes/schoolutils.class.php'; $schoolID = check_var('schoolID', 'GET', true, false, true); if (!SchoolUtils::schoolid_exists($schoolID, $mysqli)) { $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email')); $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true); } $mysqli->close(); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta http-equiv="content-type" content="text/html;charset=<?php echo $configObject->get('cfg_page_charset'); ?> " />
// GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require '../include/sysadmin_auth.inc'; require_once '../include/errors.inc'; require_once '../classes/moduleutils.class.php'; require_once '../classes/logger.class.php'; check_var('moduleid', 'GET', true, false, false); $module = module_utils::get_full_details_by_ID($_GET['moduleid'], $mysqli); if ($module === false) { $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email')); $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true); } $moduleid_in_use = false; if (isset($_POST['submit']) and $_POST['modulecode'] != $_POST['old_modulecode']) { // Check for unique moduleid $new_modulecode = trim($_POST['modulecode']); $moduleid_in_use = module_utils::module_exists($new_modulecode, $mysqli); } if (isset($_POST['submit']) and $moduleid_in_use == false) { if (isset($_POST['active'])) { $module['active'] = 1; } else {
* * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require_once '../include/staff_auth.inc'; require_once '../include/icon_display.inc'; require_once '../include/sidebar_menu.inc'; require_once '../include/errors.inc'; require_once '../include/demo_replace.inc'; require_once '../classes/moduleutils.class.php'; require_once '../classes/folderutils.class.php'; require_once '../classes/stateutils.class.php'; require_once '../classes/paperutils.class.php'; $folder = check_var('folder', 'GET', true, false, true); function getLastFolder($path) { $parts = explode(';', $path); $part_no = count($parts); if ($part_no > 0) { return $parts[$part_no - 1]; } else { return $parts[0]; } } $state = $stateutil->getState(); $folder_name = ''; $folder_type = ''; $file_no = 0; // Folder security checks