private function create_metadataID()
{
$ipaddress = NetworkUtils::get_client_address();
$stmt = $this->db->prepare("INSERT INTO review_metadata VALUES(NULL, ?, ?, NOW(), NULL, ?, ?, NULL)");
$stmt->bind_param('iiss', $this->reviewerID, $this->paperID, $this->review_type, $ipaddress);
$stmt->execute();
$reviewID = $this->db->insert_id;
$stmt->close();
return $reviewID;
}
/**
* Persist the object to the database
* @return boolean Success or failure of the save operation
* @throws ValidationException
*/
public function save($clear_checkout = true)
{
$success = false;
if ($this->_logger == null) {
$this->_logger = new Logger($this->_mysqli);
}
$valid = $this->validate();
if ($valid === true) {
// Clear any existing checkout
if ($clear_checkout) {
$this->checkout_author_id = null;
$this->checkout_time = null;
}
// Make sure plain versions of scenario and leadin are up to date
$this->get_scenario_plain();
$this->get_leadin_plain();
$this->serialize_settings();
if ($this->bloom == '') {
$this->bloom = null;
}
// If $id is -1 we're inserting a new record
if ($this->id == -1) {
$this->created = date('Y-m-d H:i:s');
$this->last_edited = date('Y-m-d H:i:s');
$server_ipaddress = str_replace('.', '', NetworkUtils::get_server_address());
$this->guid = $server_ipaddress . uniqid('', true);
$params = array_merge(array('ssssssssssssssissssisssssss'), $this->_data);
$query = <<<QUERY
INSERT INTO questions (q_type, theme, scenario, scenario_plain, leadin, leadin_plain, notes, correct_fback, incorrect_fback, score_method,
display_method, q_option_order, std, bloom, ownerID, q_media, q_media_width, q_media_height, checkout_time, checkout_authorID,
creation_date, last_edited, locked, deleted, status, settings, guid)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
QUERY;
} else {
// Otherwise we're updating an existing one
$params = array_merge(array('ssssssssssssssissssisssssssi'), $this->_data, array(&$this->id));
$this->last_edited = date('Y-m-d H:i:s');
$query = <<<QUERY
UPDATE questions
SET q_type = ?, theme = ?, scenario = ?, scenario_plain = ?, leadin = ?, leadin_plain = ?, notes = ?, correct_fback = ?, incorrect_fback = ?,
score_method = ?, display_method = ?, q_option_order = ?, std = ?, bloom = ?, ownerID = ?, q_media = ?, q_media_width = ?, q_media_height = ?,
checkout_time = ?, checkout_authorID = ?, creation_date = ?, last_edited = ?, locked = ?, deleted = ?, status = ?, settings = ?, guid = ?
WHERE q_id = ?
QUERY;
}
$result = $this->_mysqli->prepare($query);
call_user_func_array(array($result, 'bind_param'), $params);
$result->execute();
$success = $result->affected_rows > -1;
if ($this->_mysqli->error) {
try {
throw new Exception("MySQL error " . $this->_mysqli->error . "<br /> Query:<br /> {$query}", $this->_mysqli->errno);
} catch (Exception $e) {
echo "Error No: " . $e->getCode() . " - " . $e->getMessage() . "<br />";
echo nl2br($e->getTraceAsString());
}
}
if ($success) {
if ($this->id == -1) {
$this->id = $this->_mysqli->insert_id;
$this->_logger->track_change('New Question', $this->id, $this->_user_id, $this->get_leadin(), '', '');
} else {
// Log any changes
foreach ($this->_modified_fields as $key => $value) {
$db_field = in_array($key, array_keys($this->_field_map)) ? $this->_field_map[$key] : $key;
$change_field = in_array($db_field, array_keys($this->_change_field_map)) ? $this->_change_field_map[$db_field] : $db_field;
// Exception for media as it returns an array. Need better solution if other properties do the same in the future
$get_method = 'get_' . $key . ($key == 'media' ? '_filename' : '');
if ($value['message'] == '') {
$this->_logger->track_change($this->_lang_strings['editquestion'], $this->id, $this->_user_id, $value['value'], $this->{$get_method}(), $change_field);
} else {
$this->_logger->track_change($value['message'], $this->id, $this->_user_id, $value['value'], $this->{$get_method}(), $change_field);
}
}
}
}
$result->close();
if ($success) {
// Updates the teams/question modules
QuestionUtils::update_modules($this->teams, $this->id, $this->_mysqli, $this->_userObj);
}
if ($success) {
$success = $this->save_options();
}
$this->_modified_fields = array();
} else {
throw new ValidationException($valid);
}
return $success;
}
/**
* Get the details of the papers that are currently available for the current user and lab
* @param array $paper_display Reference to array in which to build details of available papers
* @param array $types Array of paper types to check for
* @param UserObject $userObj The current user
* @param mysqli $db Database reference
* @param string $exclude Option ID of a paper to exclude from the check
* @return integer The number of currently active papers
*/
public function get_active_papers(&$paper_display, $types, $userObj, $db, $exclude = '')
{
$type_sql = '';
foreach ($types as $type) {
if ($type_sql != '') {
$type_sql .= ' OR ';
}
$type_sql .= "paper_type='{$type}'";
}
$exclude_sql = '';
if ($exclude != '') {
$exclude_sql = ' AND property_id != ' . $exclude;
}
$paper_no = 0;
$paper_query = $db->prepare("SELECT property_id, paper_type, crypt_name, paper_title, bidirectional, fullscreen, MAX(screen) AS max_screen, labs, calendar_year, password, completed FROM (papers, properties) LEFT JOIN log_metadata ON properties.property_id = log_metadata.paperID AND userID = ? WHERE papers.paper = properties.property_id AND (labs != '' OR password != '') AND ({$type_sql}) AND deleted IS NULL AND start_date < DATE_ADD(NOW(),interval 15 minute) AND end_date > NOW() {$exclude_sql} GROUP BY paper");
$paper_query->bind_param('i', $userObj->get_user_ID());
$paper_query->execute();
$paper_query->store_result();
$paper_query->bind_result($property_id, $paper_type, $crypt_name, $paper_title, $bidirectional, $fullscreen, $max_screen, $labs, $calendar_year, $password, $completed);
while ($paper_query->fetch()) {
if ($labs != '') {
$machineOK = false;
$labs = str_replace(",", " OR lab=", $labs);
$lab_info = $db->query("SELECT address FROM client_identifiers WHERE address = '" . NetworkUtils::get_client_address() . "' AND (lab = {$labs})");
if ($lab_info->num_rows > 0) {
$machineOK = true;
}
$lab_info->close();
} else {
$machineOK = true;
}
if (strpos($userObj->get_username(), 'user') !== 0) {
$moduleIDs = Paper_utils::get_modules($property_id, $db);
if (count($moduleIDs) > 0) {
$moduleOK = false;
if ($calendar_year != '') {
$cal_sql = "AND calendar_year = '" . $calendar_year . "'";
} else {
$cal_sql = '';
}
$module_in = implode(',', array_keys($moduleIDs));
$moduleInfo = $db->prepare("SELECT userID FROM modules_student WHERE userID = ? {$cal_sql} AND idMod IN ({$module_in})");
$moduleInfo->bind_param('i', $userObj->get_user_ID());
$moduleInfo->execute();
$moduleInfo->store_result();
$moduleInfo->bind_result($tmp_userID);
$moduleInfo->fetch();
if ($moduleInfo->num_rows() > 0) {
$moduleOK = true;
}
$moduleInfo->close();
} else {
$moduleOK = true;
}
} else {
$moduleOK = true;
}
if ($machineOK == true and $moduleOK == true) {
$paper_display[$paper_no]['id'] = $property_id;
$paper_display[$paper_no]['paper_title'] = $paper_title;
$paper_display[$paper_no]['crypt_name'] = $crypt_name;
$paper_display[$paper_no]['paper_type'] = $paper_type;
$paper_display[$paper_no]['max_screen'] = $max_screen;
$paper_display[$paper_no]['bidirectional'] = $bidirectional;
$paper_display[$paper_no]['password'] = $password;
$paper_display[$paper_no]['completed'] = $completed;
$paper_no++;
}
}
$paper_query->close();
return $paper_no;
}
}
if (isset($_POST['paperID'])) {
$paper_id = $_POST['paperID'];
}
$student = array();
$student['user_ID'] = $student_id;
$stmt = $mysqli->prepare('SELECT title, initials, surname FROM users WHERE user_deleted IS NULL AND id = ?');
$stmt->bind_param('i', $userID);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($student['title'], $student['initials'], $student['surname']);
$stmt->fetch();
$title = $student['title'];
$initials = $student['initials'];
$surname = $student['surname'];
$current_address = NetworkUtils::get_client_address();
$lab_factory = new LabFactory($mysqli);
$lab_object = $lab_factory->get_lab_based_on_client($current_address);
$propertyObj = PaperProperties::get_paper_properties_by_id($paper_id, $mysqli, $string);
$log_lab_end_time = new LogLabEndTime($lab_object->get_id(), $propertyObj, $mysqli);
$log_extra_time = new LogExtraTime($log_lab_end_time, $student, $mysqli);
$onload = '';
if (isset($_POST['submit'])) {
$invigilator_id = $userObject->get_user_ID();
if ((int) $_POST['extra_time'] == 0) {
$log_extra_time->delete($invigilator_id);
} elseif ((int) $_POST['extra_time'] > 0) {
$special_needs_percentage = $_POST['extra_time'];
$log_extra_time->save($invigilator_id, $special_needs_percentage);
}
$onload = 'closeWindow();';
function loginbutton($displaystdformobj)
{
global $string;
$config = Config::get_instance();
$this->savetodebug('Button Check');
$labs_list = '';
// detect if we should display login button
$paper_match = false;
$ip_match = false;
$query = "SELECT labs FROM properties WHERE start_date < DATE_ADD(NOW(), interval 15 minute) AND end_date > NOW() AND paper_type IN ('1', '2') AND labs != ''";
$results = $this->db->prepare($query);
if ($this->db->error) {
try {
$e = $this->db->error;
$en = $this->db->errno;
throw new Exception("MySQL error {$e} <br /> Query:<br /> {$query}", $en);
} catch (Exception $e) {
echo "Error No: " . $e->getCode() . " - " . $e->getMessage() . "<br />";
echo nl2br($e->getTraceAsString());
}
}
$results->execute();
$results->store_result();
$results->bind_result($labs);
while ($results->fetch()) {
$paper_match = true;
$query = "SELECT address FROM client_identifiers WHERE lab IN ({$labs})";
$sub_results = $this->db->prepare($query);
if ($this->db->error) {
try {
$e = $this->db->error;
$en = $this->db->errno;
throw new Exception("MySQL error {$e} <br /> Query:<br /> {$query}", $en);
} catch (Exception $e) {
echo "Error No: " . $e->getCode() . " - " . $e->getMessage() . "<br />";
echo nl2br($e->getTraceAsString());
}
}
$sub_results->execute();
$sub_results->store_result();
$sub_results->bind_result($address);
while ($sub_results->fetch()) {
$labs_list = $labs_list . ' ' . $address;
if (NetworkUtils::get_client_address() == $address) {
$ip_match = true;
}
}
$sub_results->close();
}
$results->close();
$this->savetodebug('Status paper_match:' . var_export($paper_match, true) . ' ip_match:' . var_export($ip_match, true) . ' ip address:' . var_export(NetworkUtils::get_client_address(), true) . ' <br /> ' . $labs . ' ' . $labs_list);
if ($paper_match === true and $ip_match === true) {
$this->savetodebug('Adding New Button');
$newbutton = new displaystdformobjbutton();
$newbutton->type = 'button';
$newbutton->value = ' ' . $string['guestbutton'] . ' ';
$newbutton->name = 'guestlogin';
$newbutton->class = 'guestlogin';
$displaystdformobj->buttons[] = $newbutton;
$newscript = "\$('.guestlogin').click(function() {\n window.location.href = '" . $config->get('cfg_root_path') . "/users/guest_account.php';\n});";
$displaystdformobj->scripts[] = $newscript;
}
return $displaystdformobj;
}
$mysqli = new mysqli($configObject->get('cfg_db_host'), $configObject->get('cfg_db_student_user'), $configObject->get('cfg_db_student_passwd'), $configObject->get('cfg_db_database'));
// Check that the client address of the current user is within the exam lab.
$paper_match = false;
$lab_match = false;
$results = $mysqli->prepare("SELECT labs FROM properties WHERE start_date < DATE_ADD(NOW(), interval 15 minute) AND end_date > NOW() AND paper_type IN ('1','2') AND labs != ''");
$results->execute();
$results->store_result();
$results->bind_result($labs);
while ($results->fetch()) {
$paper_match = true;
$sub_results = $mysqli->prepare("SELECT address FROM client_identifiers WHERE lab IN ({$labs})");
$sub_results->execute();
$sub_results->store_result();
$sub_results->bind_result($address);
while ($sub_results->fetch()) {
if (NetworkUtils::get_client_address() == $address) {
$lab_match = true;
}
}
$sub_results->close();
}
$results->close();
if ($paper_match == false) {
$notice->access_denied($mysqli, $string, $string['cannotfindexams'], false, true);
} elseif ($lab_match == false) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '/artwork/page_not_found.png', '#C00000', true, true);
}
?>
<!DOCTYPE html>
<html>
} else {
$results = shell_exec('wmic cpu get name');
$lines = explode('<br />', nl2br($results));
echo "<tr><td>" . $string['processor'] . "</td><td>" . $lines[1] . "</td></tr>\n";
}
echo "<tr><td style=\"width:90px\">" . $string['servername'] . "</td><td>" . gethostbyaddr(gethostbyname($_SERVER['SERVER_NAME'])) . "</td></tr>\n";
echo "<tr><td>" . $string['hostname'] . "</td><td>" . $_SERVER['HTTP_HOST'] . "</td></tr>\n";
echo "<tr><td>" . $string['ipaddress'] . "</td><td>" . NetworkUtils::get_server_address() . "</td></tr>\n";
echo "<tr><td>" . $string['clock'] . "</td><td>" . date('d F Y H:i:s') . "</td></tr>\n";
echo "<tr><td>" . $string['os'] . "</td><td>" . php_uname('s') . "</td></tr>\n";
echo "<tr><td>" . $string['webserver'] . "</td><td>" . $_SERVER['SERVER_SOFTWARE'] . "</td></tr>\n";
echo "<tr><td>" . $string['php'] . "</td><td>" . phpversion() . "</td></tr>\n";
echo "<tr><td>" . $string['mysql'] . "</td><td>" . $mysqli->server_info . "</td></tr>\n";
echo '<tr><td colspan="2"> </td></tr>';
echo '<tr><td colspan="2" class="sechead">' . $string['clientcomputer'] . '</td></tr>';
echo '<tr><td>' . $string['ipaddress'] . '</td><td>' . NetworkUtils::get_client_address() . '</td></tr>';
echo '<tr><td>' . $string['clock'] . '</td><td><script>the_date = new Date(); document.write(the_date.toLocaleString("' . $language . '")); </script></td></tr>';
echo '<tr><td>' . $string['browser'] . '</td><td>' . $_SERVER['HTTP_USER_AGENT'] . '</td></tr>';
echo '<tr><td colspan="2"> </td></tr>';
echo '<tr><td colspan="2" class="sechead">' . $string['partitions'] . '</td></tr>';
echo '<tr><td colspan="2" rowspan="18" valign="top" align="left"><table cellspacing="0" cellpadding="2" border="0" style="font-size:90%">';
if (php_uname('s') == 'Windows NT') {
$disks = array('A:\\', 'B:\\', 'C:\\', 'D:\\', 'E:\\', 'F:\\', 'G:\\', 'H:\\', 'I:\\', 'J:\\', 'K:\\', 'L:\\', 'M:\\', 'N:\\', 'O:\\', 'P:\\', 'Q:\\', 'R:\\', 'S:\\', 'T:\\', 'U:\\', 'V:\\', 'W:\\', 'X:\\', 'Y:\\', 'Z:\\');
$i = 1;
foreach ($disks as $disk) {
if (file_exists($disk)) {
$master_array[$i][3] = @disk_free_space($disk);
$master_array[$i][1] = @disk_total_space($disk);
$master_array[$i][5] = $disk;
$i++;
}
public function record_access($user_id, $type, $page)
{
$current_address = NetworkUtils::get_client_address();
$result = $this->_mysqli->prepare('INSERT INTO access_log VALUES(NULL, ?, ?, NOW(), ?, ?)');
$result->bind_param('isss', $user_id, $type, $current_address, $page);
$result->execute();
$result->close();
}
/**
* Adds a new paper note.
* @param string $note - The text of the note (message).
* @param int $paperID - ID of the paper the note is associated with.
* @param int $authorID - User ID of the member of staff/invigilator creating the note.
* @param object $db - MySQL connection
*/
static function add_note($note, $paperID, $authorID, $db)
{
$current_address = NetworkUtils::get_client_address();
$result = $db->prepare("INSERT INTO paper_notes VALUES (NULL, ?, NOW(), ?, ?, ?)");
$result->bind_param('siis', $note, $paperID, $authorID, $current_address);
$result->execute();
$result->close();
}
//
// Rogō is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Rogō is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* This script saves state information to the database. Normally called via AJAX.
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/staff_auth.inc';
require '../classes/stateutils.class.php';
$prefix = NetworkUtils::get_protocol() . $_SERVER['HTTP_HOST'];
$page = str_ireplace($prefix, '', $_REQUEST['page']);
$page = str_replace('#', '', $page);
$parts = explode('?', $page);
$page = $parts[0];
$userID = $userObject->get_user_ID();
$stateutil->setState($_REQUEST['state_name'], $_REQUEST['content'], $page);
echo "<p style=\"margin-left:90px; color:#C00000\">" . $string['note1'] . " <img src=\"{$configObject->get('cfg_root_path')}/artwork/small_link.png\" width=\"11\" height=\"11\" /> <a href=\"../index.php\"><strong>" . $string['staffmangscreens'] . "</strong></a>?</p>\n";
}
echo "<div class=\"hr_line\"></div>\n<p style=\"margin-left:90px\">" . $string['mostLikely'] . "</p>\n<ul style=\"margin-left:80px\">\n";
$current_address = NetworkUtils::get_client_address();
$ip_info = $mysqli->prepare("SELECT name, room_no FROM (labs, client_identifiers) WHERE labs.id = client_identifiers.lab AND address = ?");
$ip_info->bind_param('s', $current_address);
$ip_info->execute();
$ip_info->store_result();
$ip_info->bind_result($computer_lab, $computer_lab_short);
$ip_info->fetch();
if ($ip_info->num_rows() == 0) {
$computer_lab = $computer_lab_short = '<span style="color:#C00000">' . $string['unknownIp'] . '</span>';
}
$computer_lab_short = $computer_lab_short == '' ? $computer_lab : $computer_lab_short;
$ip_info->close();
echo "<li>" . $string['IPaddress'] . " - " . NetworkUtils::get_client_address() . " {$computer_lab}</li>\n";
echo "<li>" . $string['Time/Date'] . " - " . date('d/m/Y H:i:s') . "</li>\n";
echo "<li>" . $string['yearofstudy'] . " - ";
if ($userObject->get_year() == '') {
echo '<span style="color:#C00000">' . $string['noyear'] . '</span>';
} else {
echo $userObject->get_year();
}
echo "</li>\n";
echo "<li>" . $string['Modules'] . " - \n";
$last_cal_year = '';
$info = $mysqli->prepare("SELECT moduleID, calendar_year FROM modules_student, modules WHERE modules.id = modules_student.idMod AND userID = ? ORDER BY calendar_year DESC, moduleID");
$info->bind_param('i', $userObject->get_user_ID());
$info->execute();
$info->bind_result($user_moduleID, $user_calendar_year);
$info->store_result();
/**
* Displays a footer for a help page.
* @param int $id - The ID of the help page to display.
*/
private function display_footer($id)
{
if ($id > 1) {
// Do not display footer if ID is one.
echo "<div class=\"footer_line\"></div>\n";
echo "<div class=\"footer_left gototop\"><img src=\"../../artwork/top_icon.gif\" width=\"9\" height=\"12\" /> " . $this->string['top'] . "</div>\n";
if ($this->userObject->has_role('SysAdmin')) {
echo '<div class="footer_right">' . NetworkUtils::get_protocol() . $_SERVER['HTTP_HOST'] . $this->configObject->get('cfg_root_path') . '/help/staff/index.php?id=' . $id . '</div>';
}
}
}
/**
* IMPORT: Insert a single question into the database.
* @param array $q - Array holding all the information to create the question.
*/
private function write_question($q)
{
// Stop SQL errors with ENUM fields and old data which may be blank.
if ($q['bloom'] == '') {
$q['bloom'] = null;
}
if ($q['q_option_order'] == '') {
$q['q_option_order'] = 'display order';
}
if ($q['score_method'] == '') {
$q['score_method'] = 'Mark per Option';
}
$server_ipaddress = str_replace('.', '', NetworkUtils::get_server_address());
$guid = $server_ipaddress . uniqid('', true);
$status_string = $q['status'];
if (isset($this->status_array[$status_string])) {
$q['status'] = $this->status_array[$status_string]->id;
// Translate a name into a number
} else {
$defaultID = $this->get_default_statusID();
if ($defaultID !== false) {
$q['status'] = $defaultID;
} else {
$q['status'] = 1;
// Can't find a valid default, hardwire onto 1.
}
}
$result = $this->db->prepare("INSERT INTO questions VALUE (NULL, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, NOW(), NOW(), ?, ?, ?, NULL, NULL, NULL, NULL, ?, ?, ?, ?, ?, ?)");
$result->bind_param('ssssssssisssssssissss', $q['q_type'], $q['theme'], $q['scenario'], $q['leadin'], $q['correct_fback'], $q['incorrect_fback'], $q['display_method'], $q['notes'], $this->userID, $q['q_media'], $q['q_media_width'], $q['q_media_height'], $q['bloom'], $q['scenario_plain'], $q['leadin_plain'], $q['std'], $q['status'], $q['q_option_order'], $q['score_method'], $q['settings'], $guid);
$result->execute();
$q_id = $this->db->insert_id;
$result->close();
$date_format = $this->configObj->get('cfg_long_date_php') . ' ' . $this->configObj->get('cfg_short_time_php');
if ($this->raf_company == $this->configObj->get('cfg_company')) {
// The import file company is the same as the current installation. Use the same IDs.
$old_q_id = $this->getQID_GUID($q['guid']);
if ($old_q_id !== false) {
$this->logger->track_change('Paper', $q_id, $this->userID, $old_q_id, $q_id, 'Add Question (from RAF)');
// Log as a copied file
}
} else {
$this->logger->track_change('Paper', $q_id, $this->userID, '', $q_id, 'Add Question (from RAF)');
// Log as a new file that has been imported
}
return $q_id;
}
public function getOwnerPaperList($username, $types)
{
global $configObject;
$allowaccess = false;
$userObject = UserObject::get_instance();
$tmp_userID = $this->getUserID($username, true);
if ($userObject->has_role('SysAdmin') or $userObject->has_role('Admin')) {
$allowaccess = true;
} else {
if ($userObject->has_role('Staff') and $tmp_userID == $userObject->get_user_ID()) {
$allowaccess = true;
} else {
if ($userObject->has_role('Student')) {
// Students can not access this function
$allowaccess = false;
}
}
}
if ($allowaccess == false) {
return '';
}
if ($tmp_userID == '') {
return '';
}
$staff_modules = UserUtils::list_staff_modules_by_userID($tmp_userID, $this->db);
if (count($staff_modules) == 0) {
// User is not on any teams. stop!!
return array();
}
$staff_modules_ids_str = ' OR idMod IN (' . implode(',', array_keys($staff_modules)) . ') ';
switch ($types) {
case 'formative':
$typeSQL = " AND paper_type='0'";
break;
case 'progresstest':
$typeSQL = " AND paper_type='1'";
break;
case 'summative':
$typeSQL = " AND paper_type='2'";
break;
case 'survey':
$typeSQL = " AND paper_type='3'";
break;
case 'osce':
$typeSQL = " AND paper_type='4'";
break;
case 'offline':
$typeSQL = " AND paper_type='5'";
break;
case 'notsummative':
$typeSQL = " AND paper_type!='2'";
break;
default:
// return all paper types
$typeSQL = '';
break;
}
$papers = array();
$paper_no = 0;
$res = $this->db->prepare("SELECT \n properties.property_id, paper_title, paper_type, start_date, end_date, created, MAX(screen), title, surname, crypt_name \n FROM properties, papers, users, properties_modules \n WHERE \n properties.property_id = properties_modules.property_id AND\n properties.paper_ownerID=users.id AND \n properties.property_id=papers.paper AND \n (paper_ownerID=? {$staff_modules_ids_str}) {$typeSQL} AND \n deleted IS NULL \n GROUP BY property_id ORDER BY paper_title");
$res->bind_param('i', $tmp_userID);
$res->execute();
$res->store_result();
$res->bind_result($property_id, $paper_title, $paper_type, $start_date, $end_date, $created, $screens, $title, $surname, $crypt_name);
if ($res->num_rows == 0) {
return json_encode($this->db->error);
} else {
while ($res->fetch()) {
$papers[$paper_no]['id'] = $crypt_name;
$papers[$paper_no]['title'] = $paper_title;
$papers[$paper_no]['type'] = $this->qtypes[$paper_type];
$papers[$paper_no]['staff_url'] = NetworkUtils::get_protocol() . $_SERVER['HTTP_HOST'] . $configObject->get('cfg_root_path') . '/paper/details.php?paperID=' . $property_id;
$papers[$paper_no]['student_url'] = NetworkUtils::get_protocol() . $_SERVER['HTTP_HOST'] . $configObject->get('cfg_root_path') . '/paper/user_index.php?id=' . $crypt_name;
$papers[$paper_no]['start_date'] = $start_date;
$papers[$paper_no]['end_date'] = $end_date;
$papers[$paper_no]['created'] = $created;
$papers[$paper_no]['screens'] = $screens;
$papers[$paper_no]['owner'] = $title . ' ' . $surname;
$paper_no++;
}
}
$res->close();
return $papers;
}
<div id="content">
<div class="head_title">
<div><img src="../artwork/toprightmenu.gif" id="toprightmenu_icon" /></div>
<div class="breadcrumb"><a href="../index.php"><?php
echo $string['home'];
?>
</a></div>
<div class="page_title">Module: <span style="font-weight:normal"><?php
echo $module_details['moduleid'];
?>
</span></div>
</div>
<?php
// Is it a self-enrol module.
if (isset($module_details['selfenroll']) and $module_details['selfenroll'] == 1) {
$selfenrol_url = NetworkUtils::get_protocol() . $_SERVER['HTTP_HOST'] . $configObject->get('cfg_root_path') . '/self_enrol.php?moduleid=' . $module_details['moduleid'];
echo "<br /><div style=\"margin-left:auto; margin-right:auto; width:500px\"><img src=\"../artwork/self_enrol.png\" width=\"48\" height=\"48\" alt=\"modules\" style=\"float:left; margin-right:10px\" /> <div style=\"color:#F18103; font-weight:bold; line-height:200%\">" . $string['selfenrolmodule'] . "</div>" . $string['studenturl'] . ": <a href=\"{$selfenrol_url}\" style=\"color:#316ac5\">{$selfenrol_url}</a></div>\n";
}
// Paper type folders
echo "<div class=\"subsect_table\" style=\"clear:both\"><div class=\"subsect_title\">" . $string['papers'] . "</div><div class=\"subsect_hr\"><hr noshade=\"noshade\" /></div></div>\n";
$state = $stateutil->getState($configObject->get('cfg_root_path') . '/paper/type.php');
if (isset($state['showretired']) and $state['showretired'] == 'true') {
$types_used = module_utils::paper_types($module, true, $mysqli);
} else {
$types_used = module_utils::paper_types($module, false, $mysqli);
}
foreach ($types_used as $type => $no_papers) {
$url = '../paper/type.php?module=' . $module . '&type=' . $type;
echo "<div class=\"f2\"><div class=\"f_icon\"><a href=\"{$url}\"><img src=\"../artwork/yellow_folder.png\" alt=\"Folder\" /></a></div><div class=\"f_details\"><a href=\"{$url}\">" . Paper_utils::type_to_name($type, $string) . "</a><br /><span class=\"grey\">" . number_format($no_papers) . " " . strtolower($string['papers']) . "</span></div></div>\n";
}
echo "<br clear=\"left\">\n";
}
} else {
$new_o_media = '';
}
if ($marks_correct == '') {
$marks_correct = 1;
}
if ($line == 0) {
// First record - write out the question, all the rest are options.
$bloom = empty($bloom) ? NULL : $bloom;
if ($status_array[$status]->get_retired()) {
$new_status = $default_status;
} else {
$new_status = $status;
}
$server_ipaddress = str_replace('.', '', NetworkUtils::get_server_address());
$guid = $server_ipaddress . uniqid('', true);
$addQuestion = $mysqli->prepare("INSERT INTO questions (q_id, q_type, theme, scenario, leadin, correct_fback, incorrect_fback, display_method, notes, ownerID, q_media, q_media_width, q_media_height, creation_date, last_edited, bloom, scenario_plain, leadin_plain, checkout_time, checkout_authorID, deleted, locked, std, status, q_option_order, score_method, settings, guid) VALUES (NULL, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, NOW(), NOW(), ?, ?, ?, NULL, NULL, NULL, NULL, ?, ?, ?, ?, ?, ?)");
if ($mysqli->error) {
try {
throw new Exception("MySQL error {$mysqli->error} <br /> Query:<br /> ", $mysqli->errno);
} catch (Exception $e) {
echo "Error No: " . $e->getCode() . " - " . $e->getMessage() . "<br />";
echo nl2br($e->getTraceAsString());
}
}
$addQuestion->bind_param('ssssssssisssssssissss', $q_type, $theme, $scenario, $leadin, $correct_fback, $incorrect_fback, $display_method, $notes, $userObject->get_user_ID(), $new_q_media, $q_media_width, $q_media_height, $bloom, $scenario_plain, $leadin_plain, $std, $new_status, $q_option_order, $score_method, $settings, $guid);
$addQuestion->execute();
$new_qids[] = $question_id = $mysqli->insert_id;
if ($q_type == 'enhancedcalc') {
$calculation_qid_map[$q_id] = $question_id;
h1 {font-size: 200%}
a {font-family: 'Courier New'; font-weight: bold}
</style>
</head>
<body>
<blockquote>
<h1>Old Page</h1>
<p>Please update your bookmarks accordingly:</p>
<ul>
<?php
$staff_homepage = NetworkUtils::get_protocol() . $_SERVER['HTTP_HOST'] . $cfg_root_path . '/';
$summative_homepage = NetworkUtils::get_protocol() . $_SERVER['HTTP_HOST'] . $cfg_root_path . '/paper/';
?>
<li>New staff homepage: <a href="<?php
echo $staff_homepage;
?>
"><?php
echo $staff_homepage;
?>
</a></li>
<li>Summative exam homepage (for students): <a href="<?php
echo $summative_homepage;
?>
"><?php
echo $summative_homepage;
?>
</a></li>
<tr><td class="tabtitle" colspan="2"><img src="../artwork/reviewers_heading_icon.png" alt="Icon" align="middle" /><?php
echo $string['reviewersheading'];
?>
</td></tr>
<tr>
<td align="center" colspan="2">
<table cellpadding="1" cellspacing="2" border="0">
<tr><td colspan="3"> <?php
$result = $mysqli->prepare("SELECT COUNT(q_id) AS sct_no FROM (papers, questions) WHERE papers.paper = ? AND papers.question = questions.q_id AND q_type = 'sct'");
$result->bind_param('i', $paperID);
$result->execute();
$result->bind_result($sct_no);
$result->fetch();
$result->close();
if ($sct_no > 0) {
echo '<a href="' . $configObject->get('cfg_root_path') . '/reviews/sct_review.php?id=' . urlencode($properties->get_crypt_name()) . '" target="_blank">' . NetworkUtils::get_protocol() . $_SERVER['HTTP_HOST'] . $configObject->get('cfg_root_path') . '/reviews/sct_review.php?id=' . urlencode($properties->get_crypt_name()) . '</a>';
}
?>
</td></tr>
<tr><td class="headbar"> <?php
echo $string['internalreviewers'];
?>
</td><td> </td><td class="headbar"> <?php
echo $string['externalexaminers'];
?>
</td></tr>
<tr><td><?php
echo $string['deadline'];
?>
<?php
