public function add_member($uid)
{
if (!isset($this->_members[$uid])) {
Database::insert("user_group", array("gid" => $this->gid, "uid" => $uid));
$d = new UserObject();
$d->load($uid);
$this->_members[$uid] = $d;
}
}
public static function list_of_members($label)
{
$group = new GroupObject();
$view = array();
if ($group->load_by_label($label)) {
$group->load_members();
$members = $group->members();
$rows = array();
$theme = new Theme();
foreach ($members as $k => $v) {
$rows[] = array($k, $v->firstname, $v->lastname, $theme->linking(Page::url("/admin/groups/{$label}/delete/{$k}"), t("retirer du groupe")));
}
$form = new Form("POST", Page::url("/admin/groups/{$label}/add"));
$selector = new FormElement("select", "userid", t("selectionnez un utilisateur"));
$users = UserObject::loadAll();
foreach ($users as $u) {
$selector->addElement(new FormElement("option", "", $u->lastname . " " . $u->firstname, $u->uid));
}
$form->addElement($selector);
$form->addElement(new InputElement("add-element", null, t("ajouter un membre"), "submit"));
$f = $theme->forming($form);
$theme->set_title(t("Groupe %s", array("%s" => $label)));
$theme->add_to_body($theme->linking(Page::url("/admin/groups"), t("retourner à la liste des groupes")));
$theme->add_to_body($f, t("Ajouter un membre au groupe"));
$theme->add_to_body($theme->tabling($rows, array(t("id"), t("firstname"), t("lastname"), t("actions"))), t("Liste des membres"));
$theme->process_theme(Theme::STRUCT_ADMIN);
} else {
}
return;
}
/**
* constructor
*
* @param $db is a mysqli link to db
* @param $configObject a Rogo config object populated from config.inc
*
* @return none
*/
function __construct($configObject, $db)
{
if (is_object(self::$inst)) {
throw new Exception("Highlander:: there can be only one UserObject");
}
$this->db =& $db;
$this->configObj =& $configObject;
self::$inst = $this;
}
public static function loadAllUsersWithout($array_id_users = array())
{
$d = new UserObject();
$request = "SELECT * FROM " . CONFIG_DB_PREFIX . $d->tableName();
if (sizeof($array_id_users) > 0) {
$request .= " WHERE uid NOT IN(" . implode(",", $array_id_users) . ")";
}
$request .= " ORDER BY lastname ASC, firstname ASC";
$results = Database::getAll($request);
$list_of_users = array();
if (is_array($results)) {
foreach ($results as $r) {
if ($r->uid != User::get_user_logged_id()) {
$list_of_users[] = $r->uid;
}
}
}
return $list_of_users;
}
/**
* Insert a question exclusion record into the database.
*/
public function add_exclusion($q_id, $status)
{
$userObj = UserObject::get_instance();
if ($result = $this->db->prepare("INSERT INTO question_exclude VALUES (NULL, ?, ?, ?, {$userObj->get_user_ID()}, NOW(), '')")) {
$result->bind_param('iis', $this->paper_id, $q_id, $status);
$result->execute();
$result->close();
} else {
display_error("Question_exclude Insert Error 1", $this->db->error);
}
}
function createUser($userEnt)
{
$userObj = new UserObject();
$userObj->setuserLoginName($userEnt->getProperty('USER_LOGIN_NAME'));
$userObj->setUserName($userEnt->getProperty('USER_NAME'));
$userObj->setUserMail($userEnt->getProperty('USER_EMAIL'));
$userObj->setActive($userEnt->getProperty('USER_ACTIVE'));
$userObj->setUserGroupName($userEnt->getProperty('GROUPE_NAME'));
return $userObj;
}
public function discussions()
{
if (User::get_user_logged_id() != null) {
$messages = MessagesDB::getDiscussions(User::get_user_logged_id());
$theme = new Theme();
$theme->set_title(t("Messagerie"));
foreach ($messages as $m) {
$user = new UserObject();
$user->load($m->conversation);
$messagetype = "";
if ($m->sid == $m->conversation && $m->read == 0) {
$messagetype = '<div class="messagerie_bloc_icone"><i class="fa fa-envelope fa-fw" title="Message lu"></i></div>';
} else {
if ($m->sid == $m->conversation && $m->read == 1) {
$messagetype = '<div class="messagerie_bloc_icone"><i class="fa fa-envelope fa-fw" title="Message lu"></i></div>';
} elseif ($m->rid == $m->conversation && $m->read == 0) {
$messagetype = '<div class="messagerie_bloc_icone"><i class="fa fa-reply fa-fw" title="Réponse envoyée"></i></div>';
} else {
$messagetype = '<div class="messagerie_bloc_icone"><i class="fa fa-check fa-fw" title="Réponse envoyée et lu"></i></div>';
}
}
$theme->add_to_body('<div class="messagerie">
<div class="messagerie_avatar_area">
<div class="messagerie_avatar avatar" style="background-image:url(' . $user->get_avatar() . ')">
</div>
<div class="messagerie_nom"><a>' . $user->firstname . ' <br/>' . $user->lastname . '</a></div>
</div>
<div class="messagerie_bloc ' . ($m->read == 0 && $m->sid == $m->conversation ? "messagerie_bloc_new" : "") . '" onclick="window.location.href=\'' . Page::url("/messages/" . $m->conversation) . '\'">
<div class="messagerie_bloc_informations"><span>' . $user->firstname . ' ' . $user->lastname . '</span> :
<div class="messagerie_bloc_informations_date"><i class="fa fa-clock-o fa-fw"></i> ' . date(t("d-m-Y à H:i"), $m->sent_on) . '</div></div>
<div class="messagerie_bloc_texte">
<div class="messagerie_bloc_texte_inside">' . $m->message . '</div>
</div>' . $messagetype . '</div>
<div class="clear"></div>
</div>');
}
$theme->process_theme(Theme::STRUCT_DEFAULT);
}
}
static function sms_api($data)
{
global $mysqli;
if ($data[0] != 'SMS') {
return '';
}
$SMS = SmsUtils::GetSmsUtils();
if ($SMS === false) {
$configObject = Config::get_instance();
$notice = UserNotices::get_instance();
$userObject = UserObject::get_instance();
$userid = 0;
$username = '******';
if (isset($userObject)) {
$userid = $userObject->get_user_ID();
$username = $userObject->get_username();
}
$error_type = 'Notice';
$errstr = 'ROGO:SMS not correctly setup';
$errfile = 'lti_integration.php';
if (is_null($configObject->get('cfg_db_port'))) {
$configObject->set('cfg_db_port', 3306);
}
// Query may fail if we try to insert while another statement is open.
// Since we don't have a handle on the original statement, create another DB link
$mysqli2 = DBUtils::get_mysqli_link($configObject->get('cfg_db_host'), $configObject->get('cfg_db_username'), $configObject->get('cfg_db_passwd'), $configObject->get('cfg_db_database'), $configObject->get('cfg_db_charset'), $notice, $configObject->get('dbclass'), $configObject->get('cfg_db_port'));
$log_error = $mysqli2->prepare("INSERT INTO sys_errors VALUES(NULL, NOW(), ?, ?, ?, ?, ?, ?, NULL, ?, ?, ?, ?, ?, ?, ?)");
$log_error->bind_param('issssssssisss', $userid, $username, $error_type, $errstr, $errfile, $errline, $_SERVER['PHP_SELF'], $_SERVER['QUERY_STRING'], $_SERVER['REQUEST_METHOD'], $paperID, $post_data, $variables, $backtrace);
$log_error->execute();
$log_error->close();
return '';
} else {
$SMS->set_module($data[2]);
return $SMS->url;
}
}
function LoadQuestion($q_id)
{
global $REPLACEMEuserIDold, $show_debug;
$userObj = UserObject::get_instance();
// storage for question data
$q_row = array();
$o_rows = array();
// retrieve question row from database
$db = new Database();
$db->SetTable('questions');
$db->AddField('*');
$db->AddWhere('q_id', $q_id, 'i');
$q_row = $db->GetSingleRow();
// retrieve array of options from database
$db = new Database();
$db->SetTable('options');
$db->AddField('*');
$db->AddWhere('o_id', $q_id, 'i');
$db->AddOrder('id_num');
$o_rows = $db->GetMultiRow();
// determine q type and create a storage class for correct type
$q_type = $q_row['q_type'];
$q_storage = 'ST_Question_' . $q_type;
$store = new $q_storage();
$store->type = $q_type;
// populate base storage fields
$this->LoadQuestionBase($store, $q_row, $o_rows);
// populate class specific storage fields
$funcname = 'LoadQuestion' . $q_type;
call_user_func(array($this, $funcname), $store, $q_row, $o_rows);
// display some debug data
print_p($q_row);
print_p($o_rows, true, 100);
// insert track changes record
if ($show_debug != true) {
$track = array();
$track['type'] = "QTI Export";
$track['typeID'] = $q_row['q_id'];
$track['editor'] = $userObj->get_user_ID();
$track['new'] = "Exported to QTI file";
$track['part'] = "all";
$track['changed'] = date("Y-m-d H:i:s");
$db->InsertRow("track_changes", "id", $track);
}
// return question
return $store;
}
function marks_from_file($fileName, $paperID, $string, $properties, $db)
{
$configObject = Config::get_instance();
$configObject->get('cfg_tmpdir');
$userObject = UserObject::get_instance();
// Get properties of the paper.
$session = $properties->get_calendar_year();
$paper_date = $properties->get_raw_start_date();
$moduleIDs = Paper_utils::get_modules($paperID, $db);
// Get the questions on the paper.
$paper = array();
$question_no = 0;
$result = $db->prepare("SELECT question, sum(marks_correct) AS sum FROM papers, options WHERE paper = ? AND papers.question = options.o_id GROUP BY question ORDER BY screen, display_pos");
$result->bind_param('i', $paperID);
$result->execute();
$result->bind_result($question, $marks_correct);
while ($result->fetch()) {
$question_no++;
$paper[$question_no]['id'] = $question;
$paper[$question_no]['marks_correct'] = $marks_correct;
}
$result->close();
// Get student data.
$students = array();
$modids = implode(',', array_keys($moduleIDs));
$result = $db->prepare("SELECT users.id, student_id, username, yearofstudy, grade, title, surname, first_names FROM users, sid, modules_student WHERE users.id = sid.userID AND users.id = modules_student.userID AND idMod IN ({$modids}) AND calendar_year = ?");
$result->bind_param('s', $session);
$result->execute();
$result->bind_result($id, $student_id, $username, $year, $grade, $title, $surname, $first_names);
while ($result->fetch()) {
$students[$student_id]['username'] = $username;
$students[$student_id]['title'] = $title;
$students[$student_id]['surname'] = $surname;
$students[$student_id]['first_names'] = $first_names;
$students[$student_id]['year'] = $year;
$students[$student_id]['grade'] = $grade;
$students[$student_id]['id'] = $id;
}
$result->close();
$lines = file($fileName);
$line_written = 0;
echo "<table cellspacing=\"0\" cellpadding=\"2\" border=\"0\" style=\"margin-left:10px; border-collapse:collapse\">\n";
foreach ($lines as $separate_line) {
$error = '';
if ($line_written == 0 and isset($_POST['header_row']) and $_POST['header_row'] == 1) {
// Write out the header line.
$fields = explode(',', $separate_line);
echo "<tr><th></th><th colspan=\"3\">Student Name</th>";
foreach ($fields as $field) {
if (trim($field) != '') {
echo "<th>{$field}</th>";
}
}
echo "</tr>\n";
}
if (!isset($_POST['header_row']) or $_POST['header_row'] != 1 or $line_written > 0) {
$fields = explode(',', $separate_line);
$sid = trim($fields[0]);
if (!isset($students[$sid]['username'])) {
// Student is not in class List.
// Look up to see if anywhere else in Authentication database.
$result = $db->prepare("SELECT id, student_id, users.username, yearofstudy, grade, title, surname, first_names FROM users, sid WHERE users.id = sid.userID AND sid.student_id = ?");
$result->bind_param('s', $sid);
$result->execute();
$result->store_result();
$result->bind_result($id, $student_id, $username, $year, $grade, $title, $surname, $first_names);
if ($result->num_rows > 0) {
$result->fetch();
$students[$student_id]['username'] = $username;
$students[$student_id]['title'] = $title;
$students[$student_id]['surname'] = $surname;
$students[$student_id]['first_names'] = $first_names;
$students[$student_id]['year'] = $year;
$students[$student_id]['grade'] = $grade;
$students[$student_id]['id'] = $id;
}
$result->close();
}
if (isset($students[$sid]) and $students[$sid]['username'] != '') {
// Student is in class List.
$save_ok = true;
$db->autocommit(false);
$result = $db->prepare("SELECT id FROM log_metadata WHERE userID = ? AND paperID = ? AND started = ?");
$result->bind_param('iis', $students[$sid]['id'], $paperID, $paper_date);
$result->execute();
$result->store_result();
$result->bind_result($lmd_id);
if ($result->num_rows > 0) {
$result->fetch();
$delete1 = $db->prepare("DELETE FROM log5 WHERE metadataID = ?");
$delete1->bind_param('i', $lmd_id);
$res = $delete1->execute();
if ($res == false) {
$save_ok = false;
}
$delete1->close();
if ($save_ok) {
$delete2 = $db->prepare("DELETE FROM log_metadata WHERE id = ?");
$delete2->bind_param('i', $lmd_id);
$res = $delete2->execute();
if ($res == false) {
$save_ok = false;
}
$delete2->close();
}
}
$result->close();
//
// did the all the save to log operations succeed?
//
if ($save_ok === false) {
//NO - rollback
$db->rollback();
$error = $string['errorsaving'];
break;
} else {
//YES - commit the updates to the log tables
$db->commit();
}
$result = $db->prepare("INSERT INTO log_metadata (userID, paperID, started, ipaddress, student_grade, year, attempt) " . "VALUES (?, ?, ?, ?, ?, ?, ?)");
$ip = '127.0.0.1';
$attempt = 1;
$result->bind_param('iisssii', $students[$sid]['id'], $paperID, $paper_date, $ip, $students[$sid]['grade'], $students[$sid]['year'], $attempt);
$res = $result->execute();
if ($res == false) {
$save_ok = false;
} else {
$lmd_id = $db->insert_id;
}
$result->close();
if ($save_ok) {
echo "<tr><td><img src=\"../artwork/green_plus_16.png\" wodth=\"16\" height=\"16\" alt=\"Add\" /></td><td>" . $students[$sid]['title'] . "</td><td>" . $students[$sid]['surname'] . "</td><td>" . $students[$sid]['first_names'] . "</td><td>{$sid}</td>";
for ($q = 1; $q <= $question_no; $q++) {
$result = $db->prepare("INSERT INTO log5 (q_id, mark, adjmark, totalpos, metadataID) VALUES (?, ?, ?, ?, ?)");
$mark = trim($fields[$q]);
if ($mark > $paper[$q]['marks_correct']) {
$save_mark = NULL;
} else {
$save_mark = floatval($mark);
}
$result->bind_param('iddii', $paper[$q]['id'], $save_mark, $save_mark, $paper[$q]['marks_correct'], $lmd_id);
$res = $result->execute();
if ($res == false) {
echo "<td>error</td>";
$save_ok = false;
break;
} else {
if ($mark > $paper[$q]['marks_correct']) {
echo '<td class="failed">too high</td>';
} elseif ($mark === '') {
echo '<td class="failed">missing</td>';
} else {
echo "<td class=\"num\">{$mark}</td>";
}
}
$result->close();
}
echo "</tr>\n";
}
//
// did the all the save to log operations succeed?
//
if ($save_ok === false) {
//NO - rollback
$db->rollback();
$error = $string['errorsaving'];
break;
} else {
//YES - commit the updates to the log tables
$db->commit();
}
} else {
echo "<tr><td><img src=\"../artwork/red_cross_16.png\" wodth=\"16\" height=\"16\" alt=\"Failed\" /></td><td colspan=\"3\" class=\"failed\">Student not found.</td><td>{$sid}</td><td colspan=\"" . $question_no . "\" class=\"failed\"> </td></tr>";
}
}
$line_written++;
}
//if ($error != '') {
// echo "<li style=\"color:C00000\">$error</li>";
//}
echo "</table>\n";
//turn auto commit back on so future queries function as before
$db->autocommit(true);
}
public function save()
{
$configObject = Config::get_instance();
$userObject = UserObject::get_instance();
if ($this->summative_lock and !$userObject->has_role('SysAdmin')) {
// For SysAdmin drop through to bottom if
$result = $this->db->prepare("UPDATE properties SET marking = ?, pass_mark = ?, distinction_mark = ?, display_correct_answer = ?, display_students_response = ?, display_question_mark = ?, display_feedback = ?, external_review_deadline = ?, internal_review_deadline = ?, recache_marks = ? WHERE property_id = ?");
$result->bind_param('siissssssii', $this->marking, $this->pass_mark, $this->distinction_mark, $this->display_correct_answer, $this->display_students_response, $this->display_question_mark, $this->display_feedback, $this->external_review_deadline, $this->internal_review_deadline, $this->recache_marks, $this->property_id);
} elseif ($configObject->get('cfg_summative_mgmt') and $this->paper_type == '2' and !$userObject->has_role(array('Admin', 'SysAdmin'))) {
$result = $this->db->prepare("UPDATE properties SET paper_title = ?, paper_prologue = ?, paper_postscript = ?, bgcolor = ?, fgcolor = ?, themecolor = ?, labelcolor = ?, fullscreen = ?, marking = ?, bidirectional = ?, pass_mark = ?, distinction_mark = ?, folder = ?, rubric = ?, calculator = ?, display_correct_answer = ?, display_students_response = ?, display_question_mark = ?, display_feedback = ?, hide_if_unanswered = ?, external_review_deadline = ?, internal_review_deadline = ?, sound_demo = ?, password = ?, recache_marks = ? WHERE property_id = ?");
$result->bind_param('ssssssssssiississsssssssii', $this->paper_title, $this->paper_prologue, $this->paper_postscript, $this->bgcolor, $this->fgcolor, $this->themecolor, $this->labelcolor, $this->fullscreen, $this->marking, $this->bidirectional, $this->pass_mark, $this->distinction_mark, $this->folder, $this->rubric, $this->calculator, $this->display_correct_answer, $this->display_students_response, $this->display_question_mark, $this->display_feedback, $this->hide_if_unanswered, $this->external_review_deadline, $this->internal_review_deadline, $this->sound_demo, $this->password, $this->recache_marks, $this->property_id);
} else {
$result = $this->db->prepare("UPDATE properties SET paper_title = ?, paper_type = ?, start_date = ?, end_date = ?, timezone = ?, paper_prologue = ?, paper_postscript = ?, bgcolor = ?, fgcolor = ?, themecolor = ?, labelcolor = ?, fullscreen = ?, marking = ?, bidirectional = ?, pass_mark = ?, distinction_mark = ?, folder = ?, labs = ?, rubric = ?, calculator = ?, exam_duration = ?, display_correct_answer = ?, display_students_response = ?, display_question_mark = ?, display_feedback = ?, hide_if_unanswered = ?, calendar_year = ?, external_review_deadline = ?, internal_review_deadline = ?, sound_demo = ?, password = ?, recache_marks = ?, deleted = ? WHERE property_id = ?");
$result->bind_param('ssssssssssssssiisssiissssssssssisi', $this->paper_title, $this->paper_type, $this->raw_start_date, $this->raw_end_date, $this->timezone, $this->paper_prologue, $this->paper_postscript, $this->bgcolor, $this->fgcolor, $this->themecolor, $this->labelcolor, $this->fullscreen, $this->marking, $this->bidirectional, $this->pass_mark, $this->distinction_mark, $this->folder, $this->labs, $this->rubric, $this->calculator, $this->exam_duration, $this->display_correct_answer, $this->display_students_response, $this->display_question_mark, $this->display_feedback, $this->hide_if_unanswered, $this->calendar_year, $this->external_review_deadline, $this->internal_review_deadline, $this->sound_demo, $this->password, $this->recache_marks, $this->deleted, $this->property_id);
}
$result->execute();
$result->close();
// Record any changes
$logger = new Logger($this->db);
foreach ($this->changes as $change) {
$logger->track_change('Paper', $this->property_id, $userObject->get_user_ID(), $change['old'], $change['new'], $change['part']);
}
}
function Save($params, &$data)
{
global $string;
echo "<h4>{$string['params']}</h4>";
print_p($params);
echo "<h4>{$string['generaldebuginfo']}</h4>";
global $REPLACEMEuserIDold;
$userObj = UserObject::get_instance();
$userID = $userObj->get_user_ID();
$data->ownerID = $userID;
$this->data =& $data;
$this->params =& $params;
$this->ll = array();
for ($i = 1; $i < 27; $i++) {
$varletter = chr(ord('A') + $i - 1);
$this->ll[$i] = $varletter;
}
// paper mode
if (count($data->papers) > 0) {
foreach ($data->papers as &$paper) {
//print_p($paper);
$this->output = $this->DoHeader();
$this->output .= "\t<assessment title='" . $paper->paper_title . "' ident='" . $paper->load_id . "'>\n";
if ($paper->rubric) {
$this->output .= "\t\t<rubric><![CDATA[" . $paper->rubric . "]]></rubric>\n";
}
foreach ($paper->screens as $id => &$screen) {
$this->output .= "\t\t<section title='Screen {$id}' ident='{$id}'>\n";
foreach ($screen->question_ids as $q_id) {
$question = FindQuestion($data->questions, $q_id);
if ($question) {
$this->OutputQuestion($question);
} else {
$this->AddError("Screen {$id} references questions {$q_id} which doesnt exist");
}
}
$this->output .= "\t\t</section>\n";
}
$this->output .= "\t</assessment>\n";
$this->output .= sprintf("</questestinterop>\n");
$filename = $params->base_dir . $params->dir . "/paper-" . $paper->load_id . ".xml";
file_put_contents($filename, $this->output);
//$data->files[$paper->paper_title] = $filename;
$data->files[] = new ST_File("paper-" . $paper->load_id . ".xml", $paper->paper_title, $params->dir);
}
} else {
// question mode
$this->output = $this->DoHeader();
// this needs a lot more work on this function
foreach ($data->questions as $question) {
$this->OutputQuestion($question);
}
$this->output .= sprintf("</questestinterop>\n");
$filename = $params->base_dir . $params->dir . "/questions.xml";
file_put_contents($filename, $this->output);
$data->files[] = new ST_File("questions.xml", "Questions", $params->dir);
}
echo "<h4>QTI Output</h4>";
echo "<pre>";
echo htmlentities($this->output);
echo "</pre>";
}
private function load_stats($type)
{
$this->stats = array();
// Un-assigned papers should be limited to the owner.
if ($this->idMod == 0) {
$userObject = UserObject::get_instance();
$ownerSQL = 'questions_modules.idMOD IS NULL AND ownerID = ' . $userObject->get_user_ID();
} else {
$ownerSQL = 'questions_modules.idMod = ' . $this->idMod;
}
switch ($type) {
case 'all':
case 'type':
$sql = 'SELECT COUNT(questions.q_id), q_type' . ' FROM questions LEFT JOIN questions_modules' . ' ON questions.q_id = questions_modules.q_id' . ' WHERE ' . $ownerSQL . ' AND deleted IS NULL AND status != -1 GROUP BY q_type';
break;
case 'status':
$sql = 'SELECT COUNT(questions.q_id), name' . ' FROM (questions, question_statuses) LEFT JOIN questions_modules' . ' ON questions.q_id = questions_modules.q_id' . ' WHERE questions.status = question_statuses.id' . ' AND ' . $ownerSQL . ' AND deleted IS NULL GROUP BY status';
break;
case 'bloom':
$sql = 'SELECT COUNT(questions.q_id), bloom' . ' FROM questions LEFT JOIN questions_modules' . ' ON questions.q_id = questions_modules.q_id' . ' WHERE ' . $ownerSQL . ' AND deleted IS NULL AND status != -1 GROUP BY bloom';
break;
case 'keyword':
$sql = 'SELECT COUNT(questions.q_id), keywordID' . ' FROM (questions, keywords_question, keywords_user) LEFT JOIN questions_modules' . ' ON questions.q_id = questions_modules.q_id' . ' WHERE keywords_question.keywordID = keywords_user.id' . ' AND ' . $ownerSQL . ' AND questions.q_id = keywords_question.q_id' . ' AND deleted IS NULL AND status != -1 GROUP BY keywordID';
break;
case 'objective':
$vle_api_data = MappingUtils::get_vle_api($this->idMod, date_utils::get_current_academic_year(), $vle_api_cache, $this->db);
$all_years = getYearsForModules($vle_api_data['api'], array($this->idMod => $this->module_id), $this->db);
$all_years = implode("','", $all_years);
$sql = "SELECT COUNT(questions.q_id), relationships.obj_id" . " FROM (questions, relationships) LEFT JOIN questions_modules" . " ON questions.q_id = questions_modules.q_id" . " WHERE questions.q_id = relationships.question_id" . " AND {$ownerSQL} " . " AND calendar_year IN ('{$all_years}')" . " AND deleted IS NULL AND status != -1 GROUP BY relationships.obj_id";
break;
}
$result = $this->db->prepare($sql);
$result->execute();
$result->bind_result($number, $type);
while ($result->fetch()) {
$this->stats[$type] = $number;
}
$result->close();
}
}
return false;
}
function force_login($id)
{
$_SESSION['user'] = $id;
$user = User::getUser($id);
$_SESSION['user_level'] = $user->getTheme();
ActivityLog::log('login', $user, false, array());
db_do("INSERT INTO activity_log(user_id, action, whenit) VALUES('" . $user->getID() . "', 'login', NOW())");
return $user;
}
require_once 'database.php';
if (isset($_SESSION['user'])) {
require_once 'classes/UserObject.php';
$user = UserObject::getById($_SESSION['user']);
}
$_num_db_queries = 0;
$_queries = array();
function raw_query($q)
{
global $_num_db_queries;
$_num_db_queries++;
global $_queries;
$start = microtime(true);
$res = mysql_query($q);
if (mysql_error()) {
echo '<pre>';
print_r(debug_backtrace());
echo '</pre>';
die(mysql_error() . ': ' . $q);
/**
* This function will output a message to the user and exit php;
*
* @param string $title - string title to display
* @param string $msg - string the message displayed on screen
* @param string $reason - string the message displayed in the database
* @param string $icon - name of the icon image file
* @param string $title_color - color of the tile text
* @param bool $output_header - if true output opening HTML tags
* @param bool $output_footer - if true output closing HTML tags
*
*/
public function display_notice_and_exit($mysqli, $title, $msg, $reason, $icon, $title_color = 'black', $output_header = true, $output_footer = true)
{
$userObj = UserObject::get_instance();
if (!is_null($mysqli)) {
if ($userObj !== null and $userObj->get_user_ID() > 0) {
$logger = new Logger($mysqli);
$logger->record_access_denied($userObj->get_user_ID(), $title, $reason);
// Record attempt in access denied log against userID.
} else {
$logger = new Logger($mysqli);
$logger->record_access_denied(0, $title, $reason);
// Record attempt in access denied log, userID set to zero.
}
}
$this->display_notice($title, $msg, $icon, $title_color, $output_header, $output_footer);
exit;
}
<?php
include_once "../include/page.php";
include_once "../include/userobject.php";
$p = new Page("shoutbox", 0);
$u = new UserObject();
$p->addJs("\$(\"#accordion\").accordion({autoHeight:false, navigation:true})");
if (isset($_GET['message'])) {
$p->db->qry("INSERT INTO shoutbox VALUES(default," . $u->id . ",default,\"" . $_GET['message'] . "\")");
}
if (isset($_GET['shout_id'])) {
$p->db->qry("SELECT shoutbox.uid as idNumber FROM shoutbox WHERE id =" . $_GET['shout_id']);
while ($number = $p->db->fetchLast()) {
if ($u->id == $number['idNumber'] || $u->canAccess(2)) {
$p->db->qry("DELETE FROM shoutbox WHERE id =" . $_GET['shout_id']);
}
}
}
$p->db->qry("SELECT shoutbox.id as shout_id, shoutbox.uid as idNumber, users.username as username, shoutbox.time as time, shoutbox.message as message FROM users,shoutbox WHERE shoutbox.uid = users.id ORDER BY time DESC");
echo "<div id=\"accordion\">";
while ($row = $p->db->fetchLast()) {
echo "<h3><a>" . $row['username'] . " " . $row['time'] . "</a></h3>\n <div>" . $row['message'];
if ($u->id == $row['idNumber'] || $u->canAccess(2)) {
echo "<div style=\"float: right; margin-right:4%;\"><input type=\"button\" onClick=\"grabContent('shoutbox', 'shout_id=" . $row['shout_id'] . "')\" class=\"ui-button ui-widget ui-state-default ui-corner-all\" value=\"Delete\"/></div>";
}
echo "</div>";
}
echo "</div>";
public function __construct(DBConnection $conn, $tableName, $configKey)
{
parent::__construct($conn, $tableName, $configKey);
$this->recordCount = -1;
$this->objectType = 'TABLE';
}
<?php
include_once "../include/userobject.php";
$u = new UserObject();
$db = $u->db;
header("content-type: text/xml");
echo "<?xml version=\"1.0\" ?>";
if ($u->canAccess(1) && $u->billable) {
echo "<bills>\r\n\t<owing>\n";
$db->qry("SELECT username, SUM(amount) AS amount FROM users, `bills` WHERE uid = users.id AND `paid` = 0 AND `confirmed` = 0 GROUP BY username ORDER BY `uid` ASC");
while ($row = $db->fetchLast()) {
echo "\t\t<entry username = \"{$row['username']}\" amount = \"\${$row['amount']}\"/>\n";
}
echo "\t</owing>\r\n\t<unconfirmed>\n";
$db->qry("SELECT username, SUM(amount) AS amount FROM users, `bills` WHERE uid = users.id AND `paid` = 1 AND `confirmed` = 0 GROUP BY username ORDER BY `uid` ASC");
while ($row = $db->fetchLast()) {
echo "\t\t<entry username = \"{$row['username']}\" amount = \"\${$row['amount']}\"/>\n";
}
echo "\t</unconfirmed>\r\n</bills>";
} else {
echo "<bills><owing></owing><unconfirmed></unconfirmed></bills>";
}
public function __construct(DBConnection $conn, $sequenceName, $configKey)
{
parent::__construct($conn, $sequenceName, $configKey);
$this->objectType = 'SEQUENCE';
}
/**
* Change the correct answer after the question has been locked. Update user marks in summative log table
* @param mixed $new_correct Array of new values for fields that can be corrected
* @param integer $paper_id
* @param boolean $changes True if changes have been made by a previous corrector
* @param integer $paper_type Integer index for type of paper
* @return array[$string] Any errors encountered in the correction process
*/
public function execute($new_correct, $paper_id, &$changes, $paper_type)
{
$errors = array();
$marks_correct = $this->_question->get_marks_correct();
$marks_incorrect = $this->_question->get_marks_incorrect();
$marks_partial = $this->_question->get_marks_partial();
$tolerance_full = $this->_question->get_tolerance_full();
if ($tolerance_full != $new_correct['tolerance_full']) {
$this->_question->set_tolerance_full($new_correct['tolerance_full']);
$changes = true;
$this->_question->add_unified_field_modification('tolerance_full', 'tolerance_full', $tolerance_full, $new_correct['tolerance_full'], $this->_lang_strings['postexamchange']);
}
$tolerance_partial = $this->_question->get_tolerance_partial();
if ($tolerance_partial != $new_correct['tolerance_partial']) {
$this->_question->set_tolerance_partial($new_correct['tolerance_partial']);
$changes = true;
$this->_question->add_unified_field_modification('tolerance_partial', 'tolerance_partial', $tolerance_partial, $new_correct['tolerance_partial'], $this->_lang_strings['postexamchange']);
}
$answer_precision = $this->_question->get_answer_precision();
if ($answer_precision != $new_correct['answer_precision']) {
$this->_question->set_answer_precision($new_correct['answer_precision']);
$changes = true;
$this->_question->add_unified_field_modification('answer_precision', 'answer_precision', $answer_precision, $new_correct['answer_precision'], $this->_lang_strings['postexamchange']);
}
$strict_zeros = $this->_question->get_strict_zeros();
// Need to be careful of how the correction code builds the values for check boxes
if (isset($new_correct['strict_zeros'])) {
$new_strict_zeros = is_array($new_correct['strict_zeros']) ? $new_correct['strict_zeros'][0] : $new_correct['strict_display'];
} else {
$new_strict_zeros = false;
}
if ($strict_zeros != $new_strict_zeros) {
$this->_question->set_strict_zeros($new_strict_zeros);
$changes = true;
$this->_question->add_unified_field_modification('strict_zeros', 'strict_zeros', $strict_zeros, $new_strict_zeros, $this->_lang_strings['postexamchange']);
}
// Parse answers
$opts = $this->_question->options;
for ($i = 1; $i <= $this->_question->max_options; $i++) {
if (isset($opts[$i])) {
$ans = $opts[$i]->get_formula();
$units = $opts[$i]->get_units();
if ($ans != '' and $new_correct['option_formula'][$i - 1] == '') {
$opts[$i]->set_formula('');
$opts[$i]->set_units('');
$changes = true;
$this->_question->add_unified_field_modification('Deleted Answer ' . $i, 'Deleted Answer ' . $i, $ans . ', ' . $units, '', $this->_lang_strings['postexamchange']);
} else {
if ($ans != $new_correct['option_formula'][$i - 1]) {
$opts[$i]->set_formula($new_correct['option_formula'][$i - 1]);
$changes = true;
if ($ans != '') {
$this->_question->add_unified_field_modification('option_formula' . $i, 'option_formula' . $i, $ans, $new_correct['option_formula'][$i - 1], $this->_lang_strings['postexamchange']);
}
}
if ($units != $new_correct['option_units'][$i - 1]) {
$opts[$i]->set_units($new_correct['option_units'][$i - 1]);
$changes = true;
if ($ans != '') {
$this->_question->add_unified_field_modification('option_units' . $i, 'option_units' . $i, $units, $new_correct['option_units'][$i - 1], $this->_lang_strings['postexamchange']);
}
}
if ($ans == '') {
$this->_question->add_unified_field_modification('New Answer ' . $i, 'New Answer ' . $i, '', $new_correct['option_formula'][$i - 1] . ', ' . $new_correct['option_units'][$i - 1], $this->_lang_strings['postexamchange']);
}
}
} elseif ($new_correct['option_formula'][$i - 1] != '') {
// Complete new answer
$changes = true;
$userObj = UserObject::get_instance();
$this->_question->options[$i] = new OptionENHANCEDCALC($this->_mysqli, $userObj->get_user_ID(), $this->_question, $i, $this->_lang_strings, array('formula' => $new_correct['option_formula'][$i - 1], 'units' => $new_correct['option_units'][$i - 1]));
$this->_question->add_unified_field_modification('New Answer ' . $i, 'New Answer ' . $i, '', $new_correct['option_formula'][$i - 1] . ', ' . $new_correct['option_units'][$i - 1], $this->_lang_strings['postexamchange']);
}
}
if ($changes) {
try {
if (!$this->_question->save()) {
$errors[] = $this->_lang_strings['datasaveerror'];
} else {
enhancedcalc_remark($paper_type, $paper_id, $this->_question->id, $this->_question->get_settings(), $this->_mysqli, 'all');
}
} catch (ValidationException $vex) {
$errors[] = $vex->getMessage();
}
if (count($errors) == 0) {
$this->invalidate_paper_cache($paper_id);
}
}
return $errors;
}
public static function paper_types($idMod, $show_retired, $db)
{
$userObject = UserObject::get_instance();
$paper_types = array();
if ($idMod == '0') {
// Unused papers.
if ($show_retired) {
$sql = 'SELECT DISTINCT paper_type, COUNT(properties.property_id)
FROM properties LEFT JOIN properties_modules
ON properties.property_id = properties_modules.property_id
WHERE idMod IS NULL
AND paper_ownerID = ?
AND deleted IS NULL
GROUP BY paper_type
ORDER BY paper_type';
} else {
$sql = 'SELECT DISTINCT paper_type, COUNT(properties.property_id)
FROM properties LEFT JOIN properties_modules
ON properties.property_id = properties_modules.property_id
WHERE idMod IS NULL
AND paper_ownerID = ?
AND deleted IS NULL
AND retired IS NULL
GROUP BY paper_type
ORDER BY paper_type';
}
$result = $db->prepare($sql);
$result->bind_param('i', $userObject->get_user_ID());
} else {
if ($show_retired) {
$sql = 'SELECT DISTINCT paper_type, COUNT(properties.property_id)
FROM properties, properties_modules
WHERE properties.property_id = properties_modules.property_id
AND idMod = ?
AND deleted IS NULL
GROUP BY paper_type
ORDER BY paper_type';
} else {
$sql = 'SELECT DISTINCT paper_type, COUNT(properties.property_id)
FROM properties, properties_modules
WHERE properties.property_id = properties_modules.property_id
AND idMod = ?
AND deleted IS NULL
AND retired IS NULL
GROUP BY paper_type
ORDER BY paper_type';
}
$result = $db->prepare($sql);
$result->bind_param('i', $idMod);
}
$result->execute();
$result->bind_result($type, $number);
while ($result->fetch()) {
$paper_types[$type] = $number;
}
$result->close();
return $paper_types;
}
public function __construct(DBConnection $conn, $triggerName, $configKey)
{
parent::__construct($conn, $triggerName, $configKey);
$this->objectType = 'TRIGGER';
}
/**
* Get the details of the papers that are currently available for the current user and lab
* @param array $paper_display Reference to array in which to build details of available papers
* @param array $types Array of paper types to check for
* @param UserObject $userObj The current user
* @param mysqli $db Database reference
* @param string $exclude Option ID of a paper to exclude from the check
* @return integer The number of currently active papers
*/
public function get_active_papers(&$paper_display, $types, $userObj, $db, $exclude = '')
{
$type_sql = '';
foreach ($types as $type) {
if ($type_sql != '') {
$type_sql .= ' OR ';
}
$type_sql .= "paper_type='{$type}'";
}
$exclude_sql = '';
if ($exclude != '') {
$exclude_sql = ' AND property_id != ' . $exclude;
}
$paper_no = 0;
$paper_query = $db->prepare("SELECT property_id, paper_type, crypt_name, paper_title, bidirectional, fullscreen, MAX(screen) AS max_screen, labs, calendar_year, password, completed FROM (papers, properties) LEFT JOIN log_metadata ON properties.property_id = log_metadata.paperID AND userID = ? WHERE papers.paper = properties.property_id AND (labs != '' OR password != '') AND ({$type_sql}) AND deleted IS NULL AND start_date < DATE_ADD(NOW(),interval 15 minute) AND end_date > NOW() {$exclude_sql} GROUP BY paper");
$paper_query->bind_param('i', $userObj->get_user_ID());
$paper_query->execute();
$paper_query->store_result();
$paper_query->bind_result($property_id, $paper_type, $crypt_name, $paper_title, $bidirectional, $fullscreen, $max_screen, $labs, $calendar_year, $password, $completed);
while ($paper_query->fetch()) {
if ($labs != '') {
$machineOK = false;
$labs = str_replace(",", " OR lab=", $labs);
$lab_info = $db->query("SELECT address FROM client_identifiers WHERE address = '" . NetworkUtils::get_client_address() . "' AND (lab = {$labs})");
if ($lab_info->num_rows > 0) {
$machineOK = true;
}
$lab_info->close();
} else {
$machineOK = true;
}
if (strpos($userObj->get_username(), 'user') !== 0) {
$moduleIDs = Paper_utils::get_modules($property_id, $db);
if (count($moduleIDs) > 0) {
$moduleOK = false;
if ($calendar_year != '') {
$cal_sql = "AND calendar_year = '" . $calendar_year . "'";
} else {
$cal_sql = '';
}
$module_in = implode(',', array_keys($moduleIDs));
$moduleInfo = $db->prepare("SELECT userID FROM modules_student WHERE userID = ? {$cal_sql} AND idMod IN ({$module_in})");
$moduleInfo->bind_param('i', $userObj->get_user_ID());
$moduleInfo->execute();
$moduleInfo->store_result();
$moduleInfo->bind_result($tmp_userID);
$moduleInfo->fetch();
if ($moduleInfo->num_rows() > 0) {
$moduleOK = true;
}
$moduleInfo->close();
} else {
$moduleOK = true;
}
} else {
$moduleOK = true;
}
if ($machineOK == true and $moduleOK == true) {
$paper_display[$paper_no]['id'] = $property_id;
$paper_display[$paper_no]['paper_title'] = $paper_title;
$paper_display[$paper_no]['crypt_name'] = $crypt_name;
$paper_display[$paper_no]['paper_type'] = $paper_type;
$paper_display[$paper_no]['max_screen'] = $max_screen;
$paper_display[$paper_no]['bidirectional'] = $bidirectional;
$paper_display[$paper_no]['password'] = $password;
$paper_display[$paper_no]['completed'] = $completed;
$paper_no++;
}
}
$paper_query->close();
return $paper_no;
}
<?php
include_once "../include/userobject.php";
include_once "../include/linklist.php";
$l = new LinkList($u = new UserObject());
header("content-type: text/xml");
echo "<user>\r\n\t<id>{$u->id}</id>\r\n\t<username>{$u->username}</username>\r\n\t<access>{$u->access}</access>\r\n\t<firstname>{$u->firstname}</firstname>\r\n\t<lastname>{$u->lastname}</lastname>\r\n\t<dob>{$u->dob}</dob>\r\n\t<billable>{$u->billable}</billable>\r\n\t<email>{$u->email}</email>\r\n\t<connection>";
echo $u->isLocal ? "On LAN" : "On Internet";
echo "</connection>\r\n\t<ip>{$_SERVER['REMOTE_ADDR']}</ip>\r\n\t<skin>{$u->getSkin()}</skin>\r\n</user>";
public static function page_profile($id_user = null)
{
$theme = new Theme();
$isMyProfil = false;
if ($id_user == null) {
$id_user = self::get_user_logged_id();
$isMyProfil = true;
}
$u = new UserObject();
$u->load($id_user);
$url_avatar = $u->get_avatar();
$output = "";
$output .= "<div id=\"profil_top\">";
$output .= "<div id=\"profil_top_avatar\" class=\"avatar\" style=\"background-image:url({$url_avatar});\">";
if ($isMyProfil) {
$output .= Theme::linking(Page::url("/profile/settings/avatar"), "<span id=\"profil_top_avatar_changeBG\"></span><span id=\"profil_top_avatar_changeTxt\">" . t("Modifier") . "</span>");
}
$output .= "</div>";
$output .= "<div id=\"profil_top_avatar_nom\">";
if ($isMyProfil) {
$output .= "<i class=\"fa fa-user fa-fw\" title=\"Mon profil\"></i>";
}
$output .= $u->firstname . " " . $u->lastname;
$output .= "</div>";
$output .= "</div>";
$output .= "<div class=\"page_contenu_sep\"></div>";
$output .= "<div id=\"profil_buttons\">";
$result = method_invoke_all("hook_profile_view", array($id_user));
foreach ($result as $r) {
$output .= $r;
}
$output .= "<div class=\"clear\"></div>";
$output .= "</div>";
$theme->add_to_body($output);
$theme->process_theme(Theme::STRUCT_DEFAULT);
}
<?php
// <SETTINGS>
$netspacefile = '../../xml/netspace.xml';
// Netspace XML file
$updatefile = '../../xml/nslastupdate.dat';
// File with time file was last updated
$countuploads = true;
//true or false. Use true if your plan counts uploads, false if not
// </SETTINGS>
include_once "../include/userobject.php";
$u = new UserObject();
header("content-type: text/xml");
echo "<?xml version=\"1.0\" ?>";
if (file_exists($netspacefile) & $u->canAccess(1)) {
$xml = simplexml_load_file($netspacefile);
//Open (local) NetSpace XML
$startdate = strtotime($xml["START_DATE"]);
//startdate in seconds
$enddate = strtotime($xml["END_DATE"]);
//enddate in seconds
if ($xml->PLAN->LIMIT[0]["NAME"] == "Peak") {
$ontotal = $xml->PLAN->LIMIT[0]["MEGABYTES"] / 1000;
//peak total
$offtotal = $xml->PLAN->LIMIT[1]["MEGABYTES"] / 1000;
//offpeak total
} else {
if ($xml->PLAN->LIMIT[0]["NAME"] == "Off Peak") {
$offtotal = $xml->PLAN->LIMIT[0]["MEGABYTES"] / 1000;
//offpeak total
$ontotal = $xml->PLAN->LIMIT[1]["MEGABYTES"] / 1000;
<?php
include_once "../include/bandwidth.php";
include_once "../include/userobject.php";
$stats = new Bandwidth();
$u = new UserObject();
header("content-type: text/xml");
echo "<?xml version=\"1.0\" ?>";
if ($u->canAccess(1)) {
echo "<bandwidth>\r\n\t<liveupload>{$stats->upload}</liveupload>\r\n\t<livedownload>{$stats->download}</livedownload>\r\n</bandwidth>";
} else {
echo "<bandwidth>\r\n\t<liveupload>Unauthorised</liveupload>\r\n\t<livedownload>User</livedownload>\r\n</bandwidth>";
}
/**
* Clear a user (student) from all modules for that session and attempt.
*
* @param integer $tmp_userID UserID of the member of student to remove
* @param integer $session session year to be removed from
* @param integer $attemp attempt to be removed from
* @param object $db mysqli database connection
*
*/
static function clear_student_modules_by_userID($tmp_userID, $session, $attempt, $db)
{
$userObject = UserObject::get_instance();
$result = $db->prepare("DELETE FROM modules_student WHERE userID = ? AND calendar_year = ? AND attempt = ?");
$result->bind_param('isi', $tmp_userID, $session, $attempt);
$result->execute();
$result->close();
if ($userObject->get_user_ID() == $tmp_userID) {
$userObject->load_student_modules();
// Re-cache modules if the user is the currently logged in person.
}
}
*
* Rogō hompage. Uses ../include/options_menu.inc for the sidebar menu.
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require_once '../include/staff_student_auth.inc';
require_once '../include/errors.inc';
require_once '../include/sidebar_menu.inc';
require_once '../classes/recyclebin.class.php';
require_once '../config/index.inc';
require_once '../classes/paperutils.class.php';
require_once '../classes/folderutils.class.php';
$userObject = UserObject::get_instance();
// Redirect Students (if not also staff), External Examiners and Invigilators to their own areas.
if ($userObject->has_role('Student') and !$userObject->has_role(array('Staff', 'Admin', 'SysAdmin'))) {
header("location: ../students/");
exit;
} elseif ($userObject->has_role('External Examiner')) {
header("location: ../reviews/");
exit;
} elseif ($userObject->has_role('Invigilator')) {
header("location: ../invigilator/");
exit;
}
// If we're still here we should be staff
require_once '../include/staff_auth.inc';
?>
<!DOCTYPE html>
<?php
include_once "../include/userobject.php";
include_once "../include/linklist.php";
$u = new UserObject();
$u->db->qry("SELECT * FROM links");
header("content-type: text/xml");
echo "<links>";
while ($link = $u->db->fetchLast()) {
if ($u->canAccess($link['reqaccess']) || $link['billoverride'] && $u->billable) {
echo "\n\t<link><label>{$link['label']}</label><url>{$link['url']}</url></link>";
}
}
echo "\n</links>";
