public function add_member($uid) { if (!isset($this->_members[$uid])) { Database::insert("user_group", array("gid" => $this->gid, "uid" => $uid)); $d = new UserObject(); $d->load($uid); $this->_members[$uid] = $d; } }
public static function list_of_members($label) { $group = new GroupObject(); $view = array(); if ($group->load_by_label($label)) { $group->load_members(); $members = $group->members(); $rows = array(); $theme = new Theme(); foreach ($members as $k => $v) { $rows[] = array($k, $v->firstname, $v->lastname, $theme->linking(Page::url("/admin/groups/{$label}/delete/{$k}"), t("retirer du groupe"))); } $form = new Form("POST", Page::url("/admin/groups/{$label}/add")); $selector = new FormElement("select", "userid", t("selectionnez un utilisateur")); $users = UserObject::loadAll(); foreach ($users as $u) { $selector->addElement(new FormElement("option", "", $u->lastname . " " . $u->firstname, $u->uid)); } $form->addElement($selector); $form->addElement(new InputElement("add-element", null, t("ajouter un membre"), "submit")); $f = $theme->forming($form); $theme->set_title(t("Groupe %s", array("%s" => $label))); $theme->add_to_body($theme->linking(Page::url("/admin/groups"), t("retourner à la liste des groupes"))); $theme->add_to_body($f, t("Ajouter un membre au groupe")); $theme->add_to_body($theme->tabling($rows, array(t("id"), t("firstname"), t("lastname"), t("actions"))), t("Liste des membres")); $theme->process_theme(Theme::STRUCT_ADMIN); } else { } return; }
/** * constructor * * @param $db is a mysqli link to db * @param $configObject a Rogo config object populated from config.inc * * @return none */ function __construct($configObject, $db) { if (is_object(self::$inst)) { throw new Exception("Highlander:: there can be only one UserObject"); } $this->db =& $db; $this->configObj =& $configObject; self::$inst = $this; }
public static function loadAllUsersWithout($array_id_users = array()) { $d = new UserObject(); $request = "SELECT * FROM " . CONFIG_DB_PREFIX . $d->tableName(); if (sizeof($array_id_users) > 0) { $request .= " WHERE uid NOT IN(" . implode(",", $array_id_users) . ")"; } $request .= " ORDER BY lastname ASC, firstname ASC"; $results = Database::getAll($request); $list_of_users = array(); if (is_array($results)) { foreach ($results as $r) { if ($r->uid != User::get_user_logged_id()) { $list_of_users[] = $r->uid; } } } return $list_of_users; }
/** * Insert a question exclusion record into the database. */ public function add_exclusion($q_id, $status) { $userObj = UserObject::get_instance(); if ($result = $this->db->prepare("INSERT INTO question_exclude VALUES (NULL, ?, ?, ?, {$userObj->get_user_ID()}, NOW(), '')")) { $result->bind_param('iis', $this->paper_id, $q_id, $status); $result->execute(); $result->close(); } else { display_error("Question_exclude Insert Error 1", $this->db->error); } }
function createUser($userEnt) { $userObj = new UserObject(); $userObj->setuserLoginName($userEnt->getProperty('USER_LOGIN_NAME')); $userObj->setUserName($userEnt->getProperty('USER_NAME')); $userObj->setUserMail($userEnt->getProperty('USER_EMAIL')); $userObj->setActive($userEnt->getProperty('USER_ACTIVE')); $userObj->setUserGroupName($userEnt->getProperty('GROUPE_NAME')); return $userObj; }
public function discussions() { if (User::get_user_logged_id() != null) { $messages = MessagesDB::getDiscussions(User::get_user_logged_id()); $theme = new Theme(); $theme->set_title(t("Messagerie")); foreach ($messages as $m) { $user = new UserObject(); $user->load($m->conversation); $messagetype = ""; if ($m->sid == $m->conversation && $m->read == 0) { $messagetype = '<div class="messagerie_bloc_icone"><i class="fa fa-envelope fa-fw" title="Message lu"></i></div>'; } else { if ($m->sid == $m->conversation && $m->read == 1) { $messagetype = '<div class="messagerie_bloc_icone"><i class="fa fa-envelope fa-fw" title="Message lu"></i></div>'; } elseif ($m->rid == $m->conversation && $m->read == 0) { $messagetype = '<div class="messagerie_bloc_icone"><i class="fa fa-reply fa-fw" title="Réponse envoyée"></i></div>'; } else { $messagetype = '<div class="messagerie_bloc_icone"><i class="fa fa-check fa-fw" title="Réponse envoyée et lu"></i></div>'; } } $theme->add_to_body('<div class="messagerie"> <div class="messagerie_avatar_area"> <div class="messagerie_avatar avatar" style="background-image:url(' . $user->get_avatar() . ')"> </div> <div class="messagerie_nom"><a>' . $user->firstname . ' <br/>' . $user->lastname . '</a></div> </div> <div class="messagerie_bloc ' . ($m->read == 0 && $m->sid == $m->conversation ? "messagerie_bloc_new" : "") . '" onclick="window.location.href=\'' . Page::url("/messages/" . $m->conversation) . '\'"> <div class="messagerie_bloc_informations"><span>' . $user->firstname . ' ' . $user->lastname . '</span> : <div class="messagerie_bloc_informations_date"><i class="fa fa-clock-o fa-fw"></i> ' . date(t("d-m-Y à H:i"), $m->sent_on) . '</div></div> <div class="messagerie_bloc_texte"> <div class="messagerie_bloc_texte_inside">' . $m->message . '</div> </div>' . $messagetype . '</div> <div class="clear"></div> </div>'); } $theme->process_theme(Theme::STRUCT_DEFAULT); } }
static function sms_api($data) { global $mysqli; if ($data[0] != 'SMS') { return ''; } $SMS = SmsUtils::GetSmsUtils(); if ($SMS === false) { $configObject = Config::get_instance(); $notice = UserNotices::get_instance(); $userObject = UserObject::get_instance(); $userid = 0; $username = '******'; if (isset($userObject)) { $userid = $userObject->get_user_ID(); $username = $userObject->get_username(); } $error_type = 'Notice'; $errstr = 'ROGO:SMS not correctly setup'; $errfile = 'lti_integration.php'; if (is_null($configObject->get('cfg_db_port'))) { $configObject->set('cfg_db_port', 3306); } // Query may fail if we try to insert while another statement is open. // Since we don't have a handle on the original statement, create another DB link $mysqli2 = DBUtils::get_mysqli_link($configObject->get('cfg_db_host'), $configObject->get('cfg_db_username'), $configObject->get('cfg_db_passwd'), $configObject->get('cfg_db_database'), $configObject->get('cfg_db_charset'), $notice, $configObject->get('dbclass'), $configObject->get('cfg_db_port')); $log_error = $mysqli2->prepare("INSERT INTO sys_errors VALUES(NULL, NOW(), ?, ?, ?, ?, ?, ?, NULL, ?, ?, ?, ?, ?, ?, ?)"); $log_error->bind_param('issssssssisss', $userid, $username, $error_type, $errstr, $errfile, $errline, $_SERVER['PHP_SELF'], $_SERVER['QUERY_STRING'], $_SERVER['REQUEST_METHOD'], $paperID, $post_data, $variables, $backtrace); $log_error->execute(); $log_error->close(); return ''; } else { $SMS->set_module($data[2]); return $SMS->url; } }
function LoadQuestion($q_id) { global $REPLACEMEuserIDold, $show_debug; $userObj = UserObject::get_instance(); // storage for question data $q_row = array(); $o_rows = array(); // retrieve question row from database $db = new Database(); $db->SetTable('questions'); $db->AddField('*'); $db->AddWhere('q_id', $q_id, 'i'); $q_row = $db->GetSingleRow(); // retrieve array of options from database $db = new Database(); $db->SetTable('options'); $db->AddField('*'); $db->AddWhere('o_id', $q_id, 'i'); $db->AddOrder('id_num'); $o_rows = $db->GetMultiRow(); // determine q type and create a storage class for correct type $q_type = $q_row['q_type']; $q_storage = 'ST_Question_' . $q_type; $store = new $q_storage(); $store->type = $q_type; // populate base storage fields $this->LoadQuestionBase($store, $q_row, $o_rows); // populate class specific storage fields $funcname = 'LoadQuestion' . $q_type; call_user_func(array($this, $funcname), $store, $q_row, $o_rows); // display some debug data print_p($q_row); print_p($o_rows, true, 100); // insert track changes record if ($show_debug != true) { $track = array(); $track['type'] = "QTI Export"; $track['typeID'] = $q_row['q_id']; $track['editor'] = $userObj->get_user_ID(); $track['new'] = "Exported to QTI file"; $track['part'] = "all"; $track['changed'] = date("Y-m-d H:i:s"); $db->InsertRow("track_changes", "id", $track); } // return question return $store; }
function marks_from_file($fileName, $paperID, $string, $properties, $db) { $configObject = Config::get_instance(); $configObject->get('cfg_tmpdir'); $userObject = UserObject::get_instance(); // Get properties of the paper. $session = $properties->get_calendar_year(); $paper_date = $properties->get_raw_start_date(); $moduleIDs = Paper_utils::get_modules($paperID, $db); // Get the questions on the paper. $paper = array(); $question_no = 0; $result = $db->prepare("SELECT question, sum(marks_correct) AS sum FROM papers, options WHERE paper = ? AND papers.question = options.o_id GROUP BY question ORDER BY screen, display_pos"); $result->bind_param('i', $paperID); $result->execute(); $result->bind_result($question, $marks_correct); while ($result->fetch()) { $question_no++; $paper[$question_no]['id'] = $question; $paper[$question_no]['marks_correct'] = $marks_correct; } $result->close(); // Get student data. $students = array(); $modids = implode(',', array_keys($moduleIDs)); $result = $db->prepare("SELECT users.id, student_id, username, yearofstudy, grade, title, surname, first_names FROM users, sid, modules_student WHERE users.id = sid.userID AND users.id = modules_student.userID AND idMod IN ({$modids}) AND calendar_year = ?"); $result->bind_param('s', $session); $result->execute(); $result->bind_result($id, $student_id, $username, $year, $grade, $title, $surname, $first_names); while ($result->fetch()) { $students[$student_id]['username'] = $username; $students[$student_id]['title'] = $title; $students[$student_id]['surname'] = $surname; $students[$student_id]['first_names'] = $first_names; $students[$student_id]['year'] = $year; $students[$student_id]['grade'] = $grade; $students[$student_id]['id'] = $id; } $result->close(); $lines = file($fileName); $line_written = 0; echo "<table cellspacing=\"0\" cellpadding=\"2\" border=\"0\" style=\"margin-left:10px; border-collapse:collapse\">\n"; foreach ($lines as $separate_line) { $error = ''; if ($line_written == 0 and isset($_POST['header_row']) and $_POST['header_row'] == 1) { // Write out the header line. $fields = explode(',', $separate_line); echo "<tr><th></th><th colspan=\"3\">Student Name</th>"; foreach ($fields as $field) { if (trim($field) != '') { echo "<th>{$field}</th>"; } } echo "</tr>\n"; } if (!isset($_POST['header_row']) or $_POST['header_row'] != 1 or $line_written > 0) { $fields = explode(',', $separate_line); $sid = trim($fields[0]); if (!isset($students[$sid]['username'])) { // Student is not in class List. // Look up to see if anywhere else in Authentication database. $result = $db->prepare("SELECT id, student_id, users.username, yearofstudy, grade, title, surname, first_names FROM users, sid WHERE users.id = sid.userID AND sid.student_id = ?"); $result->bind_param('s', $sid); $result->execute(); $result->store_result(); $result->bind_result($id, $student_id, $username, $year, $grade, $title, $surname, $first_names); if ($result->num_rows > 0) { $result->fetch(); $students[$student_id]['username'] = $username; $students[$student_id]['title'] = $title; $students[$student_id]['surname'] = $surname; $students[$student_id]['first_names'] = $first_names; $students[$student_id]['year'] = $year; $students[$student_id]['grade'] = $grade; $students[$student_id]['id'] = $id; } $result->close(); } if (isset($students[$sid]) and $students[$sid]['username'] != '') { // Student is in class List. $save_ok = true; $db->autocommit(false); $result = $db->prepare("SELECT id FROM log_metadata WHERE userID = ? AND paperID = ? AND started = ?"); $result->bind_param('iis', $students[$sid]['id'], $paperID, $paper_date); $result->execute(); $result->store_result(); $result->bind_result($lmd_id); if ($result->num_rows > 0) { $result->fetch(); $delete1 = $db->prepare("DELETE FROM log5 WHERE metadataID = ?"); $delete1->bind_param('i', $lmd_id); $res = $delete1->execute(); if ($res == false) { $save_ok = false; } $delete1->close(); if ($save_ok) { $delete2 = $db->prepare("DELETE FROM log_metadata WHERE id = ?"); $delete2->bind_param('i', $lmd_id); $res = $delete2->execute(); if ($res == false) { $save_ok = false; } $delete2->close(); } } $result->close(); // // did the all the save to log operations succeed? // if ($save_ok === false) { //NO - rollback $db->rollback(); $error = $string['errorsaving']; break; } else { //YES - commit the updates to the log tables $db->commit(); } $result = $db->prepare("INSERT INTO log_metadata (userID, paperID, started, ipaddress, student_grade, year, attempt) " . "VALUES (?, ?, ?, ?, ?, ?, ?)"); $ip = '127.0.0.1'; $attempt = 1; $result->bind_param('iisssii', $students[$sid]['id'], $paperID, $paper_date, $ip, $students[$sid]['grade'], $students[$sid]['year'], $attempt); $res = $result->execute(); if ($res == false) { $save_ok = false; } else { $lmd_id = $db->insert_id; } $result->close(); if ($save_ok) { echo "<tr><td><img src=\"../artwork/green_plus_16.png\" wodth=\"16\" height=\"16\" alt=\"Add\" /></td><td>" . $students[$sid]['title'] . "</td><td>" . $students[$sid]['surname'] . "</td><td>" . $students[$sid]['first_names'] . "</td><td>{$sid}</td>"; for ($q = 1; $q <= $question_no; $q++) { $result = $db->prepare("INSERT INTO log5 (q_id, mark, adjmark, totalpos, metadataID) VALUES (?, ?, ?, ?, ?)"); $mark = trim($fields[$q]); if ($mark > $paper[$q]['marks_correct']) { $save_mark = NULL; } else { $save_mark = floatval($mark); } $result->bind_param('iddii', $paper[$q]['id'], $save_mark, $save_mark, $paper[$q]['marks_correct'], $lmd_id); $res = $result->execute(); if ($res == false) { echo "<td>error</td>"; $save_ok = false; break; } else { if ($mark > $paper[$q]['marks_correct']) { echo '<td class="failed">too high</td>'; } elseif ($mark === '') { echo '<td class="failed">missing</td>'; } else { echo "<td class=\"num\">{$mark}</td>"; } } $result->close(); } echo "</tr>\n"; } // // did the all the save to log operations succeed? // if ($save_ok === false) { //NO - rollback $db->rollback(); $error = $string['errorsaving']; break; } else { //YES - commit the updates to the log tables $db->commit(); } } else { echo "<tr><td><img src=\"../artwork/red_cross_16.png\" wodth=\"16\" height=\"16\" alt=\"Failed\" /></td><td colspan=\"3\" class=\"failed\">Student not found.</td><td>{$sid}</td><td colspan=\"" . $question_no . "\" class=\"failed\"> </td></tr>"; } } $line_written++; } //if ($error != '') { // echo "<li style=\"color:C00000\">$error</li>"; //} echo "</table>\n"; //turn auto commit back on so future queries function as before $db->autocommit(true); }
public function save() { $configObject = Config::get_instance(); $userObject = UserObject::get_instance(); if ($this->summative_lock and !$userObject->has_role('SysAdmin')) { // For SysAdmin drop through to bottom if $result = $this->db->prepare("UPDATE properties SET marking = ?, pass_mark = ?, distinction_mark = ?, display_correct_answer = ?, display_students_response = ?, display_question_mark = ?, display_feedback = ?, external_review_deadline = ?, internal_review_deadline = ?, recache_marks = ? WHERE property_id = ?"); $result->bind_param('siissssssii', $this->marking, $this->pass_mark, $this->distinction_mark, $this->display_correct_answer, $this->display_students_response, $this->display_question_mark, $this->display_feedback, $this->external_review_deadline, $this->internal_review_deadline, $this->recache_marks, $this->property_id); } elseif ($configObject->get('cfg_summative_mgmt') and $this->paper_type == '2' and !$userObject->has_role(array('Admin', 'SysAdmin'))) { $result = $this->db->prepare("UPDATE properties SET paper_title = ?, paper_prologue = ?, paper_postscript = ?, bgcolor = ?, fgcolor = ?, themecolor = ?, labelcolor = ?, fullscreen = ?, marking = ?, bidirectional = ?, pass_mark = ?, distinction_mark = ?, folder = ?, rubric = ?, calculator = ?, display_correct_answer = ?, display_students_response = ?, display_question_mark = ?, display_feedback = ?, hide_if_unanswered = ?, external_review_deadline = ?, internal_review_deadline = ?, sound_demo = ?, password = ?, recache_marks = ? WHERE property_id = ?"); $result->bind_param('ssssssssssiississsssssssii', $this->paper_title, $this->paper_prologue, $this->paper_postscript, $this->bgcolor, $this->fgcolor, $this->themecolor, $this->labelcolor, $this->fullscreen, $this->marking, $this->bidirectional, $this->pass_mark, $this->distinction_mark, $this->folder, $this->rubric, $this->calculator, $this->display_correct_answer, $this->display_students_response, $this->display_question_mark, $this->display_feedback, $this->hide_if_unanswered, $this->external_review_deadline, $this->internal_review_deadline, $this->sound_demo, $this->password, $this->recache_marks, $this->property_id); } else { $result = $this->db->prepare("UPDATE properties SET paper_title = ?, paper_type = ?, start_date = ?, end_date = ?, timezone = ?, paper_prologue = ?, paper_postscript = ?, bgcolor = ?, fgcolor = ?, themecolor = ?, labelcolor = ?, fullscreen = ?, marking = ?, bidirectional = ?, pass_mark = ?, distinction_mark = ?, folder = ?, labs = ?, rubric = ?, calculator = ?, exam_duration = ?, display_correct_answer = ?, display_students_response = ?, display_question_mark = ?, display_feedback = ?, hide_if_unanswered = ?, calendar_year = ?, external_review_deadline = ?, internal_review_deadline = ?, sound_demo = ?, password = ?, recache_marks = ?, deleted = ? WHERE property_id = ?"); $result->bind_param('ssssssssssssssiisssiissssssssssisi', $this->paper_title, $this->paper_type, $this->raw_start_date, $this->raw_end_date, $this->timezone, $this->paper_prologue, $this->paper_postscript, $this->bgcolor, $this->fgcolor, $this->themecolor, $this->labelcolor, $this->fullscreen, $this->marking, $this->bidirectional, $this->pass_mark, $this->distinction_mark, $this->folder, $this->labs, $this->rubric, $this->calculator, $this->exam_duration, $this->display_correct_answer, $this->display_students_response, $this->display_question_mark, $this->display_feedback, $this->hide_if_unanswered, $this->calendar_year, $this->external_review_deadline, $this->internal_review_deadline, $this->sound_demo, $this->password, $this->recache_marks, $this->deleted, $this->property_id); } $result->execute(); $result->close(); // Record any changes $logger = new Logger($this->db); foreach ($this->changes as $change) { $logger->track_change('Paper', $this->property_id, $userObject->get_user_ID(), $change['old'], $change['new'], $change['part']); } }
function Save($params, &$data) { global $string; echo "<h4>{$string['params']}</h4>"; print_p($params); echo "<h4>{$string['generaldebuginfo']}</h4>"; global $REPLACEMEuserIDold; $userObj = UserObject::get_instance(); $userID = $userObj->get_user_ID(); $data->ownerID = $userID; $this->data =& $data; $this->params =& $params; $this->ll = array(); for ($i = 1; $i < 27; $i++) { $varletter = chr(ord('A') + $i - 1); $this->ll[$i] = $varletter; } // paper mode if (count($data->papers) > 0) { foreach ($data->papers as &$paper) { //print_p($paper); $this->output = $this->DoHeader(); $this->output .= "\t<assessment title='" . $paper->paper_title . "' ident='" . $paper->load_id . "'>\n"; if ($paper->rubric) { $this->output .= "\t\t<rubric><![CDATA[" . $paper->rubric . "]]></rubric>\n"; } foreach ($paper->screens as $id => &$screen) { $this->output .= "\t\t<section title='Screen {$id}' ident='{$id}'>\n"; foreach ($screen->question_ids as $q_id) { $question = FindQuestion($data->questions, $q_id); if ($question) { $this->OutputQuestion($question); } else { $this->AddError("Screen {$id} references questions {$q_id} which doesnt exist"); } } $this->output .= "\t\t</section>\n"; } $this->output .= "\t</assessment>\n"; $this->output .= sprintf("</questestinterop>\n"); $filename = $params->base_dir . $params->dir . "/paper-" . $paper->load_id . ".xml"; file_put_contents($filename, $this->output); //$data->files[$paper->paper_title] = $filename; $data->files[] = new ST_File("paper-" . $paper->load_id . ".xml", $paper->paper_title, $params->dir); } } else { // question mode $this->output = $this->DoHeader(); // this needs a lot more work on this function foreach ($data->questions as $question) { $this->OutputQuestion($question); } $this->output .= sprintf("</questestinterop>\n"); $filename = $params->base_dir . $params->dir . "/questions.xml"; file_put_contents($filename, $this->output); $data->files[] = new ST_File("questions.xml", "Questions", $params->dir); } echo "<h4>QTI Output</h4>"; echo "<pre>"; echo htmlentities($this->output); echo "</pre>"; }
private function load_stats($type) { $this->stats = array(); // Un-assigned papers should be limited to the owner. if ($this->idMod == 0) { $userObject = UserObject::get_instance(); $ownerSQL = 'questions_modules.idMOD IS NULL AND ownerID = ' . $userObject->get_user_ID(); } else { $ownerSQL = 'questions_modules.idMod = ' . $this->idMod; } switch ($type) { case 'all': case 'type': $sql = 'SELECT COUNT(questions.q_id), q_type' . ' FROM questions LEFT JOIN questions_modules' . ' ON questions.q_id = questions_modules.q_id' . ' WHERE ' . $ownerSQL . ' AND deleted IS NULL AND status != -1 GROUP BY q_type'; break; case 'status': $sql = 'SELECT COUNT(questions.q_id), name' . ' FROM (questions, question_statuses) LEFT JOIN questions_modules' . ' ON questions.q_id = questions_modules.q_id' . ' WHERE questions.status = question_statuses.id' . ' AND ' . $ownerSQL . ' AND deleted IS NULL GROUP BY status'; break; case 'bloom': $sql = 'SELECT COUNT(questions.q_id), bloom' . ' FROM questions LEFT JOIN questions_modules' . ' ON questions.q_id = questions_modules.q_id' . ' WHERE ' . $ownerSQL . ' AND deleted IS NULL AND status != -1 GROUP BY bloom'; break; case 'keyword': $sql = 'SELECT COUNT(questions.q_id), keywordID' . ' FROM (questions, keywords_question, keywords_user) LEFT JOIN questions_modules' . ' ON questions.q_id = questions_modules.q_id' . ' WHERE keywords_question.keywordID = keywords_user.id' . ' AND ' . $ownerSQL . ' AND questions.q_id = keywords_question.q_id' . ' AND deleted IS NULL AND status != -1 GROUP BY keywordID'; break; case 'objective': $vle_api_data = MappingUtils::get_vle_api($this->idMod, date_utils::get_current_academic_year(), $vle_api_cache, $this->db); $all_years = getYearsForModules($vle_api_data['api'], array($this->idMod => $this->module_id), $this->db); $all_years = implode("','", $all_years); $sql = "SELECT COUNT(questions.q_id), relationships.obj_id" . " FROM (questions, relationships) LEFT JOIN questions_modules" . " ON questions.q_id = questions_modules.q_id" . " WHERE questions.q_id = relationships.question_id" . " AND {$ownerSQL} " . " AND calendar_year IN ('{$all_years}')" . " AND deleted IS NULL AND status != -1 GROUP BY relationships.obj_id"; break; } $result = $this->db->prepare($sql); $result->execute(); $result->bind_result($number, $type); while ($result->fetch()) { $this->stats[$type] = $number; } $result->close(); }
} return false; } function force_login($id) { $_SESSION['user'] = $id; $user = User::getUser($id); $_SESSION['user_level'] = $user->getTheme(); ActivityLog::log('login', $user, false, array()); db_do("INSERT INTO activity_log(user_id, action, whenit) VALUES('" . $user->getID() . "', 'login', NOW())"); return $user; } require_once 'database.php'; if (isset($_SESSION['user'])) { require_once 'classes/UserObject.php'; $user = UserObject::getById($_SESSION['user']); } $_num_db_queries = 0; $_queries = array(); function raw_query($q) { global $_num_db_queries; $_num_db_queries++; global $_queries; $start = microtime(true); $res = mysql_query($q); if (mysql_error()) { echo '<pre>'; print_r(debug_backtrace()); echo '</pre>'; die(mysql_error() . ': ' . $q);
/** * This function will output a message to the user and exit php; * * @param string $title - string title to display * @param string $msg - string the message displayed on screen * @param string $reason - string the message displayed in the database * @param string $icon - name of the icon image file * @param string $title_color - color of the tile text * @param bool $output_header - if true output opening HTML tags * @param bool $output_footer - if true output closing HTML tags * */ public function display_notice_and_exit($mysqli, $title, $msg, $reason, $icon, $title_color = 'black', $output_header = true, $output_footer = true) { $userObj = UserObject::get_instance(); if (!is_null($mysqli)) { if ($userObj !== null and $userObj->get_user_ID() > 0) { $logger = new Logger($mysqli); $logger->record_access_denied($userObj->get_user_ID(), $title, $reason); // Record attempt in access denied log against userID. } else { $logger = new Logger($mysqli); $logger->record_access_denied(0, $title, $reason); // Record attempt in access denied log, userID set to zero. } } $this->display_notice($title, $msg, $icon, $title_color, $output_header, $output_footer); exit; }
<?php include_once "../include/page.php"; include_once "../include/userobject.php"; $p = new Page("shoutbox", 0); $u = new UserObject(); $p->addJs("\$(\"#accordion\").accordion({autoHeight:false, navigation:true})"); if (isset($_GET['message'])) { $p->db->qry("INSERT INTO shoutbox VALUES(default," . $u->id . ",default,\"" . $_GET['message'] . "\")"); } if (isset($_GET['shout_id'])) { $p->db->qry("SELECT shoutbox.uid as idNumber FROM shoutbox WHERE id =" . $_GET['shout_id']); while ($number = $p->db->fetchLast()) { if ($u->id == $number['idNumber'] || $u->canAccess(2)) { $p->db->qry("DELETE FROM shoutbox WHERE id =" . $_GET['shout_id']); } } } $p->db->qry("SELECT shoutbox.id as shout_id, shoutbox.uid as idNumber, users.username as username, shoutbox.time as time, shoutbox.message as message FROM users,shoutbox WHERE shoutbox.uid = users.id ORDER BY time DESC"); echo "<div id=\"accordion\">"; while ($row = $p->db->fetchLast()) { echo "<h3><a>" . $row['username'] . " " . $row['time'] . "</a></h3>\n <div>" . $row['message']; if ($u->id == $row['idNumber'] || $u->canAccess(2)) { echo "<div style=\"float: right; margin-right:4%;\"><input type=\"button\" onClick=\"grabContent('shoutbox', 'shout_id=" . $row['shout_id'] . "')\" class=\"ui-button ui-widget ui-state-default ui-corner-all\" value=\"Delete\"/></div>"; } echo "</div>"; } echo "</div>";
public function __construct(DBConnection $conn, $tableName, $configKey) { parent::__construct($conn, $tableName, $configKey); $this->recordCount = -1; $this->objectType = 'TABLE'; }
<?php include_once "../include/userobject.php"; $u = new UserObject(); $db = $u->db; header("content-type: text/xml"); echo "<?xml version=\"1.0\" ?>"; if ($u->canAccess(1) && $u->billable) { echo "<bills>\r\n\t<owing>\n"; $db->qry("SELECT username, SUM(amount) AS amount FROM users, `bills` WHERE uid = users.id AND `paid` = 0 AND `confirmed` = 0 GROUP BY username ORDER BY `uid` ASC"); while ($row = $db->fetchLast()) { echo "\t\t<entry username = \"{$row['username']}\" amount = \"\${$row['amount']}\"/>\n"; } echo "\t</owing>\r\n\t<unconfirmed>\n"; $db->qry("SELECT username, SUM(amount) AS amount FROM users, `bills` WHERE uid = users.id AND `paid` = 1 AND `confirmed` = 0 GROUP BY username ORDER BY `uid` ASC"); while ($row = $db->fetchLast()) { echo "\t\t<entry username = \"{$row['username']}\" amount = \"\${$row['amount']}\"/>\n"; } echo "\t</unconfirmed>\r\n</bills>"; } else { echo "<bills><owing></owing><unconfirmed></unconfirmed></bills>"; }
public function __construct(DBConnection $conn, $sequenceName, $configKey) { parent::__construct($conn, $sequenceName, $configKey); $this->objectType = 'SEQUENCE'; }
/** * Change the correct answer after the question has been locked. Update user marks in summative log table * @param mixed $new_correct Array of new values for fields that can be corrected * @param integer $paper_id * @param boolean $changes True if changes have been made by a previous corrector * @param integer $paper_type Integer index for type of paper * @return array[$string] Any errors encountered in the correction process */ public function execute($new_correct, $paper_id, &$changes, $paper_type) { $errors = array(); $marks_correct = $this->_question->get_marks_correct(); $marks_incorrect = $this->_question->get_marks_incorrect(); $marks_partial = $this->_question->get_marks_partial(); $tolerance_full = $this->_question->get_tolerance_full(); if ($tolerance_full != $new_correct['tolerance_full']) { $this->_question->set_tolerance_full($new_correct['tolerance_full']); $changes = true; $this->_question->add_unified_field_modification('tolerance_full', 'tolerance_full', $tolerance_full, $new_correct['tolerance_full'], $this->_lang_strings['postexamchange']); } $tolerance_partial = $this->_question->get_tolerance_partial(); if ($tolerance_partial != $new_correct['tolerance_partial']) { $this->_question->set_tolerance_partial($new_correct['tolerance_partial']); $changes = true; $this->_question->add_unified_field_modification('tolerance_partial', 'tolerance_partial', $tolerance_partial, $new_correct['tolerance_partial'], $this->_lang_strings['postexamchange']); } $answer_precision = $this->_question->get_answer_precision(); if ($answer_precision != $new_correct['answer_precision']) { $this->_question->set_answer_precision($new_correct['answer_precision']); $changes = true; $this->_question->add_unified_field_modification('answer_precision', 'answer_precision', $answer_precision, $new_correct['answer_precision'], $this->_lang_strings['postexamchange']); } $strict_zeros = $this->_question->get_strict_zeros(); // Need to be careful of how the correction code builds the values for check boxes if (isset($new_correct['strict_zeros'])) { $new_strict_zeros = is_array($new_correct['strict_zeros']) ? $new_correct['strict_zeros'][0] : $new_correct['strict_display']; } else { $new_strict_zeros = false; } if ($strict_zeros != $new_strict_zeros) { $this->_question->set_strict_zeros($new_strict_zeros); $changes = true; $this->_question->add_unified_field_modification('strict_zeros', 'strict_zeros', $strict_zeros, $new_strict_zeros, $this->_lang_strings['postexamchange']); } // Parse answers $opts = $this->_question->options; for ($i = 1; $i <= $this->_question->max_options; $i++) { if (isset($opts[$i])) { $ans = $opts[$i]->get_formula(); $units = $opts[$i]->get_units(); if ($ans != '' and $new_correct['option_formula'][$i - 1] == '') { $opts[$i]->set_formula(''); $opts[$i]->set_units(''); $changes = true; $this->_question->add_unified_field_modification('Deleted Answer ' . $i, 'Deleted Answer ' . $i, $ans . ', ' . $units, '', $this->_lang_strings['postexamchange']); } else { if ($ans != $new_correct['option_formula'][$i - 1]) { $opts[$i]->set_formula($new_correct['option_formula'][$i - 1]); $changes = true; if ($ans != '') { $this->_question->add_unified_field_modification('option_formula' . $i, 'option_formula' . $i, $ans, $new_correct['option_formula'][$i - 1], $this->_lang_strings['postexamchange']); } } if ($units != $new_correct['option_units'][$i - 1]) { $opts[$i]->set_units($new_correct['option_units'][$i - 1]); $changes = true; if ($ans != '') { $this->_question->add_unified_field_modification('option_units' . $i, 'option_units' . $i, $units, $new_correct['option_units'][$i - 1], $this->_lang_strings['postexamchange']); } } if ($ans == '') { $this->_question->add_unified_field_modification('New Answer ' . $i, 'New Answer ' . $i, '', $new_correct['option_formula'][$i - 1] . ', ' . $new_correct['option_units'][$i - 1], $this->_lang_strings['postexamchange']); } } } elseif ($new_correct['option_formula'][$i - 1] != '') { // Complete new answer $changes = true; $userObj = UserObject::get_instance(); $this->_question->options[$i] = new OptionENHANCEDCALC($this->_mysqli, $userObj->get_user_ID(), $this->_question, $i, $this->_lang_strings, array('formula' => $new_correct['option_formula'][$i - 1], 'units' => $new_correct['option_units'][$i - 1])); $this->_question->add_unified_field_modification('New Answer ' . $i, 'New Answer ' . $i, '', $new_correct['option_formula'][$i - 1] . ', ' . $new_correct['option_units'][$i - 1], $this->_lang_strings['postexamchange']); } } if ($changes) { try { if (!$this->_question->save()) { $errors[] = $this->_lang_strings['datasaveerror']; } else { enhancedcalc_remark($paper_type, $paper_id, $this->_question->id, $this->_question->get_settings(), $this->_mysqli, 'all'); } } catch (ValidationException $vex) { $errors[] = $vex->getMessage(); } if (count($errors) == 0) { $this->invalidate_paper_cache($paper_id); } } return $errors; }
public static function paper_types($idMod, $show_retired, $db) { $userObject = UserObject::get_instance(); $paper_types = array(); if ($idMod == '0') { // Unused papers. if ($show_retired) { $sql = 'SELECT DISTINCT paper_type, COUNT(properties.property_id) FROM properties LEFT JOIN properties_modules ON properties.property_id = properties_modules.property_id WHERE idMod IS NULL AND paper_ownerID = ? AND deleted IS NULL GROUP BY paper_type ORDER BY paper_type'; } else { $sql = 'SELECT DISTINCT paper_type, COUNT(properties.property_id) FROM properties LEFT JOIN properties_modules ON properties.property_id = properties_modules.property_id WHERE idMod IS NULL AND paper_ownerID = ? AND deleted IS NULL AND retired IS NULL GROUP BY paper_type ORDER BY paper_type'; } $result = $db->prepare($sql); $result->bind_param('i', $userObject->get_user_ID()); } else { if ($show_retired) { $sql = 'SELECT DISTINCT paper_type, COUNT(properties.property_id) FROM properties, properties_modules WHERE properties.property_id = properties_modules.property_id AND idMod = ? AND deleted IS NULL GROUP BY paper_type ORDER BY paper_type'; } else { $sql = 'SELECT DISTINCT paper_type, COUNT(properties.property_id) FROM properties, properties_modules WHERE properties.property_id = properties_modules.property_id AND idMod = ? AND deleted IS NULL AND retired IS NULL GROUP BY paper_type ORDER BY paper_type'; } $result = $db->prepare($sql); $result->bind_param('i', $idMod); } $result->execute(); $result->bind_result($type, $number); while ($result->fetch()) { $paper_types[$type] = $number; } $result->close(); return $paper_types; }
public function __construct(DBConnection $conn, $triggerName, $configKey) { parent::__construct($conn, $triggerName, $configKey); $this->objectType = 'TRIGGER'; }
/** * Get the details of the papers that are currently available for the current user and lab * @param array $paper_display Reference to array in which to build details of available papers * @param array $types Array of paper types to check for * @param UserObject $userObj The current user * @param mysqli $db Database reference * @param string $exclude Option ID of a paper to exclude from the check * @return integer The number of currently active papers */ public function get_active_papers(&$paper_display, $types, $userObj, $db, $exclude = '') { $type_sql = ''; foreach ($types as $type) { if ($type_sql != '') { $type_sql .= ' OR '; } $type_sql .= "paper_type='{$type}'"; } $exclude_sql = ''; if ($exclude != '') { $exclude_sql = ' AND property_id != ' . $exclude; } $paper_no = 0; $paper_query = $db->prepare("SELECT property_id, paper_type, crypt_name, paper_title, bidirectional, fullscreen, MAX(screen) AS max_screen, labs, calendar_year, password, completed FROM (papers, properties) LEFT JOIN log_metadata ON properties.property_id = log_metadata.paperID AND userID = ? WHERE papers.paper = properties.property_id AND (labs != '' OR password != '') AND ({$type_sql}) AND deleted IS NULL AND start_date < DATE_ADD(NOW(),interval 15 minute) AND end_date > NOW() {$exclude_sql} GROUP BY paper"); $paper_query->bind_param('i', $userObj->get_user_ID()); $paper_query->execute(); $paper_query->store_result(); $paper_query->bind_result($property_id, $paper_type, $crypt_name, $paper_title, $bidirectional, $fullscreen, $max_screen, $labs, $calendar_year, $password, $completed); while ($paper_query->fetch()) { if ($labs != '') { $machineOK = false; $labs = str_replace(",", " OR lab=", $labs); $lab_info = $db->query("SELECT address FROM client_identifiers WHERE address = '" . NetworkUtils::get_client_address() . "' AND (lab = {$labs})"); if ($lab_info->num_rows > 0) { $machineOK = true; } $lab_info->close(); } else { $machineOK = true; } if (strpos($userObj->get_username(), 'user') !== 0) { $moduleIDs = Paper_utils::get_modules($property_id, $db); if (count($moduleIDs) > 0) { $moduleOK = false; if ($calendar_year != '') { $cal_sql = "AND calendar_year = '" . $calendar_year . "'"; } else { $cal_sql = ''; } $module_in = implode(',', array_keys($moduleIDs)); $moduleInfo = $db->prepare("SELECT userID FROM modules_student WHERE userID = ? {$cal_sql} AND idMod IN ({$module_in})"); $moduleInfo->bind_param('i', $userObj->get_user_ID()); $moduleInfo->execute(); $moduleInfo->store_result(); $moduleInfo->bind_result($tmp_userID); $moduleInfo->fetch(); if ($moduleInfo->num_rows() > 0) { $moduleOK = true; } $moduleInfo->close(); } else { $moduleOK = true; } } else { $moduleOK = true; } if ($machineOK == true and $moduleOK == true) { $paper_display[$paper_no]['id'] = $property_id; $paper_display[$paper_no]['paper_title'] = $paper_title; $paper_display[$paper_no]['crypt_name'] = $crypt_name; $paper_display[$paper_no]['paper_type'] = $paper_type; $paper_display[$paper_no]['max_screen'] = $max_screen; $paper_display[$paper_no]['bidirectional'] = $bidirectional; $paper_display[$paper_no]['password'] = $password; $paper_display[$paper_no]['completed'] = $completed; $paper_no++; } } $paper_query->close(); return $paper_no; }
<?php include_once "../include/userobject.php"; include_once "../include/linklist.php"; $l = new LinkList($u = new UserObject()); header("content-type: text/xml"); echo "<user>\r\n\t<id>{$u->id}</id>\r\n\t<username>{$u->username}</username>\r\n\t<access>{$u->access}</access>\r\n\t<firstname>{$u->firstname}</firstname>\r\n\t<lastname>{$u->lastname}</lastname>\r\n\t<dob>{$u->dob}</dob>\r\n\t<billable>{$u->billable}</billable>\r\n\t<email>{$u->email}</email>\r\n\t<connection>"; echo $u->isLocal ? "On LAN" : "On Internet"; echo "</connection>\r\n\t<ip>{$_SERVER['REMOTE_ADDR']}</ip>\r\n\t<skin>{$u->getSkin()}</skin>\r\n</user>";
public static function page_profile($id_user = null) { $theme = new Theme(); $isMyProfil = false; if ($id_user == null) { $id_user = self::get_user_logged_id(); $isMyProfil = true; } $u = new UserObject(); $u->load($id_user); $url_avatar = $u->get_avatar(); $output = ""; $output .= "<div id=\"profil_top\">"; $output .= "<div id=\"profil_top_avatar\" class=\"avatar\" style=\"background-image:url({$url_avatar});\">"; if ($isMyProfil) { $output .= Theme::linking(Page::url("/profile/settings/avatar"), "<span id=\"profil_top_avatar_changeBG\"></span><span id=\"profil_top_avatar_changeTxt\">" . t("Modifier") . "</span>"); } $output .= "</div>"; $output .= "<div id=\"profil_top_avatar_nom\">"; if ($isMyProfil) { $output .= "<i class=\"fa fa-user fa-fw\" title=\"Mon profil\"></i>"; } $output .= $u->firstname . " " . $u->lastname; $output .= "</div>"; $output .= "</div>"; $output .= "<div class=\"page_contenu_sep\"></div>"; $output .= "<div id=\"profil_buttons\">"; $result = method_invoke_all("hook_profile_view", array($id_user)); foreach ($result as $r) { $output .= $r; } $output .= "<div class=\"clear\"></div>"; $output .= "</div>"; $theme->add_to_body($output); $theme->process_theme(Theme::STRUCT_DEFAULT); }
<?php // <SETTINGS> $netspacefile = '../../xml/netspace.xml'; // Netspace XML file $updatefile = '../../xml/nslastupdate.dat'; // File with time file was last updated $countuploads = true; //true or false. Use true if your plan counts uploads, false if not // </SETTINGS> include_once "../include/userobject.php"; $u = new UserObject(); header("content-type: text/xml"); echo "<?xml version=\"1.0\" ?>"; if (file_exists($netspacefile) & $u->canAccess(1)) { $xml = simplexml_load_file($netspacefile); //Open (local) NetSpace XML $startdate = strtotime($xml["START_DATE"]); //startdate in seconds $enddate = strtotime($xml["END_DATE"]); //enddate in seconds if ($xml->PLAN->LIMIT[0]["NAME"] == "Peak") { $ontotal = $xml->PLAN->LIMIT[0]["MEGABYTES"] / 1000; //peak total $offtotal = $xml->PLAN->LIMIT[1]["MEGABYTES"] / 1000; //offpeak total } else { if ($xml->PLAN->LIMIT[0]["NAME"] == "Off Peak") { $offtotal = $xml->PLAN->LIMIT[0]["MEGABYTES"] / 1000; //offpeak total $ontotal = $xml->PLAN->LIMIT[1]["MEGABYTES"] / 1000;
<?php include_once "../include/bandwidth.php"; include_once "../include/userobject.php"; $stats = new Bandwidth(); $u = new UserObject(); header("content-type: text/xml"); echo "<?xml version=\"1.0\" ?>"; if ($u->canAccess(1)) { echo "<bandwidth>\r\n\t<liveupload>{$stats->upload}</liveupload>\r\n\t<livedownload>{$stats->download}</livedownload>\r\n</bandwidth>"; } else { echo "<bandwidth>\r\n\t<liveupload>Unauthorised</liveupload>\r\n\t<livedownload>User</livedownload>\r\n</bandwidth>"; }
/** * Clear a user (student) from all modules for that session and attempt. * * @param integer $tmp_userID UserID of the member of student to remove * @param integer $session session year to be removed from * @param integer $attemp attempt to be removed from * @param object $db mysqli database connection * */ static function clear_student_modules_by_userID($tmp_userID, $session, $attempt, $db) { $userObject = UserObject::get_instance(); $result = $db->prepare("DELETE FROM modules_student WHERE userID = ? AND calendar_year = ? AND attempt = ?"); $result->bind_param('isi', $tmp_userID, $session, $attempt); $result->execute(); $result->close(); if ($userObject->get_user_ID() == $tmp_userID) { $userObject->load_student_modules(); // Re-cache modules if the user is the currently logged in person. } }
* * Rogō hompage. Uses ../include/options_menu.inc for the sidebar menu. * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require_once '../include/staff_student_auth.inc'; require_once '../include/errors.inc'; require_once '../include/sidebar_menu.inc'; require_once '../classes/recyclebin.class.php'; require_once '../config/index.inc'; require_once '../classes/paperutils.class.php'; require_once '../classes/folderutils.class.php'; $userObject = UserObject::get_instance(); // Redirect Students (if not also staff), External Examiners and Invigilators to their own areas. if ($userObject->has_role('Student') and !$userObject->has_role(array('Staff', 'Admin', 'SysAdmin'))) { header("location: ../students/"); exit; } elseif ($userObject->has_role('External Examiner')) { header("location: ../reviews/"); exit; } elseif ($userObject->has_role('Invigilator')) { header("location: ../invigilator/"); exit; } // If we're still here we should be staff require_once '../include/staff_auth.inc'; ?> <!DOCTYPE html>
<?php include_once "../include/userobject.php"; include_once "../include/linklist.php"; $u = new UserObject(); $u->db->qry("SELECT * FROM links"); header("content-type: text/xml"); echo "<links>"; while ($link = $u->db->fetchLast()) { if ($u->canAccess($link['reqaccess']) || $link['billoverride'] && $u->billable) { echo "\n\t<link><label>{$link['label']}</label><url>{$link['url']}</url></link>"; } } echo "\n</links>";