<?php
require_once "header.php";
$userInfo = checkLogin("instructor");
printHeader("Assignments");
printInstructorInfo();
$classId = $db->escape_string($_REQUEST['class']);
$class = $db->query("SELECT * FROM Class NATURAL JOIN Teaches WHERE classId='{$classId}' AND userId='" . $userInfo['userId'] . "'");
if ($class->num_rows == 0) {
echo "This class does not exist or you are not assigned to teach it.";
}
$classInfo = $class->fetch_array(MYSQLI_ASSOC);
echo "<h2>Assignments for " . $classInfo['className'] . " (" . $classInfo['classNum'] . ")</h2>";
if (isset($_POST['assignmentName']) && isset($_POST['points']) && $classInfo['open'] == true) {
// New assignment!
$assignmentName = $db->escape_string($_POST['assignmentName']);
$points = $db->escape_string($_POST['points']);
$db->query("INSERT INTO Assignment (classId, assignmentName, numPoints) VALUES ('{$classId}','{$assignmentName}','{$points}')");
echo "<p class='notice'>The assignment has been added.</p>";
} else {
if (isset($_GET['remove']) && $classInfo['open'] == true) {
$name = $db->escape_string($_GET['remove']);
$db->query("DELETE FROM Assignment WHERE classId='{$classId}' AND assignmentName='{$name}'");
$db->query("DELETE FROM AssignmentGrade WHERE classId='{$classId}' AND assignmentName='{$name}'");
echo "<p class='notice'>The assignment has been removed.</p>";
} else {
if (isset($_POST['oldName'])) {
$oldName = $db->escape_string($_POST['oldName']);
$newName = $db->escape_string($_POST['newName']);
$points = $db->escape_string($_POST['points']);
$db->query("UPDATE Assignment SET assignmentName='" . $newName . "', numPoints='" . $points . "' WHERE assignmentName='" . $oldName . "' AND classId='" . $classId . "'");
<?php
require_once "header.php";
$userInfo = checkLogin("instructor");
printHeader("Assignment Grades");
$userId = printInstructorInfo();
$classId = $db->escape_string($_REQUEST['class']);
$class = $db->query("SELECT * FROM Class NATURAL JOIN Teaches WHERE classId='{$classId}' AND userId='" . $userInfo['userId'] . "'");
if ($class->num_rows == 0) {
echo "This class does not exist or you are not assigned to teach it.";
die;
}
$classInfo = $class->fetch_array(MYSQLI_ASSOC);
$assignmentName = $db->escape_string($_REQUEST['assignment']);
$assignment = $db->query("SELECT * FROM Assignment WHERE classId='{$classId}' AND assignmentName='{$assignmentName}'");
if ($assignment->num_rows == 0) {
echo "This assignment does not exist.";
die;
}
$assignmentInfo = $assignment->fetch_array(MYSQLI_ASSOC);
echo "<h2>Grades for " . $assignmentInfo['assignmentName'] . "</h2>";
if (isset($_POST['editpoints']) && $classInfo['open'] == true) {
$student = $db->escape_string($_POST['student']);
$points = $db->escape_string($_POST['editpoints']);
$db->query("UPDATE AssignmentGrade SET points='{$points}' WHERE studentId='{$student}' AND assignmentName='{$assignmentName}'");
} else {
if (isset($_POST['student']) && $classInfo['open'] == true) {
$student = $db->escape_string($_POST['student']);
$points = $db->escape_string($_POST['points']);
$db->query("INSERT INTO AssignmentGrade (classId, studentId, assignmentName, points) VALUES ('{$classId}','{$student}','{$assignmentName}','{$points}')");
echo "<p class='notice'>Grade added.</p>";
