function db_select_exception($query)
{
$rows = array();
$result = db_query_exception($query);
while ($row = mysqli_fetch_assoc($result)) {
$rows[] = $row;
}
return $rows;
}
function modifyTag($tagid, $name)
{
$ucname = ucwords($name);
$query = "UPDATE TTAGS SET `Name` = '{$ucname}' WHERE `Tag ID` = {$tagid};";
try {
db_query_exception($query);
succeedRequest("Tag succesfully updated", []);
} catch (Exception $ex) {
failRequest("There was a problem modifying the tag." . $ex->getMessage());
}
}
function removeFromGroup($studentid, $groupid)
{
$query = "UPDATE `TUSERGROUPS` SET `Archived`= 1 WHERE `User ID` = {$studentid} AND `Group ID` = {$groupid};";
try {
db_begin_transaction();
db_query_exception($query);
db_commit_transaction();
} catch (Exception $ex) {
db_rollback_transaction();
failRequest($ex->getMessage());
}
succeedRequest();
}
function updateRelatedCompletedQuestions($vid, $delete)
{
if ($delete) {
$deleteVal = "1";
} else {
$deleteVal = "0";
}
$cqids = findRelatedCompletedQuestions($vid);
if (count($cqids) > 0) {
$query = "UPDATE TCOMPLETEDQUESTIONS SET `Deleted` = {$deleteVal} " . "WHERE `Completed Question ID` IN (";
foreach ($cqids as $key => $cqid) {
if ($key !== count($cqids) - 1) {
$query .= $cqid["CQID"] . ", ";
} else {
$query .= $cqid["CQID"] . ");";
}
}
db_query_exception($query);
}
}
function incrementFailedLogins($userid, $attempts)
{
$query = "UPDATE TUSERS SET `Login Attempts` = {$attempts} WHERE `User ID` = {$userid}";
try {
db_query_exception($query);
$msg = "Failed logins for user {$userid} have been incremented.";
infoLog($msg);
} catch (Exception $ex) {
$msg = "There was an error while incrementing the failed logins for the user {$userid}";
error_log($msg);
returnToPageError($ex->getMessage(), null);
}
}
db_rollback_transaction();
$message = "There was a problem adding a tag to the worksheet, please try again.";
returnToPageError($message, $ex);
}
$tagId = $newtagid[1];
} else {
if ($type !== "CURRENT" && $type !== "NULL") {
db_rollback_transaction();
$message = "There was an error creating the tags for the worksheet, please try again.";
returnToPageError($message);
}
}
if ($type !== "NULL" && $tagId !== "") {
$query5 = "INSERT INTO TQUESTIONTAGS (`Tag ID`, `Stored Question ID`) VALUES ({$tagId}, {$sqid});";
try {
db_query_exception($query5);
} catch (Exception $ex) {
db_rollback_transaction();
$message = "There was a problem adding a tag to the worksheet, please try again.";
returnToPageErrorException($message, $ex);
}
}
}
}
db_commit_transaction();
$message = "Worksheet ({$wname}) added successfully.";
returnToPageSuccess($message, $vid);
} else {
$message = "Something went wrong adding the worksheet, please try again.";
returnToPageError($message);
}
exit;
}
if ($code === $resetCode && strtotime($resetTime) + 15 * 60 > time()) {
//Check the password
if (strlen($pwd) != 128) {
// The hashed pwd should be 128 characters long.
// If it's not, something really odd has happened
$message = "Invalid password configuration.";
returnToPageError($message);
}
$random_salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
// Create salted password
$pwd = hash('sha512', $pwd . $random_salt);
$query = "UPDATE TUSERS SET `Password` = '{$pwd}', `Salt` = '{$random_salt}', `Reset Code` = NULL, `Reset Time` = NULL WHERE `User ID` = {$userid};";
try {
$result = db_query_exception($query);
} catch (Exception $ex) {
if ($ex->getMessage() !== null) {
$desc = $ex->getMessage();
$desc .= " Please refresh and try again.";
} else {
$desc = "Something went wrong while resetting your password. Please refresh and try again.";
}
returnToPageError($desc);
}
$type = "SUCCESS";
$message = "Password successfully reset. Please log back in with your new password.";
$_SESSION['message'] = new Message($type, $message);
infoLog($message);
header("Location: ../login.php?email={$email}");
exit;
function updateTag($string, $nberror)
{
$array = explode(':', $string);
$qid = $array[0];
$tagid = $array[1];
$type = $array[2];
if ($type == 'NEW') {
//Add a brand new tag
//Check if the tag is actually new or not, if not then just add the question
try {
try {
$query1 = "SELECT `Tag ID` FROM TTAGS WHERE `Name` = '{$tagid}'";
$newtagid = db_select_single_exception($query1, "Tag ID");
} catch (Exception $ex) {
if ($ex->getCode() === 199) {
$now = date("Y-m-d H:i:s", time());
$query = "INSERT INTO `TTAGS`(`Name`, `Date Added`) VALUES ('{$tagid}','{$now}');";
$resultArray = db_insert_query_exception($query);
$newtagid = $resultArray[1];
} else {
$nberror[] = "There was a problem adding the tag '{$tagid}'.";
return $nberror;
}
}
$query = "INSERT INTO `TQUESTIONTAGS` (`Tag ID`, `Stored Question ID`) VALUES ({$newtagid}, {$qid});";
db_query_exception($query);
} catch (Exception $ex) {
$nberror[] = "There was a problem adding the tag '{$tagid}'.";
return $nberror;
}
} else {
if ($type == 'ADD') {
//Add a new tag for the question
$query = "INSERT INTO `TQUESTIONTAGS` (`Tag ID`, `Stored Question ID`) VALUES ({$tagid}, {$qid});";
try {
db_query_exception($query);
} catch (Exception $ex) {
$nberror[] = "There was a problem adding a tag for an unknown question.";
return $nberror;
}
} else {
if ($type == 'DELETE') {
//Delete a tag
$query = "DELETE FROM `TQUESTIONTAGS` WHERE `Tag ID` = {$tagid} AND `Stored Question ID` = {$qid}";
try {
db_query_exception($query);
} catch (Exception $ex) {
$nberror[] = "There was a problem deleting a tag.";
return $nberror;
}
} else {
$nberror[] = "There was a problem saving a tag.";
return $nberror;
}
}
}
return $nberror;
}
function deleteGroupWorksheet($gwid)
{
$query = "UPDATE TGROUPWORKSHEETS SET `Deleted` = 1 WHERE `Group Worksheet ID` = {$gwid}";
try {
db_query_exception($query);
} catch (Exception $ex) {
failRequest($ex->getMessage());
}
$result = array("success" => TRUE);
echo json_encode($result);
}
$message .= seriousError($desc);
returnToPageError($message, $userid);
}
}
if (isset($fname, $sname, $email)) {
$query1 = "UPDATE TUSERS SET `First Name` = '{$fname}', `Surname` = '{$sname}', `Username` = '{$email}', `Email` = '{$email}' WHERE `User ID` = {$userid};";
if ($role === 'STUDENT') {
//Student user
$query2 = "UPDATE TSTUDENTS SET `Preferred Name` = '{$prefname}', `DOB` = '{$dob}' WHERE `User ID` = {$userid};";
} else {
//Staff user
$query2 = "UPDATE TSTAFF SET `Title` = '{$title}', `Initials` = '{$initials}', `Classroom` = '{$classroom}', `Phone Number` = '{$number}' WHERE `User ID` = {$userid};";
}
try {
$result1 = db_query_exception($query1);
$result2 = db_query_exception($query2);
} catch (Exception $ex) {
if ($ex->getMessage() !== null) {
$desc = $ex->getMessage();
} else {
$desc = "Something went wrong while saving the users details.";
}
$message .= seriousError($desc);
returnToPageError($message, $userid);
}
} else {
//Not enough info to proceed
$message .= "You have not entered all of the required fields.";
returnToPageError($message, $userid);
}
$message = "User '{$fname} {$sname}' successfully updated.";