/** * Setter for a exam (create) * @param Exam $exam exam json string * @return bool feedback (was the exam created properly ?) */ public function createExam($exam) { $sql = "INSERT INTO exam_schedule (exam_type, location, date, time, semester, year)"; $sql .= " VALUES (:exam_type, :location, :date, :time, :semester, :year)"; $query = $this->db->prepare($sql); $query->execute(array(':exam_type' => $exam->getExamType(), ':location' => $exam->getLocation(), ':date' => $exam->getDate(), ':time' => $exam->getTime(), ':semester' => $exam->getSemseter(), ':year' => $exam->getYear())); $count = $query->rowCount(); if ($count == 1) { return true; } else { $_SESSION["feedback_negative"][] = FEEDBACK_SCHEDULE_CREATION_FAILED; } // default return return false; }
/** * Take the exam submission request and save it into database * @param sfWebRequest $request */ public function executeSubmitExam(sfWebRequest $request) { //TODO: set up uniform display name for each exam/test uploaded so things don't get messy. //i.e. instead of letting the user choose the display name, we'll appropriate it //requested by David set_time_limit(0); if ($request->isMethod(sfRequest::POST) && $request->hasParameter('security') && $request->hasParameter('year') && $request->hasParameter('descr')) { $files = $request->getFiles(); $file = $files['file']; $descr = $request->getParameter('descr'); if (isset($file) && strtoupper(substr($file['name'], -3, 3)) == 'PDF' && !helperFunctions::isMaliciousString($descr)) { if ($request->getParameter("security") != $_SESSION['securityImage']) { echo "<input type='text' id='status' value='Security'/>"; return sfView::NONE; } $year = $request->getParameter("year") . $request->getParameter("term"); // make directories if not exist if (!is_dir("exams/custom")) { if (!mkdir("exams/custom")) { echo "<input type='text' id='status' value='Moving'/>"; return sfView::NONE; } } $tgt_path = "exams/custom/" . $year; if (!is_dir($tgt_path)) { if (!mkdir($tgt_path)) { echo "<input type='text' id='status' value='Moving'/>"; return sfView::NONE; } } // unique filename $courseId = $request->getParameter("course"); $examType = $request->getParameter("type"); $examTypeAbbr = HelperFunctions::getExamTypeAbbr($examType); $fileName = substr($courseId, 0, 6) . '_' . substr($year, 0, 4) . '_' . $examTypeAbbr . '_' . time() . ".pdf"; if (move_uploaded_file($file['tmp_name'], $tgt_path . "/" . $fileName)) { try { // register in db $conn = Propel::getConnection(); $exam = new Exam(); $exam->setCourseId($courseId); $exam->setFilePath($tgt_path . "/" . $fileName); $exam->setYear($year); $exam->setType($examType); $exam->setDescr($descr); $exam->save($conn); // send notification email $ip = $_SERVER['REMOTE_ADDR']; $msg = "A new exam on [title=" . $exam->getDescr() . "; course=" . $exam->getCourseId() . "; year=" . $exam->getYear() . "; id=" . $exam->getId() . "] has been submitted by " . $ip . " on " . date('Y-m-d H:i:s') . "."; helperFunctions::sendEmailNotice("Exam Submission", $msg); echo "<input type='text' id='status' value='Success'/>"; } catch (Exception $e) { echo "<input type='text' id='status' value='Saving'/>"; // send error email helperFunctions::sendEmailNotice("Exam Submission Error", $e->getMessage()); } } else { echo "<input type='text' id='status' value='Moving'/>"; } } else { echo "<input type='text' id='status' value='PDF'/>"; } return sfView::NONE; } else { $this->forward404(); } }