public function executeSubmitExam(sfWebRequest $request) { if ($request->isMethod(sfRequest::POST) && $request->hasParameter('security') && $request->hasParameter('year') && $request->hasParameter('descr')) { $files = $request->getFiles(); $file = $files['file']; $descr = $request->getParameter('descr'); if (isset($file) && strtoupper(substr($file['name'], -3, 3)) == 'PDF' && !helperFunctions::isMaliciousString($descr)) { if ($request->getParameter("security") != $_SESSION['securityImage']) { echo "<input type='text' id='status' value='Security'/>"; exit; } $year = $request->getParameter("year") . $request->getParameter("term"); // make directories if not exist if (!is_dir("exams/custom")) { if (!mkdir("exams/custom")) { echo "<input type='text' id='status' value='Moving'/>"; exit; } } $tgt_path = "exams/custom/" . $year; if (!is_dir($tgt_path)) { if (!mkdir($tgt_path)) { echo "<input type='text' id='status' value='Moving'/>"; exit; } } $fileName = time() . ".pdf"; if (move_uploaded_file($file['tmp_name'], $tgt_path . "/" . $fileName)) { // register in db $conn = Propel::getConnection(); $exam = new Exam(); $exam->setCourseId($request->getParameter("course")); $exam->setFilePath($tgt_path . "/" . $fileName); $exam->setYear($year); $exam->setType($request->getParameter("type")); $exam->setDescr($descr); $exam->save($conn); // send notification email $ip = $_SERVER['REMOTE_ADDR']; $msg = "Submitted by " . $ip . " [id=" . $exam->getId() . "]"; helperFunctions::sendEmailNotice("Exam Submission", $msg); echo "<input type='text' id='status' value='Success'/>"; } else { echo "<input type='text' id='status' value='Moving'/>"; } } else { echo "<input type='text' id='status' value='PDF'/>"; } } exit; }
/** * Handles what happens when user moves to URL/ */ public function addSchedule() { if (isset($_POST['selectExamType']) and isset($_POST['selectSemester'])) { $schedule_model = $this->loadModel('Schedule'); $exam = new Exam(); $exam->setExamType($_POST['selectExamType']); $exam->setLocation($_POST['textLocation']); $exam->setDate($_POST['textDate']); $exam->setTime($_POST['textTime']); $exam->setSemester($_POST['selectSemester']); $exam->setYear($_POST['selectYear']); $schedule_model->createExam($exam); } header('location: ' . URL . 'schedule/index'); }
/** * Start browsing the directory and register files * * @return Exception code = 400 if directory non-existent * An array containing list of non-imported files if successful */ public function doImport() { if (!file_exists($this->_dir)) { throw new Exception("directory non-existent", 400); } $errArr = array(); $handler = opendir($this->_dir); // TODO: does not do recrusive listing, do we need that? while (false !== ($file = readdir($handler))) { if ($file != '.' && $file != '..') { $err = false; $pos = strrpos($file, '.'); $fileName = strtoupper(substr($file, 0, $pos)); $token = strtok($fileName, '_'); $counter = 0; while (false !== $token) { switch ($counter) { case 0: if (strlen($token) != 7) { $err = true; } $rawCourseCode = $token; break; case 1: if ($token != substr($this->_year, 0, 4)) { $err = true; } break; case 2: if ($token != "EXAM") { if (substr($token, 0, 5) == "EXAM(") { // name could have the following syntax: AER205S_2009_EXAM(2).pdf $count = strtok($token, '('); $count = strtok('('); $count = strtok($count, ')'); if ($count === false || !is_numeric($count)) { $err = true; } } else { $err = true; } } break; } $token = strtok("_"); $counter++; } if ($counter != 3 || $err) { $err = true; } else { // assume course code is 7 chars in length with the last char being either S, F or Y $part1 = substr($rawCourseCode, 0, 6); //e.g. AER205 $part2 = substr($rawCourseCode, 6, 1); //e.g. F switch ($part2) { case "F": case "S": $courseCode = $part1 . "H1"; $descr = $part1 . " " . $this->_year . " Official Exam" . (isset($count) ? ' (' . $count . ')' : ''); break; case "Y": $courseCode = $part1 . "Y1"; $descr = $part1 . " " . $this->_year . " Official Exam" . (isset($count) ? ' (' . $count . ')' : ''); break; default: $err = true; break; } if (!$err) { $conn = Propel::getConnection(); // check if we have exam of this descr already $examArr = ExamPeer::getExamsForYearAndCourseId($courseCode, $this->_year, $conn); foreach ($examArr as $ex) { if ($ex->getType() == EnumItemPeer::EXAM && $ex->getDescr() == $descr) { $err = true; break; } } if (!$err) { // first check if course exists $course = CoursePeer::retrieveByPK($courseCode, $conn); if (!isset($course)) { $course = new Course(); //$course->setDeptId(substr($courseCode, 0, 3)); $course->setDescr($courseCode); $course->setIsEng(1); $course->setId($courseCode); $dept = DepartmentPeer::retrieveByPK(substr($courseCode, 0, 3), $conn); if (!isset($dept)) { $dept = new Department(); $dept->setId(substr($courseCode, 0, 3)); $dept->setDescr(substr($courseCode, 0, 3)); $dept->save($conn); } $course->setDepartment($dept); $course->save($conn); } // register exam $exam = new Exam(); $exam->setType(EnumItemPeer::EXAM); $exam->setDescr($descr); $exam->setCourseId($courseCode); $exam->setFilePath($this->_dir . $file); $exam->setYear($this->_year); $exam->save(); } } } if ($err) { $errArr[] = $file; } } } closedir($handler); return $errArr; }
/** * Take the exam submission request and save it into database * @param sfWebRequest $request */ public function executeSubmitExam(sfWebRequest $request) { //TODO: set up uniform display name for each exam/test uploaded so things don't get messy. //i.e. instead of letting the user choose the display name, we'll appropriate it //requested by David set_time_limit(0); if ($request->isMethod(sfRequest::POST) && $request->hasParameter('security') && $request->hasParameter('year') && $request->hasParameter('descr')) { $files = $request->getFiles(); $file = $files['file']; $descr = $request->getParameter('descr'); if (isset($file) && strtoupper(substr($file['name'], -3, 3)) == 'PDF' && !helperFunctions::isMaliciousString($descr)) { if ($request->getParameter("security") != $_SESSION['securityImage']) { echo "<input type='text' id='status' value='Security'/>"; return sfView::NONE; } $year = $request->getParameter("year") . $request->getParameter("term"); // make directories if not exist if (!is_dir("exams/custom")) { if (!mkdir("exams/custom")) { echo "<input type='text' id='status' value='Moving'/>"; return sfView::NONE; } } $tgt_path = "exams/custom/" . $year; if (!is_dir($tgt_path)) { if (!mkdir($tgt_path)) { echo "<input type='text' id='status' value='Moving'/>"; return sfView::NONE; } } // unique filename $courseId = $request->getParameter("course"); $examType = $request->getParameter("type"); $examTypeAbbr = HelperFunctions::getExamTypeAbbr($examType); $fileName = substr($courseId, 0, 6) . '_' . substr($year, 0, 4) . '_' . $examTypeAbbr . '_' . time() . ".pdf"; if (move_uploaded_file($file['tmp_name'], $tgt_path . "/" . $fileName)) { try { // register in db $conn = Propel::getConnection(); $exam = new Exam(); $exam->setCourseId($courseId); $exam->setFilePath($tgt_path . "/" . $fileName); $exam->setYear($year); $exam->setType($examType); $exam->setDescr($descr); $exam->save($conn); // send notification email $ip = $_SERVER['REMOTE_ADDR']; $msg = "A new exam on [title=" . $exam->getDescr() . "; course=" . $exam->getCourseId() . "; year=" . $exam->getYear() . "; id=" . $exam->getId() . "] has been submitted by " . $ip . " on " . date('Y-m-d H:i:s') . "."; helperFunctions::sendEmailNotice("Exam Submission", $msg); echo "<input type='text' id='status' value='Success'/>"; } catch (Exception $e) { echo "<input type='text' id='status' value='Saving'/>"; // send error email helperFunctions::sendEmailNotice("Exam Submission Error", $e->getMessage()); } } else { echo "<input type='text' id='status' value='Moving'/>"; } } else { echo "<input type='text' id='status' value='PDF'/>"; } return sfView::NONE; } else { $this->forward404(); } }