/** * Take the exam submission request and save it into database * @param sfWebRequest $request */ public function executeSubmitExam(sfWebRequest $request) { //TODO: set up uniform display name for each exam/test uploaded so things don't get messy. //i.e. instead of letting the user choose the display name, we'll appropriate it //requested by David set_time_limit(0); if ($request->isMethod(sfRequest::POST) && $request->hasParameter('security') && $request->hasParameter('year') && $request->hasParameter('descr')) { $files = $request->getFiles(); $file = $files['file']; $descr = $request->getParameter('descr'); if (isset($file) && strtoupper(substr($file['name'], -3, 3)) == 'PDF' && !helperFunctions::isMaliciousString($descr)) { if ($request->getParameter("security") != $_SESSION['securityImage']) { echo "<input type='text' id='status' value='Security'/>"; return sfView::NONE; } $year = $request->getParameter("year") . $request->getParameter("term"); // make directories if not exist if (!is_dir("exams/custom")) { if (!mkdir("exams/custom")) { echo "<input type='text' id='status' value='Moving'/>"; return sfView::NONE; } } $tgt_path = "exams/custom/" . $year; if (!is_dir($tgt_path)) { if (!mkdir($tgt_path)) { echo "<input type='text' id='status' value='Moving'/>"; return sfView::NONE; } } // unique filename $courseId = $request->getParameter("course"); $examType = $request->getParameter("type"); $examTypeAbbr = HelperFunctions::getExamTypeAbbr($examType); $fileName = substr($courseId, 0, 6) . '_' . substr($year, 0, 4) . '_' . $examTypeAbbr . '_' . time() . ".pdf"; if (move_uploaded_file($file['tmp_name'], $tgt_path . "/" . $fileName)) { try { // register in db $conn = Propel::getConnection(); $exam = new Exam(); $exam->setCourseId($courseId); $exam->setFilePath($tgt_path . "/" . $fileName); $exam->setYear($year); $exam->setType($examType); $exam->setDescr($descr); $exam->save($conn); // send notification email $ip = $_SERVER['REMOTE_ADDR']; $msg = "A new exam on [title=" . $exam->getDescr() . "; course=" . $exam->getCourseId() . "; year=" . $exam->getYear() . "; id=" . $exam->getId() . "] has been submitted by " . $ip . " on " . date('Y-m-d H:i:s') . "."; helperFunctions::sendEmailNotice("Exam Submission", $msg); echo "<input type='text' id='status' value='Success'/>"; } catch (Exception $e) { echo "<input type='text' id='status' value='Saving'/>"; // send error email helperFunctions::sendEmailNotice("Exam Submission Error", $e->getMessage()); } } else { echo "<input type='text' id='status' value='Moving'/>"; } } else { echo "<input type='text' id='status' value='PDF'/>"; } return sfView::NONE; } else { $this->forward404(); } }