protected function get() { header("Content-Type: application/javascript"); $clef = filter_input(INPUT_GET, 'clef', FILTER_DEFAULT); if (Exam::isValidClef($clef)) { http_response_code(200); } else { http_response_code(400); } }
public function getEvaluatedScore() { if (!$this->present) { return 1; } $clef = $this->exam->getClef(); $maxScore = $this->exam->getMaxScore(); $score = $this->score; $result = -1; if (Exam::isValidClef($clef)) { $clef = preg_replace('/e(?!x)/', '$score', $clef); $clef = preg_replace('/m/', '$maxScore', $clef); $success = eval('$result = ' . $clef . ';'); if ($success === false && error_get_last()) { return -1; } return round($result, 2); } return -1; }
protected function edit() { if (preg_match("@^.*/edit-note@", $_SERVER['REQUEST_URI'])) { $note = filter_input(INPUT_POST, 'note', FILTER_DEFAULT); $id = filter_input(INPUT_POST, 'id', FILTER_VALIDATE_INT); $this->mysqlAdapter->updateExamNote($id, $note); $this->index(); } else { if (preg_match("@^.*/edit-score@", $_SERVER['REQUEST_URI'])) { $scoreId = filter_input(INPUT_POST, 'scoreId', FILTER_VALIDATE_INT); $studentId = filter_input(INPUT_POST, 'studentId', FILTER_VALIDATE_INT); $present = filter_input(INPUT_POST, 'present', FILTER_VALIDATE_BOOLEAN); if (!$present) { $present = false; } $score = filter_input(INPUT_POST, 'score', FILTER_VALIDATE_FLOAT); $this->mysqlAdapter->updateScore($scoreId, $studentId, $present, $score); $examId = $this->mysqlAdapter->getExamIdOfScore($scoreId); $this->showExam($examId); } else { $id = filter_input(INPUT_POST, 'examId', FILTER_VALIDATE_INT); $subject = filter_input(INPUT_POST, 'subject', FILTER_VALIDATE_INT); $schoolClass = filter_input(INPUT_POST, 'schoolClass', FILTER_VALIDATE_INT); $clef = filter_input(INPUT_POST, 'clef', FILTER_DEFAULT); if (!Exam::isValidClef($clef)) { throw new Exception('manipulation'); } $date = filter_input(INPUT_POST, 'date', FILTER_DEFAULT); if (!$date) { throw new Exception('manipulation'); } $maxScore = filter_input(INPUT_POST, 'maxScore', FILTER_VALIDATE_FLOAT); $this->mysqlAdapter->editExam($id, $subject, $schoolClass, $clef, $date, $maxScore, $note = NULL); $this->index(); } } }