public function executeSubmitExam(sfWebRequest $request)
{
if ($request->isMethod(sfRequest::POST) && $request->hasParameter('security') && $request->hasParameter('year') && $request->hasParameter('descr')) {
$files = $request->getFiles();
$file = $files['file'];
$descr = $request->getParameter('descr');
if (isset($file) && strtoupper(substr($file['name'], -3, 3)) == 'PDF' && !helperFunctions::isMaliciousString($descr)) {
if ($request->getParameter("security") != $_SESSION['securityImage']) {
echo "<input type='text' id='status' value='Security'/>";
exit;
}
$year = $request->getParameter("year") . $request->getParameter("term");
// make directories if not exist
if (!is_dir("exams/custom")) {
if (!mkdir("exams/custom")) {
echo "<input type='text' id='status' value='Moving'/>";
exit;
}
}
$tgt_path = "exams/custom/" . $year;
if (!is_dir($tgt_path)) {
if (!mkdir($tgt_path)) {
echo "<input type='text' id='status' value='Moving'/>";
exit;
}
}
$fileName = time() . ".pdf";
if (move_uploaded_file($file['tmp_name'], $tgt_path . "/" . $fileName)) {
// register in db
$conn = Propel::getConnection();
$exam = new Exam();
$exam->setCourseId($request->getParameter("course"));
$exam->setFilePath($tgt_path . "/" . $fileName);
$exam->setYear($year);
$exam->setType($request->getParameter("type"));
$exam->setDescr($descr);
$exam->save($conn);
// send notification email
$ip = $_SERVER['REMOTE_ADDR'];
$msg = "Submitted by " . $ip . " [id=" . $exam->getId() . "]";
helperFunctions::sendEmailNotice("Exam Submission", $msg);
echo "<input type='text' id='status' value='Success'/>";
} else {
echo "<input type='text' id='status' value='Moving'/>";
}
} else {
echo "<input type='text' id='status' value='PDF'/>";
}
}
exit;
}
/**
* Start browsing the directory and register files
*
* @return Exception code = 400 if directory non-existent
* An array containing list of non-imported files if successful
*/
public function doImport()
{
if (!file_exists($this->_dir)) {
throw new Exception("directory non-existent", 400);
}
$errArr = array();
$handler = opendir($this->_dir);
// TODO: does not do recrusive listing, do we need that?
while (false !== ($file = readdir($handler))) {
if ($file != '.' && $file != '..') {
$err = false;
$pos = strrpos($file, '.');
$fileName = strtoupper(substr($file, 0, $pos));
$token = strtok($fileName, '_');
$counter = 0;
while (false !== $token) {
switch ($counter) {
case 0:
if (strlen($token) != 7) {
$err = true;
}
$rawCourseCode = $token;
break;
case 1:
if ($token != substr($this->_year, 0, 4)) {
$err = true;
}
break;
case 2:
if ($token != "EXAM") {
if (substr($token, 0, 5) == "EXAM(") {
// name could have the following syntax: AER205S_2009_EXAM(2).pdf
$count = strtok($token, '(');
$count = strtok('(');
$count = strtok($count, ')');
if ($count === false || !is_numeric($count)) {
$err = true;
}
} else {
$err = true;
}
}
break;
}
$token = strtok("_");
$counter++;
}
if ($counter != 3 || $err) {
$err = true;
} else {
// assume course code is 7 chars in length with the last char being either S, F or Y
$part1 = substr($rawCourseCode, 0, 6);
//e.g. AER205
$part2 = substr($rawCourseCode, 6, 1);
//e.g. F
switch ($part2) {
case "F":
case "S":
$courseCode = $part1 . "H1";
$descr = $part1 . " " . $this->_year . " Official Exam" . (isset($count) ? ' (' . $count . ')' : '');
break;
case "Y":
$courseCode = $part1 . "Y1";
$descr = $part1 . " " . $this->_year . " Official Exam" . (isset($count) ? ' (' . $count . ')' : '');
break;
default:
$err = true;
break;
}
if (!$err) {
$conn = Propel::getConnection();
// check if we have exam of this descr already
$examArr = ExamPeer::getExamsForYearAndCourseId($courseCode, $this->_year, $conn);
foreach ($examArr as $ex) {
if ($ex->getType() == EnumItemPeer::EXAM && $ex->getDescr() == $descr) {
$err = true;
break;
}
}
if (!$err) {
// first check if course exists
$course = CoursePeer::retrieveByPK($courseCode, $conn);
if (!isset($course)) {
$course = new Course();
//$course->setDeptId(substr($courseCode, 0, 3));
$course->setDescr($courseCode);
$course->setIsEng(1);
$course->setId($courseCode);
$dept = DepartmentPeer::retrieveByPK(substr($courseCode, 0, 3), $conn);
if (!isset($dept)) {
$dept = new Department();
$dept->setId(substr($courseCode, 0, 3));
$dept->setDescr(substr($courseCode, 0, 3));
$dept->save($conn);
}
$course->setDepartment($dept);
$course->save($conn);
}
// register exam
$exam = new Exam();
$exam->setType(EnumItemPeer::EXAM);
$exam->setDescr($descr);
$exam->setCourseId($courseCode);
$exam->setFilePath($this->_dir . $file);
$exam->setYear($this->_year);
$exam->save();
}
}
}
if ($err) {
$errArr[] = $file;
}
}
}
closedir($handler);
return $errArr;
}
/**
* Take the exam submission request and save it into database
* @param sfWebRequest $request
*/
public function executeSubmitExam(sfWebRequest $request)
{
//TODO: set up uniform display name for each exam/test uploaded so things don't get messy.
//i.e. instead of letting the user choose the display name, we'll appropriate it
//requested by David
set_time_limit(0);
if ($request->isMethod(sfRequest::POST) && $request->hasParameter('security') && $request->hasParameter('year') && $request->hasParameter('descr')) {
$files = $request->getFiles();
$file = $files['file'];
$descr = $request->getParameter('descr');
if (isset($file) && strtoupper(substr($file['name'], -3, 3)) == 'PDF' && !helperFunctions::isMaliciousString($descr)) {
if ($request->getParameter("security") != $_SESSION['securityImage']) {
echo "<input type='text' id='status' value='Security'/>";
return sfView::NONE;
}
$year = $request->getParameter("year") . $request->getParameter("term");
// make directories if not exist
if (!is_dir("exams/custom")) {
if (!mkdir("exams/custom")) {
echo "<input type='text' id='status' value='Moving'/>";
return sfView::NONE;
}
}
$tgt_path = "exams/custom/" . $year;
if (!is_dir($tgt_path)) {
if (!mkdir($tgt_path)) {
echo "<input type='text' id='status' value='Moving'/>";
return sfView::NONE;
}
}
// unique filename
$courseId = $request->getParameter("course");
$examType = $request->getParameter("type");
$examTypeAbbr = HelperFunctions::getExamTypeAbbr($examType);
$fileName = substr($courseId, 0, 6) . '_' . substr($year, 0, 4) . '_' . $examTypeAbbr . '_' . time() . ".pdf";
if (move_uploaded_file($file['tmp_name'], $tgt_path . "/" . $fileName)) {
try {
// register in db
$conn = Propel::getConnection();
$exam = new Exam();
$exam->setCourseId($courseId);
$exam->setFilePath($tgt_path . "/" . $fileName);
$exam->setYear($year);
$exam->setType($examType);
$exam->setDescr($descr);
$exam->save($conn);
// send notification email
$ip = $_SERVER['REMOTE_ADDR'];
$msg = "A new exam on [title=" . $exam->getDescr() . "; course=" . $exam->getCourseId() . "; year=" . $exam->getYear() . "; id=" . $exam->getId() . "] has been submitted by " . $ip . " on " . date('Y-m-d H:i:s') . ".";
helperFunctions::sendEmailNotice("Exam Submission", $msg);
echo "<input type='text' id='status' value='Success'/>";
} catch (Exception $e) {
echo "<input type='text' id='status' value='Saving'/>";
// send error email
helperFunctions::sendEmailNotice("Exam Submission Error", $e->getMessage());
}
} else {
echo "<input type='text' id='status' value='Moving'/>";
}
} else {
echo "<input type='text' id='status' value='PDF'/>";
}
return sfView::NONE;
} else {
$this->forward404();
}
}
