function update_programming_language($pl_id, $request) { Authenticator::assert_manager($request->cookies['authToken']); $msg = new Messages($GLOBALS['locale']); try { $model = new Model(); $raw_input = $request->getBody(); $content_type = explode(';', $request->type)[0]; if ($content_type !== 'application/json') { Util::output_errors_and_die('', 415); } $input_data = json_decode($raw_input, true); if (empty($input_data)) { Util::output_errors_and_die('', 400); } $result = $model->edit_programming_language($pl_id, $input_data); header('Content-Type: text/plain'); http_response_code($result ? 200 : 404); die; } catch (ConflictException $e) { Util::output_errors_and_die($e->getMessage(), 409); } catch (DatabaseException $e) { Util::output_errors_and_die($e->getMessage(), 503); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } }
function test_auto_marking_sc($request) { Authenticator::assert_manager_or_professor($request->cookies['authToken']); $msg = new Messages($GLOBALS['locale'], '/new-question/errors'); try { $model = new Model(); $raw_input = $request->getBody(); $content_type = explode(';', $request->type)[0]; if ($content_type !== 'application/json') { Util::output_errors_and_die($msg->_('invalid-format'), 415); } $input_data = json_decode($raw_input, true); if (empty($input_data) || !isset($input_data['question']) || !isset($input_data['source-code']) || !is_string($input_data['source-code'])) { Util::output_errors_and_die($msg->_('invalid-format'), 400); } $extra = !empty($input_data['extra']) ? $input_data['extra'] : []; $qd = $input_data['question']; set_empty_if_undefined($qd['type']); if ($qd['type'] != 'source-code') { Util::output_errors_and_die('', 400); } $q = new QuestionSC($qd, Question::FROM_USER, $extra); $q->mark_automatically(array('source-code' => $input_data['source-code']), $log, $result); http_response_code(200); header('Content-Type: application/json'); echo my_json_encode($result); } catch (DatabaseException $e) { Util::output_errors_and_die($e->getMessage(), 503); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } }
function create_topic($request) { Authenticator::assert_manager_or_professor($request->cookies['authToken']); $msg = new Messages($GLOBALS['locale']); try { $raw_input = $request->getBody(); $content_type = explode(';', $request->type)[0]; if ($content_type !== 'application/json') { Util::output_errors_and_die('', 415); } $input_data = json_decode($raw_input, true); if (empty($input_data)) { Util::output_errors_and_die('', 400); } $model = new Model(); if (!isset($input_data['name'])) { $input_data['name'] = ''; } $topic_id = $model->create_topic($input_data['name']); if ($topic_id) { http_response_code(201); header('Content-Type: text/plain'); echo '/topics/' . $topic_id; die; } else { Util::output_errors_and_die('', 400); } } catch (ConflictException $e) { Util::output_errors_and_die($e->getMessage(), 409); } catch (DatabaseException $e) { Util::output_errors_and_die($e->getMessage(), 503); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } }
function test_auto_marking($request) { Authenticator::assert_manager_or_professor($request->cookies['authToken']); $msg = new Messages($GLOBALS['locale'], '/new-question/errors'); try { $model = new Model(); $raw_input = $request->getBody(); $content_type = explode(';', $request->type)[0]; if ($content_type !== 'application/json') { Util::output_errors_and_die($msg->_('invalid-format'), 415); } $input_data = json_decode($raw_input, true); if (empty($input_data) || !isset($input_data['question']) || !isset($input_data['studentAnswer'])) { Util::output_errors_and_die($msg->_('invalid-format'), 400); } $extra = !empty($input_data['extra']) ? $input_data['extra'] : []; $qd = $input_data['question']; set_empty_if_undefined($qd['type']); if (!Validator::validate_question_type($qd['type'])) { Util::output_errors_and_die($msg->_('invalid-type'), 400); } switch ($qd['type']) { case 'short-answer': $q = new QuestionSA($qd, Question::FROM_USER, $extra); break; case 'essay': $q = new QuestionES($qd, Question::FROM_USER, $extra); break; case 'multiple-choice': $q = new QuestionMC($qd, Question::FROM_USER, $extra); break; case 'matching': $q = new QuestionMA($qd, Question::FROM_USER, $extra); break; case 'fitb-type': $q = new QuestionFT($qd, Question::FROM_USER, $extra); break; case 'fitb-select': $q = new QuestionFS($qd, Question::FROM_USER, $extra); break; case 'source-code': $q = new QuestionSC($qd, Question::FROM_USER, $extra); break; } http_response_code(200); header('Content-Type: application/json'); $mark = $q->mark_automatically($input_data['studentAnswer'], $log); foreach ($log as $i => $line) { $log[$i] = $msg->_('/auto-marking/' . $line[0], $line[1]); } $log = implode('<br/>', $log); echo my_json_encode(array('log' => $log, 'mark' => $mark)); } catch (DatabaseException $e) { Util::output_errors_and_die($e->getMessage(), 503); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } }
function create_session($request) { $raw_input = $request->getBody(); $content_type = explode(';', $request->type)[0]; switch ($content_type) { case 'application/json': $input_data = json_decode($raw_input, true); break; case 'application/x-www-form-urlencoded': $input_data = array(); parse_str($raw_input, $input_data); break; default: Util::output_errors_and_die('', 415); } if ($input_data === null) { Util::output_errors_and_die('', 400); } set_empty_if_undefined($input_data['username_or_email']); set_empty_if_undefined($input_data['password']); $msg = new Messages($GLOBALS['locale'], '/signin'); try { $model = new Model(); $user_data = $model->is_valid_user($input_data['username_or_email'], $input_data['password']); if (!$user_data) { Util::output_errors_and_die($msg->_('invalid-username-pw'), 403); } switch ($user_data['status']) { case 'pending-activation': Util::output_errors_and_die($msg->_('pending-activation'), 403); break; case 'pending-approval': Util::output_errors_and_die($msg->_('pending-approval'), 403); break; case 'banned': Util::output_errors_and_die($msg->_('banned'), 403); break; case 'active': $token = generate_token($user_data); $now = new DateTime('now'); $expires_at = clone $now; $expires_at->add(new DateInterval('P7D')); $model->insert_auth_token($user_data['user_id'], $token, $now, $expires_at); http_response_code(201); $output = array('token' => $token, 'expires_at' => $expires_at->format('Y-m-d H:i:s')); setcookie('authToken', $token, $expires_at->getTimestamp(), '/', '', $secure = true, $httponly = true); header('Content-Type: application/json'); echo my_json_encode($output); die; break; } } catch (DatabaseException $e) { Util::output_errors_and_die($e->getMessage(), 503); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } }
public static function assert_manager($token) { $user_data = self::assert_user($token); if ($user_data['role'] !== 'manager') { $msg = new Messages($GLOBALS['locale']); Util::output_errors_and_die($msg->_('/authentication/only-managers'), 403); } return $user_data; }
function create_user($request) { $raw_input = $request->getBody(); $content_type = explode(';', $request->type)[0]; switch ($content_type) { case 'application/json': $input_data = json_decode($raw_input, true); break; case 'application/x-www-form-urlencoded': $input_data = array(); parse_str($raw_input, $input_data); break; default: Util::output_errors_and_die('', 415); } if ($input_data === null) { Util::output_errors_and_die('', 400); } $fields = array('full_name' => '', 'email' => '', 'gender' => '', 'birth_date' => '', 'username' => '', 'role' => ''); $user_data = array(); foreach ($fields as $f => $v) { if (array_key_exists($f, $input_data)) { if (!is_string($input_data[$f])) { Util::output_errors_and_die('', 400); } $user_data[$f] = trim($input_data[$f]); } else { $user_data[$f] = ''; } } if (isset($input_data['password'])) { if (!is_string($input_data['password'])) { Util::output_errors_and_die('', 400); } $user_data['password'] = $input_data['password']; } set_empty_if_undefined($user_data['password']); try { $model = new Model(); $uid = $model->create_user($user_data); } catch (DatabaseException $e) { Util::output_errors_and_die($e->getMessage(), 503); } catch (ConflictException $e) { Util::output_errors_and_die($e->getMessage(), 409); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } if ($uid) { http_response_code(201); header('Content-Type: text/plain'); echo '/users/' . $uid; die; } else { Util::output_errors_and_die('', 400); } }
function create_question($request, $assignment_id = null) { Authenticator::assert_manager_or_professor($request->cookies['authToken']); $msg = new Messages($GLOBALS['locale']); try { $model = new Model(); $raw_input = $request->getBody(); $content_type = explode(';', $request->type)[0]; if ($content_type !== 'application/json') { Util::output_errors_and_die('', 415); } $input_data = json_decode($raw_input, true); if (empty($input_data)) { Util::output_errors_and_die('', 400); } set_empty_if_undefined($input_data['type']); if (!Validator::validate_question_type($input_data['type'])) { Util::output_errors_and_die($msg->_('invalid-type'), 400); } switch ($input_data['type']) { case 'short-answer': $q = new QuestionSA($input_data, Question::FROM_USER); break; case 'essay': $q = new QuestionES($input_data, Question::FROM_USER); break; case 'multiple-choice': $q = new QuestionMC($input_data, Question::FROM_USER); break; case 'matching': $q = new QuestionMA($input_data, Question::FROM_USER); break; case 'fitb-type': $q = new QuestionFT($input_data, Question::FROM_USER); break; case 'fitb-select': $q = new QuestionFS($input_data, Question::FROM_USER); break; case 'source-code': $q = new QuestionSC($input_data, Question::FROM_USER); break; } $qid = $model->create_question($q); header('Content-Type: text/plain'); echo '/question_bank/questions/' . $qid; http_response_code(201); die; } catch (ConflictException $e) { Util::output_errors_and_die($e->getMessage(), 409); } catch (DatabaseException $e) { Util::output_errors_and_die($e->getMessage(), 503); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } }
function update_user($username, $request) { $user_data = Authenticator::assert_manager($request->cookies['authToken']); $msg = new Messages($GLOBALS['locale']); try { $model = new Model(); $raw_input = $request->getBody(); $content_type = explode(';', $request->type)[0]; switch ($content_type) { case 'application/json': $input_data = json_decode($raw_input, true); break; case 'application/x-www-form-urlencoded': $input_data = array(); parse_str($raw_input, $input_data); break; default: Util::output_errors_and_die('', 415); } if (empty($input_data)) { Util::output_errors_and_die('', 400); } $changes = array(); foreach ($input_data as $f => $v) { if (is_string($input_data[$f])) { $changes[$f] = trim($input_data[$f]); } else { Util::output_errors_and_die('', 400); } } if (isset($input_data['password'])) { // don't trim if (is_string($input_data['password'])) { $changes['password'] = $input_data['password']; } else { Util::output_errors_and_die('', 400); } } if ($model->update_user($username, $changes)) { echo $user_data['username'] . ' -> ' . $username; $model->insert_approvedby($user_data['username'], $username); http_response_code(204); die; } else { Util::output_errors_and_die('', 404); } } catch (DatabaseException $e) { Util::output_errors_and_die($e->getMessage(), 503); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } }
function test_question($request) { Authenticator::assert_manager_or_professor($request->cookies['authToken']); $msg = new Messages($GLOBALS['locale'], '/new-question/errors'); try { $model = new Model(); $raw_input = $request->getBody(); $content_type = explode(';', $request->type)[0]; if ($content_type !== 'application/json') { Util::output_errors_and_die($msg->_('invalid-format'), 415); } $input_data = json_decode($raw_input, true); if (empty($input_data)) { Util::output_errors_and_die($msg->_('invalid-format'), 400); } set_empty_if_undefined($input_data['type']); if (!Validator::validate_question_type($input_data['type'])) { Util::output_errors_and_die($msg->_('invalid-type'), 400); } switch ($input_data['type']) { case 'short-answer': $q = new QuestionSA($input_data, Question::FROM_USER); break; case 'essay': $q = new QuestionES($input_data, Question::FROM_USER); break; case 'multiple-choice': $q = new QuestionMC($input_data, Question::FROM_USER); break; case 'matching': $q = new QuestionMA($input_data, Question::FROM_USER); break; case 'fitb-type': $q = new QuestionFT($input_data, Question::FROM_USER); break; case 'fitb-select': $q = new QuestionFS($input_data, Question::FROM_USER); break; case 'source-code': $q = new QuestionSC($input_data, Question::FROM_USER); break; } http_response_code(200); header('Content-Type: application/json'); echo my_json_encode($q->to_auto_marking_test(true, true)); } catch (DatabaseException $e) { Util::output_errors_and_die($e->getMessage(), 503); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } }
function get_programming_languages($request) { Authenticator::assert_manager_or_professor($request->cookies['authToken']); $msg = new Messages($GLOBALS['locale']); try { $model = new Model(); $result = $model->get_programming_languages(); http_response_code(200); header('Content-Type: application/json'); echo my_json_encode($result); die; } catch (DatabaseException $e) { Util::output_errors_and_die($e->getMessage(), 503); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } }
function delete_user($username, $request) { Authenticator::assert_manager($request->cookies['authToken']); $msg = new Messages($GLOBALS['locale']); try { $model = new Model(); if ($model->delete_user($username)) { http_response_code(204); } else { http_response_code(404); } die; } catch (DatabaseException $e) { Util::output_errors_and_die($e->getMessage(), 503); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } }
function confirm_code($request) { $content_type = explode(';', $request->type)[0]; if ($content_type !== 'text/plain') { Util::output_errors_and_die('', 415); } $code = trim($request->getBody()); try { $model = new Model(); $status = $model->confirm_email($code); } catch (DatabaseException $e) { Util::output_errors_and_die($e->getMessage(), 503); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } http_response_code(200); echo $status; die; }
function test_programming_language($request) { Authenticator::assert_manager($request->cookies['authToken']); $msg = new Messages($GLOBALS['locale']); try { $raw_input = $request->getBody(); $content_type = explode(';', $request->type)[0]; if ($content_type !== 'application/json') { Util::output_errors_and_die('', 415); } $input_data = json_decode($raw_input, true); if (empty($input_data)) { Util::output_errors_and_die('', 400); } LanguageTest::test($input_data['file_name'], $input_data['extension'], $input_data['source_code'], $input_data['compiler_flags'], $input_data['check_command'], $input_data['compile_command'], $input_data['run_command'], $input_data['arguments'], $input_data['stdin']); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } }
function delete_session($request) { if (isset($request->cookies['authToken'])) { $token = $request->cookies['authToken']; } else { Util::output_errors_and_die('', 400); } try { $model = new Model(); $result = $model->delete_auth_token($token); } catch (DatabaseException $e) { Util::output_errors_and_die($e->getMessage(), 503); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } http_response_code($result ? 204 : 403); setcookie('authToken', '', 0, '/', '', $secure = true, $httponly = true); die; }
function delete_topic($topic_id, $request) { $msg = new Messages($GLOBALS['locale']); Authenticator::assert_manager_or_professor($request->cookies['authToken']); try { $model = new Model(); $result = $model->delete_topic($topic_id); if ($result) { http_response_code(204); die; } else { Util::output_errors_and_die('', 404); } } catch (ConflictException $e) { Util::output_errors_and_die('', 409); } catch (DatabaseException $e) { Util::output_errors_and_die($e->getMessage(), 503); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } }
function get_user($request, $username) { Authenticator::assert_manager($request->cookies['authToken']); $msg = new Messages($GLOBALS['locale']); try { $model = new Model(); $request->query['fields'] = implode(',', ['username', 'email', 'gender', 'full_name', 'birth_date', 'created_at', 'last_logged_in_at', 'status', 'role']); $request->query['username'] = $username; $result = $model->get_users($request->query); if ($result['n_items'] == 0) { http_response_code(404); die; } http_response_code(200); header('Content-Type: application/json'); echo my_json_encode($result['items'][0]); die; } catch (DatabaseException $e) { Util::output_errors_and_die($e->getMessage(), 503); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } }
<?php $msg = new Messages($GLOBALS['locale']); Authenticator::assert_manager($_COOKIE['authToken']); try { $model = new Model(); $q = array('fields' => 'username,email,full_name,role,created_at', 'status' => 'pending-approval'); $pending_users = $model->get_users($q); } catch (DatabaseException $e) { Util::output_errors_and_die($msg->_('/showmsg/database-error'), 503); } include 'page.html.php';