function update_programming_language($pl_id, $request)
{
Authenticator::assert_manager($request->cookies['authToken']);
$msg = new Messages($GLOBALS['locale']);
try {
$model = new Model();
$raw_input = $request->getBody();
$content_type = explode(';', $request->type)[0];
if ($content_type !== 'application/json') {
Util::output_errors_and_die('', 415);
}
$input_data = json_decode($raw_input, true);
if (empty($input_data)) {
Util::output_errors_and_die('', 400);
}
$result = $model->edit_programming_language($pl_id, $input_data);
header('Content-Type: text/plain');
http_response_code($result ? 200 : 404);
die;
} catch (ConflictException $e) {
Util::output_errors_and_die($e->getMessage(), 409);
} catch (DatabaseException $e) {
Util::output_errors_and_die($e->getMessage(), 503);
} catch (Exception $e) {
Util::output_errors_and_die($e->getMessage(), 400);
}
}
function test_auto_marking_sc($request)
{
Authenticator::assert_manager_or_professor($request->cookies['authToken']);
$msg = new Messages($GLOBALS['locale'], '/new-question/errors');
try {
$model = new Model();
$raw_input = $request->getBody();
$content_type = explode(';', $request->type)[0];
if ($content_type !== 'application/json') {
Util::output_errors_and_die($msg->_('invalid-format'), 415);
}
$input_data = json_decode($raw_input, true);
if (empty($input_data) || !isset($input_data['question']) || !isset($input_data['source-code']) || !is_string($input_data['source-code'])) {
Util::output_errors_and_die($msg->_('invalid-format'), 400);
}
$extra = !empty($input_data['extra']) ? $input_data['extra'] : [];
$qd = $input_data['question'];
set_empty_if_undefined($qd['type']);
if ($qd['type'] != 'source-code') {
Util::output_errors_and_die('', 400);
}
$q = new QuestionSC($qd, Question::FROM_USER, $extra);
$q->mark_automatically(array('source-code' => $input_data['source-code']), $log, $result);
http_response_code(200);
header('Content-Type: application/json');
echo my_json_encode($result);
} catch (DatabaseException $e) {
Util::output_errors_and_die($e->getMessage(), 503);
} catch (Exception $e) {
Util::output_errors_and_die($e->getMessage(), 400);
}
}
function create_topic($request)
{
Authenticator::assert_manager_or_professor($request->cookies['authToken']);
$msg = new Messages($GLOBALS['locale']);
try {
$raw_input = $request->getBody();
$content_type = explode(';', $request->type)[0];
if ($content_type !== 'application/json') {
Util::output_errors_and_die('', 415);
}
$input_data = json_decode($raw_input, true);
if (empty($input_data)) {
Util::output_errors_and_die('', 400);
}
$model = new Model();
if (!isset($input_data['name'])) {
$input_data['name'] = '';
}
$topic_id = $model->create_topic($input_data['name']);
if ($topic_id) {
http_response_code(201);
header('Content-Type: text/plain');
echo '/topics/' . $topic_id;
die;
} else {
Util::output_errors_and_die('', 400);
}
} catch (ConflictException $e) {
Util::output_errors_and_die($e->getMessage(), 409);
} catch (DatabaseException $e) {
Util::output_errors_and_die($e->getMessage(), 503);
} catch (Exception $e) {
Util::output_errors_and_die($e->getMessage(), 400);
}
}
function test_auto_marking($request)
{
Authenticator::assert_manager_or_professor($request->cookies['authToken']);
$msg = new Messages($GLOBALS['locale'], '/new-question/errors');
try {
$model = new Model();
$raw_input = $request->getBody();
$content_type = explode(';', $request->type)[0];
if ($content_type !== 'application/json') {
Util::output_errors_and_die($msg->_('invalid-format'), 415);
}
$input_data = json_decode($raw_input, true);
if (empty($input_data) || !isset($input_data['question']) || !isset($input_data['studentAnswer'])) {
Util::output_errors_and_die($msg->_('invalid-format'), 400);
}
$extra = !empty($input_data['extra']) ? $input_data['extra'] : [];
$qd = $input_data['question'];
set_empty_if_undefined($qd['type']);
if (!Validator::validate_question_type($qd['type'])) {
Util::output_errors_and_die($msg->_('invalid-type'), 400);
}
switch ($qd['type']) {
case 'short-answer':
$q = new QuestionSA($qd, Question::FROM_USER, $extra);
break;
case 'essay':
$q = new QuestionES($qd, Question::FROM_USER, $extra);
break;
case 'multiple-choice':
$q = new QuestionMC($qd, Question::FROM_USER, $extra);
break;
case 'matching':
$q = new QuestionMA($qd, Question::FROM_USER, $extra);
break;
case 'fitb-type':
$q = new QuestionFT($qd, Question::FROM_USER, $extra);
break;
case 'fitb-select':
$q = new QuestionFS($qd, Question::FROM_USER, $extra);
break;
case 'source-code':
$q = new QuestionSC($qd, Question::FROM_USER, $extra);
break;
}
http_response_code(200);
header('Content-Type: application/json');
$mark = $q->mark_automatically($input_data['studentAnswer'], $log);
foreach ($log as $i => $line) {
$log[$i] = $msg->_('/auto-marking/' . $line[0], $line[1]);
}
$log = implode('<br/>', $log);
echo my_json_encode(array('log' => $log, 'mark' => $mark));
} catch (DatabaseException $e) {
Util::output_errors_and_die($e->getMessage(), 503);
} catch (Exception $e) {
Util::output_errors_and_die($e->getMessage(), 400);
}
}
function create_session($request)
{
$raw_input = $request->getBody();
$content_type = explode(';', $request->type)[0];
switch ($content_type) {
case 'application/json':
$input_data = json_decode($raw_input, true);
break;
case 'application/x-www-form-urlencoded':
$input_data = array();
parse_str($raw_input, $input_data);
break;
default:
Util::output_errors_and_die('', 415);
}
if ($input_data === null) {
Util::output_errors_and_die('', 400);
}
set_empty_if_undefined($input_data['username_or_email']);
set_empty_if_undefined($input_data['password']);
$msg = new Messages($GLOBALS['locale'], '/signin');
try {
$model = new Model();
$user_data = $model->is_valid_user($input_data['username_or_email'], $input_data['password']);
if (!$user_data) {
Util::output_errors_and_die($msg->_('invalid-username-pw'), 403);
}
switch ($user_data['status']) {
case 'pending-activation':
Util::output_errors_and_die($msg->_('pending-activation'), 403);
break;
case 'pending-approval':
Util::output_errors_and_die($msg->_('pending-approval'), 403);
break;
case 'banned':
Util::output_errors_and_die($msg->_('banned'), 403);
break;
case 'active':
$token = generate_token($user_data);
$now = new DateTime('now');
$expires_at = clone $now;
$expires_at->add(new DateInterval('P7D'));
$model->insert_auth_token($user_data['user_id'], $token, $now, $expires_at);
http_response_code(201);
$output = array('token' => $token, 'expires_at' => $expires_at->format('Y-m-d H:i:s'));
setcookie('authToken', $token, $expires_at->getTimestamp(), '/', '', $secure = true, $httponly = true);
header('Content-Type: application/json');
echo my_json_encode($output);
die;
break;
}
} catch (DatabaseException $e) {
Util::output_errors_and_die($e->getMessage(), 503);
} catch (Exception $e) {
Util::output_errors_and_die($e->getMessage(), 400);
}
}
public static function assert_manager($token)
{
$user_data = self::assert_user($token);
if ($user_data['role'] !== 'manager') {
$msg = new Messages($GLOBALS['locale']);
Util::output_errors_and_die($msg->_('/authentication/only-managers'), 403);
}
return $user_data;
}
function create_user($request)
{
$raw_input = $request->getBody();
$content_type = explode(';', $request->type)[0];
switch ($content_type) {
case 'application/json':
$input_data = json_decode($raw_input, true);
break;
case 'application/x-www-form-urlencoded':
$input_data = array();
parse_str($raw_input, $input_data);
break;
default:
Util::output_errors_and_die('', 415);
}
if ($input_data === null) {
Util::output_errors_and_die('', 400);
}
$fields = array('full_name' => '', 'email' => '', 'gender' => '', 'birth_date' => '', 'username' => '', 'role' => '');
$user_data = array();
foreach ($fields as $f => $v) {
if (array_key_exists($f, $input_data)) {
if (!is_string($input_data[$f])) {
Util::output_errors_and_die('', 400);
}
$user_data[$f] = trim($input_data[$f]);
} else {
$user_data[$f] = '';
}
}
if (isset($input_data['password'])) {
if (!is_string($input_data['password'])) {
Util::output_errors_and_die('', 400);
}
$user_data['password'] = $input_data['password'];
}
set_empty_if_undefined($user_data['password']);
try {
$model = new Model();
$uid = $model->create_user($user_data);
} catch (DatabaseException $e) {
Util::output_errors_and_die($e->getMessage(), 503);
} catch (ConflictException $e) {
Util::output_errors_and_die($e->getMessage(), 409);
} catch (Exception $e) {
Util::output_errors_and_die($e->getMessage(), 400);
}
if ($uid) {
http_response_code(201);
header('Content-Type: text/plain');
echo '/users/' . $uid;
die;
} else {
Util::output_errors_and_die('', 400);
}
}
function create_question($request, $assignment_id = null)
{
Authenticator::assert_manager_or_professor($request->cookies['authToken']);
$msg = new Messages($GLOBALS['locale']);
try {
$model = new Model();
$raw_input = $request->getBody();
$content_type = explode(';', $request->type)[0];
if ($content_type !== 'application/json') {
Util::output_errors_and_die('', 415);
}
$input_data = json_decode($raw_input, true);
if (empty($input_data)) {
Util::output_errors_and_die('', 400);
}
set_empty_if_undefined($input_data['type']);
if (!Validator::validate_question_type($input_data['type'])) {
Util::output_errors_and_die($msg->_('invalid-type'), 400);
}
switch ($input_data['type']) {
case 'short-answer':
$q = new QuestionSA($input_data, Question::FROM_USER);
break;
case 'essay':
$q = new QuestionES($input_data, Question::FROM_USER);
break;
case 'multiple-choice':
$q = new QuestionMC($input_data, Question::FROM_USER);
break;
case 'matching':
$q = new QuestionMA($input_data, Question::FROM_USER);
break;
case 'fitb-type':
$q = new QuestionFT($input_data, Question::FROM_USER);
break;
case 'fitb-select':
$q = new QuestionFS($input_data, Question::FROM_USER);
break;
case 'source-code':
$q = new QuestionSC($input_data, Question::FROM_USER);
break;
}
$qid = $model->create_question($q);
header('Content-Type: text/plain');
echo '/question_bank/questions/' . $qid;
http_response_code(201);
die;
} catch (ConflictException $e) {
Util::output_errors_and_die($e->getMessage(), 409);
} catch (DatabaseException $e) {
Util::output_errors_and_die($e->getMessage(), 503);
} catch (Exception $e) {
Util::output_errors_and_die($e->getMessage(), 400);
}
}
function update_user($username, $request)
{
$user_data = Authenticator::assert_manager($request->cookies['authToken']);
$msg = new Messages($GLOBALS['locale']);
try {
$model = new Model();
$raw_input = $request->getBody();
$content_type = explode(';', $request->type)[0];
switch ($content_type) {
case 'application/json':
$input_data = json_decode($raw_input, true);
break;
case 'application/x-www-form-urlencoded':
$input_data = array();
parse_str($raw_input, $input_data);
break;
default:
Util::output_errors_and_die('', 415);
}
if (empty($input_data)) {
Util::output_errors_and_die('', 400);
}
$changes = array();
foreach ($input_data as $f => $v) {
if (is_string($input_data[$f])) {
$changes[$f] = trim($input_data[$f]);
} else {
Util::output_errors_and_die('', 400);
}
}
if (isset($input_data['password'])) {
// don't trim
if (is_string($input_data['password'])) {
$changes['password'] = $input_data['password'];
} else {
Util::output_errors_and_die('', 400);
}
}
if ($model->update_user($username, $changes)) {
echo $user_data['username'] . ' -> ' . $username;
$model->insert_approvedby($user_data['username'], $username);
http_response_code(204);
die;
} else {
Util::output_errors_and_die('', 404);
}
} catch (DatabaseException $e) {
Util::output_errors_and_die($e->getMessage(), 503);
} catch (Exception $e) {
Util::output_errors_and_die($e->getMessage(), 400);
}
}
function test_question($request)
{
Authenticator::assert_manager_or_professor($request->cookies['authToken']);
$msg = new Messages($GLOBALS['locale'], '/new-question/errors');
try {
$model = new Model();
$raw_input = $request->getBody();
$content_type = explode(';', $request->type)[0];
if ($content_type !== 'application/json') {
Util::output_errors_and_die($msg->_('invalid-format'), 415);
}
$input_data = json_decode($raw_input, true);
if (empty($input_data)) {
Util::output_errors_and_die($msg->_('invalid-format'), 400);
}
set_empty_if_undefined($input_data['type']);
if (!Validator::validate_question_type($input_data['type'])) {
Util::output_errors_and_die($msg->_('invalid-type'), 400);
}
switch ($input_data['type']) {
case 'short-answer':
$q = new QuestionSA($input_data, Question::FROM_USER);
break;
case 'essay':
$q = new QuestionES($input_data, Question::FROM_USER);
break;
case 'multiple-choice':
$q = new QuestionMC($input_data, Question::FROM_USER);
break;
case 'matching':
$q = new QuestionMA($input_data, Question::FROM_USER);
break;
case 'fitb-type':
$q = new QuestionFT($input_data, Question::FROM_USER);
break;
case 'fitb-select':
$q = new QuestionFS($input_data, Question::FROM_USER);
break;
case 'source-code':
$q = new QuestionSC($input_data, Question::FROM_USER);
break;
}
http_response_code(200);
header('Content-Type: application/json');
echo my_json_encode($q->to_auto_marking_test(true, true));
} catch (DatabaseException $e) {
Util::output_errors_and_die($e->getMessage(), 503);
} catch (Exception $e) {
Util::output_errors_and_die($e->getMessage(), 400);
}
}
function get_programming_languages($request)
{
Authenticator::assert_manager_or_professor($request->cookies['authToken']);
$msg = new Messages($GLOBALS['locale']);
try {
$model = new Model();
$result = $model->get_programming_languages();
http_response_code(200);
header('Content-Type: application/json');
echo my_json_encode($result);
die;
} catch (DatabaseException $e) {
Util::output_errors_and_die($e->getMessage(), 503);
} catch (Exception $e) {
Util::output_errors_and_die($e->getMessage(), 400);
}
}
function delete_user($username, $request)
{
Authenticator::assert_manager($request->cookies['authToken']);
$msg = new Messages($GLOBALS['locale']);
try {
$model = new Model();
if ($model->delete_user($username)) {
http_response_code(204);
} else {
http_response_code(404);
}
die;
} catch (DatabaseException $e) {
Util::output_errors_and_die($e->getMessage(), 503);
} catch (Exception $e) {
Util::output_errors_and_die($e->getMessage(), 400);
}
}
function confirm_code($request)
{
$content_type = explode(';', $request->type)[0];
if ($content_type !== 'text/plain') {
Util::output_errors_and_die('', 415);
}
$code = trim($request->getBody());
try {
$model = new Model();
$status = $model->confirm_email($code);
} catch (DatabaseException $e) {
Util::output_errors_and_die($e->getMessage(), 503);
} catch (Exception $e) {
Util::output_errors_and_die($e->getMessage(), 400);
}
http_response_code(200);
echo $status;
die;
}
function test_programming_language($request)
{
Authenticator::assert_manager($request->cookies['authToken']);
$msg = new Messages($GLOBALS['locale']);
try {
$raw_input = $request->getBody();
$content_type = explode(';', $request->type)[0];
if ($content_type !== 'application/json') {
Util::output_errors_and_die('', 415);
}
$input_data = json_decode($raw_input, true);
if (empty($input_data)) {
Util::output_errors_and_die('', 400);
}
LanguageTest::test($input_data['file_name'], $input_data['extension'], $input_data['source_code'], $input_data['compiler_flags'], $input_data['check_command'], $input_data['compile_command'], $input_data['run_command'], $input_data['arguments'], $input_data['stdin']);
} catch (Exception $e) {
Util::output_errors_and_die($e->getMessage(), 400);
}
}
function delete_session($request)
{
if (isset($request->cookies['authToken'])) {
$token = $request->cookies['authToken'];
} else {
Util::output_errors_and_die('', 400);
}
try {
$model = new Model();
$result = $model->delete_auth_token($token);
} catch (DatabaseException $e) {
Util::output_errors_and_die($e->getMessage(), 503);
} catch (Exception $e) {
Util::output_errors_and_die($e->getMessage(), 400);
}
http_response_code($result ? 204 : 403);
setcookie('authToken', '', 0, '/', '', $secure = true, $httponly = true);
die;
}
function delete_topic($topic_id, $request)
{
$msg = new Messages($GLOBALS['locale']);
Authenticator::assert_manager_or_professor($request->cookies['authToken']);
try {
$model = new Model();
$result = $model->delete_topic($topic_id);
if ($result) {
http_response_code(204);
die;
} else {
Util::output_errors_and_die('', 404);
}
} catch (ConflictException $e) {
Util::output_errors_and_die('', 409);
} catch (DatabaseException $e) {
Util::output_errors_and_die($e->getMessage(), 503);
} catch (Exception $e) {
Util::output_errors_and_die($e->getMessage(), 400);
}
}
function get_user($request, $username)
{
Authenticator::assert_manager($request->cookies['authToken']);
$msg = new Messages($GLOBALS['locale']);
try {
$model = new Model();
$request->query['fields'] = implode(',', ['username', 'email', 'gender', 'full_name', 'birth_date', 'created_at', 'last_logged_in_at', 'status', 'role']);
$request->query['username'] = $username;
$result = $model->get_users($request->query);
if ($result['n_items'] == 0) {
http_response_code(404);
die;
}
http_response_code(200);
header('Content-Type: application/json');
echo my_json_encode($result['items'][0]);
die;
} catch (DatabaseException $e) {
Util::output_errors_and_die($e->getMessage(), 503);
} catch (Exception $e) {
Util::output_errors_and_die($e->getMessage(), 400);
}
}
<?php
$msg = new Messages($GLOBALS['locale']);
Authenticator::assert_manager($_COOKIE['authToken']);
try {
$model = new Model();
$q = array('fields' => 'username,email,full_name,role,created_at', 'status' => 'pending-approval');
$pending_users = $model->get_users($q);
} catch (DatabaseException $e) {
Util::output_errors_and_die($msg->_('/showmsg/database-error'), 503);
}
include 'page.html.php';
