Exemplo n.º 1
0
 private function create_metadataID()
 {
     $ipaddress = NetworkUtils::get_client_address();
     $stmt = $this->db->prepare("INSERT INTO review_metadata VALUES(NULL, ?, ?, NOW(), NULL, ?, ?, NULL)");
     $stmt->bind_param('iiss', $this->reviewerID, $this->paperID, $this->review_type, $ipaddress);
     $stmt->execute();
     $reviewID = $this->db->insert_id;
     $stmt->close();
     return $reviewID;
 }
Exemplo n.º 2
0
 /**
  * Get the details of the papers that are currently available for the current user and lab
  * @param  array      $paper_display Reference to array in which to build details of available papers
  * @param  array      $types         Array of paper types to check for
  * @param  UserObject $userObj       The current user
  * @param  mysqli     $db            Database reference
  * @param  string     $exclude       Option ID of a paper to exclude from the check
  * @return integer                   The number of currently active papers
  */
 public function get_active_papers(&$paper_display, $types, $userObj, $db, $exclude = '')
 {
     $type_sql = '';
     foreach ($types as $type) {
         if ($type_sql != '') {
             $type_sql .= ' OR ';
         }
         $type_sql .= "paper_type='{$type}'";
     }
     $exclude_sql = '';
     if ($exclude != '') {
         $exclude_sql = ' AND property_id != ' . $exclude;
     }
     $paper_no = 0;
     $paper_query = $db->prepare("SELECT property_id, paper_type, crypt_name, paper_title, bidirectional, fullscreen, MAX(screen) AS max_screen, labs, calendar_year, password, completed FROM (papers, properties) LEFT JOIN log_metadata ON properties.property_id = log_metadata.paperID AND userID = ? WHERE papers.paper = properties.property_id AND (labs != '' OR password != '') AND ({$type_sql}) AND deleted IS NULL AND start_date < DATE_ADD(NOW(),interval 15 minute) AND end_date > NOW() {$exclude_sql} GROUP BY paper");
     $paper_query->bind_param('i', $userObj->get_user_ID());
     $paper_query->execute();
     $paper_query->store_result();
     $paper_query->bind_result($property_id, $paper_type, $crypt_name, $paper_title, $bidirectional, $fullscreen, $max_screen, $labs, $calendar_year, $password, $completed);
     while ($paper_query->fetch()) {
         if ($labs != '') {
             $machineOK = false;
             $labs = str_replace(",", " OR lab=", $labs);
             $lab_info = $db->query("SELECT address FROM client_identifiers WHERE address = '" . NetworkUtils::get_client_address() . "' AND (lab = {$labs})");
             if ($lab_info->num_rows > 0) {
                 $machineOK = true;
             }
             $lab_info->close();
         } else {
             $machineOK = true;
         }
         if (strpos($userObj->get_username(), 'user') !== 0) {
             $moduleIDs = Paper_utils::get_modules($property_id, $db);
             if (count($moduleIDs) > 0) {
                 $moduleOK = false;
                 if ($calendar_year != '') {
                     $cal_sql = "AND calendar_year = '" . $calendar_year . "'";
                 } else {
                     $cal_sql = '';
                 }
                 $module_in = implode(',', array_keys($moduleIDs));
                 $moduleInfo = $db->prepare("SELECT userID FROM modules_student WHERE userID = ? {$cal_sql} AND idMod IN ({$module_in})");
                 $moduleInfo->bind_param('i', $userObj->get_user_ID());
                 $moduleInfo->execute();
                 $moduleInfo->store_result();
                 $moduleInfo->bind_result($tmp_userID);
                 $moduleInfo->fetch();
                 if ($moduleInfo->num_rows() > 0) {
                     $moduleOK = true;
                 }
                 $moduleInfo->close();
             } else {
                 $moduleOK = true;
             }
         } else {
             $moduleOK = true;
         }
         if ($machineOK == true and $moduleOK == true) {
             $paper_display[$paper_no]['id'] = $property_id;
             $paper_display[$paper_no]['paper_title'] = $paper_title;
             $paper_display[$paper_no]['crypt_name'] = $crypt_name;
             $paper_display[$paper_no]['paper_type'] = $paper_type;
             $paper_display[$paper_no]['max_screen'] = $max_screen;
             $paper_display[$paper_no]['bidirectional'] = $bidirectional;
             $paper_display[$paper_no]['password'] = $password;
             $paper_display[$paper_no]['completed'] = $completed;
             $paper_no++;
         }
     }
     $paper_query->close();
     return $paper_no;
 }
Exemplo n.º 3
0
}
if (isset($_POST['paperID'])) {
    $paper_id = $_POST['paperID'];
}
$student = array();
$student['user_ID'] = $student_id;
$stmt = $mysqli->prepare('SELECT title, initials, surname FROM users WHERE user_deleted IS NULL AND id = ?');
$stmt->bind_param('i', $userID);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($student['title'], $student['initials'], $student['surname']);
$stmt->fetch();
$title = $student['title'];
$initials = $student['initials'];
$surname = $student['surname'];
$current_address = NetworkUtils::get_client_address();
$lab_factory = new LabFactory($mysqli);
$lab_object = $lab_factory->get_lab_based_on_client($current_address);
$propertyObj = PaperProperties::get_paper_properties_by_id($paper_id, $mysqli, $string);
$log_lab_end_time = new LogLabEndTime($lab_object->get_id(), $propertyObj, $mysqli);
$log_extra_time = new LogExtraTime($log_lab_end_time, $student, $mysqli);
$onload = '';
if (isset($_POST['submit'])) {
    $invigilator_id = $userObject->get_user_ID();
    if ((int) $_POST['extra_time'] == 0) {
        $log_extra_time->delete($invigilator_id);
    } elseif ((int) $_POST['extra_time'] > 0) {
        $special_needs_percentage = $_POST['extra_time'];
        $log_extra_time->save($invigilator_id, $special_needs_percentage);
    }
    $onload = 'closeWindow();';
Exemplo n.º 4
0
 function loginbutton($displaystdformobj)
 {
     global $string;
     $config = Config::get_instance();
     $this->savetodebug('Button Check');
     $labs_list = '';
     // detect if we should display login button
     $paper_match = false;
     $ip_match = false;
     $query = "SELECT labs FROM properties WHERE start_date < DATE_ADD(NOW(), interval 15 minute) AND end_date > NOW() AND paper_type IN ('1', '2') AND labs != ''";
     $results = $this->db->prepare($query);
     if ($this->db->error) {
         try {
             $e = $this->db->error;
             $en = $this->db->errno;
             throw new Exception("MySQL error {$e} <br /> Query:<br /> {$query}", $en);
         } catch (Exception $e) {
             echo "Error No: " . $e->getCode() . " - " . $e->getMessage() . "<br />";
             echo nl2br($e->getTraceAsString());
         }
     }
     $results->execute();
     $results->store_result();
     $results->bind_result($labs);
     while ($results->fetch()) {
         $paper_match = true;
         $query = "SELECT address FROM client_identifiers WHERE lab IN ({$labs})";
         $sub_results = $this->db->prepare($query);
         if ($this->db->error) {
             try {
                 $e = $this->db->error;
                 $en = $this->db->errno;
                 throw new Exception("MySQL error {$e} <br /> Query:<br /> {$query}", $en);
             } catch (Exception $e) {
                 echo "Error No: " . $e->getCode() . " - " . $e->getMessage() . "<br />";
                 echo nl2br($e->getTraceAsString());
             }
         }
         $sub_results->execute();
         $sub_results->store_result();
         $sub_results->bind_result($address);
         while ($sub_results->fetch()) {
             $labs_list = $labs_list . ' ' . $address;
             if (NetworkUtils::get_client_address() == $address) {
                 $ip_match = true;
             }
         }
         $sub_results->close();
     }
     $results->close();
     $this->savetodebug('Status paper_match:' . var_export($paper_match, true) . ' ip_match:' . var_export($ip_match, true) . ' ip address:' . var_export(NetworkUtils::get_client_address(), true) . ' <br /> ' . $labs . ' ' . $labs_list);
     if ($paper_match === true and $ip_match === true) {
         $this->savetodebug('Adding New Button');
         $newbutton = new displaystdformobjbutton();
         $newbutton->type = 'button';
         $newbutton->value = ' ' . $string['guestbutton'] . ' ';
         $newbutton->name = 'guestlogin';
         $newbutton->class = 'guestlogin';
         $displaystdformobj->buttons[] = $newbutton;
         $newscript = "\$('.guestlogin').click(function() {\n  window.location.href = '" . $config->get('cfg_root_path') . "/users/guest_account.php';\n});";
         $displaystdformobj->scripts[] = $newscript;
     }
     return $displaystdformobj;
 }
Exemplo n.º 5
0
} else {
    $results = shell_exec('wmic cpu get name');
    $lines = explode('<br />', nl2br($results));
    echo "<tr><td>" . $string['processor'] . "</td><td>" . $lines[1] . "</td></tr>\n";
}
echo "<tr><td style=\"width:90px\">" . $string['servername'] . "</td><td>" . gethostbyaddr(gethostbyname($_SERVER['SERVER_NAME'])) . "</td></tr>\n";
echo "<tr><td>" . $string['hostname'] . "</td><td>" . $_SERVER['HTTP_HOST'] . "</td></tr>\n";
echo "<tr><td>" . $string['ipaddress'] . "</td><td>" . NetworkUtils::get_server_address() . "</td></tr>\n";
echo "<tr><td>" . $string['clock'] . "</td><td>" . date('d F Y H:i:s') . "</td></tr>\n";
echo "<tr><td>" . $string['os'] . "</td><td>" . php_uname('s') . "</td></tr>\n";
echo "<tr><td>" . $string['webserver'] . "</td><td>" . $_SERVER['SERVER_SOFTWARE'] . "</td></tr>\n";
echo "<tr><td>" . $string['php'] . "</td><td>" . phpversion() . "</td></tr>\n";
echo "<tr><td>" . $string['mysql'] . "</td><td>" . $mysqli->server_info . "</td></tr>\n";
echo '<tr><td colspan="2">&nbsp;</td></tr>';
echo '<tr><td colspan="2" class="sechead">' . $string['clientcomputer'] . '</td></tr>';
echo '<tr><td>' . $string['ipaddress'] . '</td><td>' . NetworkUtils::get_client_address() . '</td></tr>';
echo '<tr><td>' . $string['clock'] . '</td><td><script>the_date = new Date(); document.write(the_date.toLocaleString("' . $language . '")); </script></td></tr>';
echo '<tr><td>' . $string['browser'] . '</td><td>' . $_SERVER['HTTP_USER_AGENT'] . '</td></tr>';
echo '<tr><td colspan="2">&nbsp;</td></tr>';
echo '<tr><td colspan="2" class="sechead">' . $string['partitions'] . '</td></tr>';
echo '<tr><td colspan="2" rowspan="18" valign="top" align="left"><table cellspacing="0" cellpadding="2" border="0" style="font-size:90%">';
if (php_uname('s') == 'Windows NT') {
    $disks = array('A:\\', 'B:\\', 'C:\\', 'D:\\', 'E:\\', 'F:\\', 'G:\\', 'H:\\', 'I:\\', 'J:\\', 'K:\\', 'L:\\', 'M:\\', 'N:\\', 'O:\\', 'P:\\', 'Q:\\', 'R:\\', 'S:\\', 'T:\\', 'U:\\', 'V:\\', 'W:\\', 'X:\\', 'Y:\\', 'Z:\\');
    $i = 1;
    foreach ($disks as $disk) {
        if (file_exists($disk)) {
            $master_array[$i][3] = @disk_free_space($disk);
            $master_array[$i][1] = @disk_total_space($disk);
            $master_array[$i][5] = $disk;
            $i++;
        }
Exemplo n.º 6
0
 /**
  * Adds a new paper note.
  * @param string $note  	- The text of the note (message).
  * @param int $paperID    - ID of the paper the note is associated with.
  * @param int $authorID 	- User ID of the member of staff/invigilator creating the note.
  * @param object $db      - MySQL connection
  */
 static function add_note($note, $paperID, $authorID, $db)
 {
     $current_address = NetworkUtils::get_client_address();
     $result = $db->prepare("INSERT INTO paper_notes VALUES (NULL, ?, NOW(), ?, ?, ?)");
     $result->bind_param('siis', $note, $paperID, $authorID, $current_address);
     $result->execute();
     $result->close();
 }
Exemplo n.º 7
0
 public function record_access($user_id, $type, $page)
 {
     $current_address = NetworkUtils::get_client_address();
     $result = $this->_mysqli->prepare('INSERT INTO access_log VALUES(NULL, ?, ?, NOW(), ?, ?)');
     $result->bind_param('isss', $user_id, $type, $current_address, $page);
     $result->execute();
     $result->close();
 }
Exemplo n.º 8
0
     echo "<p style=\"margin-left:90px; color:#C00000\">" . $string['note1'] . " <img src=\"{$configObject->get('cfg_root_path')}/artwork/small_link.png\" width=\"11\" height=\"11\" /> <a href=\"../index.php\"><strong>" . $string['staffmangscreens'] . "</strong></a>?</p>\n";
 }
 echo "<div class=\"hr_line\"></div>\n<p style=\"margin-left:90px\">" . $string['mostLikely'] . "</p>\n<ul style=\"margin-left:80px\">\n";
 $current_address = NetworkUtils::get_client_address();
 $ip_info = $mysqli->prepare("SELECT name, room_no FROM (labs, client_identifiers) WHERE labs.id = client_identifiers.lab AND address = ?");
 $ip_info->bind_param('s', $current_address);
 $ip_info->execute();
 $ip_info->store_result();
 $ip_info->bind_result($computer_lab, $computer_lab_short);
 $ip_info->fetch();
 if ($ip_info->num_rows() == 0) {
     $computer_lab = $computer_lab_short = '<span style="color:#C00000">' . $string['unknownIp'] . '</span>';
 }
 $computer_lab_short = $computer_lab_short == '' ? $computer_lab : $computer_lab_short;
 $ip_info->close();
 echo "<li>" . $string['IPaddress'] . " - " . NetworkUtils::get_client_address() . " {$computer_lab}</li>\n";
 echo "<li>" . $string['Time/Date'] . " - " . date('d/m/Y H:i:s') . "</li>\n";
 echo "<li>" . $string['yearofstudy'] . " - ";
 if ($userObject->get_year() == '') {
     echo '<span style="color:#C00000">' . $string['noyear'] . '</span>';
 } else {
     echo $userObject->get_year();
 }
 echo "</li>\n";
 echo "<li>" . $string['Modules'] . " - \n";
 $last_cal_year = '';
 $info = $mysqli->prepare("SELECT moduleID, calendar_year FROM modules_student, modules WHERE modules.id = modules_student.idMod AND userID = ? ORDER BY calendar_year DESC, moduleID");
 $info->bind_param('i', $userObject->get_user_ID());
 $info->execute();
 $info->bind_result($user_moduleID, $user_calendar_year);
 $info->store_result();
Exemplo n.º 9
0
$mysqli = new mysqli($configObject->get('cfg_db_host'), $configObject->get('cfg_db_student_user'), $configObject->get('cfg_db_student_passwd'), $configObject->get('cfg_db_database'));
// Check that the client address of the current user is within the exam lab.
$paper_match = false;
$lab_match = false;
$results = $mysqli->prepare("SELECT labs FROM properties WHERE start_date < DATE_ADD(NOW(), interval 15 minute) AND end_date > NOW() AND paper_type IN ('1','2') AND labs != ''");
$results->execute();
$results->store_result();
$results->bind_result($labs);
while ($results->fetch()) {
    $paper_match = true;
    $sub_results = $mysqli->prepare("SELECT address FROM client_identifiers WHERE lab IN ({$labs})");
    $sub_results->execute();
    $sub_results->store_result();
    $sub_results->bind_result($address);
    while ($sub_results->fetch()) {
        if (NetworkUtils::get_client_address() == $address) {
            $lab_match = true;
        }
    }
    $sub_results->close();
}
$results->close();
if ($paper_match == false) {
    $notice->access_denied($mysqli, $string, $string['cannotfindexams'], false, true);
} elseif ($lab_match == false) {
    $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
    $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '/artwork/page_not_found.png', '#C00000', true, true);
}
?>
<!DOCTYPE html>
<html>