// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/sysadmin_auth.inc';
require '../include/sidebar_menu.inc';
require '../include/errors.inc';
require '../include/year_tabs.inc';
$current_year = check_var('calyear', 'GET', true, false, true);
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta http-equiv="content-type" content="text/html;charset=<?php
echo $configObject->get('cfg_page_charset');
?>
" />
<title>Rogō: <?php
echo $string['summativeexamfeedback'] . ' ' . $configObject->get('cfg_install_type');
?>
</title>
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* @author Anthony Brown, Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/staff_auth.inc';
require_once '../include/errors.inc';
$modID = (int) check_var('module', 'GET', true, false, true);
if (!module_utils::get_moduleid_from_id($modID, $mysqli)) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true);
}
if (isset($_POST['Save'])) {
//save session
$identifier = time();
$occurrence = $_POST['session_year'] . '-' . $_POST['session_month'] . '-' . $_POST['session_day'] . ' ' . $_POST['session_time'];
$stmt = $mysqli->prepare("INSERT INTO sessions VALUES (NULL, ?, ?, ?, ?, ?, ?)");
$identifier = intVal($identifier);
$stmt->bind_param('ssssss', $identifier, $modID, $_POST['session_title'], $_POST['url'], $_POST['session'], $occurrence);
$stmt->execute();
$stmt->close();
$result = $mysqli->prepare("SELECT MAX(obj_id) AS largest FROM objectives");
$result->execute();
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Rogo. If not, see <http://www.gnu.org/licenses/>.
/**
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/staff_auth.inc';
require_once '../include/errors.inc';
require_once '../include/paper_security.inc';
require_once '../classes/paperproperties.class.php';
$paperID = check_var('paperID', 'GET', true, false, true);
// Get some paper properties
$propertyObj = PaperProperties::get_paper_properties_by_id($paperID, $mysqli, $string);
$paper_title = $propertyObj->get_paper_title();
$start_date = $propertyObj->get_start_date();
$end_date = $propertyObj->get_end_date();
$calendar_year = $propertyObj->get_calendar_year();
$paper_bgcolor = $propertyObj->get_bgcolor();
$paper_fgcolor = $propertyObj->get_fgcolor();
$paper_themecolor = $propertyObj->get_themecolor();
$paper_labelcolor = $propertyObj->get_labelcolor();
$type = $propertyObj->get_rubric();
$paper_prologue = $propertyObj->get_paper_prologue();
$marking = $propertyObj->get_marking();
$display_photos = $propertyObj->get_display_correct_answer();
$labs = $propertyObj->get_labs();
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/staff_auth.inc';
require_once '../include/survey_quantitative.inc.php';
require_once '../include/errors.inc';
require_once '../classes/stringutils.class.php';
require_once '../classes/paperproperties.class.php';
$paperID = check_var('paperID', 'GET', true, false, true);
$startdate = check_var('startdate', 'GET', true, false, true);
$enddate = check_var('enddate', 'GET', true, false, true);
// Get some paper properties
$propertyObj = PaperProperties::get_paper_properties_by_id($paperID, $mysqli, $string);
header('Pragma: public');
header('Content-disposition: attachment; filename=report.xml');
header('Content-type: text/xml');
function displayQuestion($q_id, $theme, $scenario, $leadin, $q_type, $correct, $q_media, $q_media_width, $q_media_height, $options, $log, $correct_buf, $screen, $question_number, $candidates)
{
global $old_likert_scale, $old_display_method, $table_on;
// Remove spaces
$theme = str_replace(' ', ' ', $theme);
$scenario = str_replace(' ', ' ', $scenario);
$leadin = str_replace(' ', ' ', $leadin);
$old_likert_scale = str_replace(' ', ' ', $old_likert_scale);
// Remove nasty non-utf8 chars
$theme = StringUtils::wordToUtf8(strip_tags($theme));
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* Delete a user account.
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/sysadmin_auth.inc';
require_once '../include/errors.inc';
require_once '../classes/userutils.class.php';
$userID = check_var('id', 'POST', true, false, true);
// Check that all the past user IDs actually exist.
$id_list = explode(',', $userID);
foreach ($id_list as $id) {
if ($id != '') {
if (!UserUtils::userid_exists($id, $mysqli)) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true);
}
}
}
foreach ($id_list as $single_id) {
if ($single_id != '') {
UserUtils::delete_userID($single_id, $mysqli);
}
}
<?php
// This file is part of Rogō
//
// Rogō is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Rogō is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../../include/staff_auth.inc';
require '../../include/errors.inc';
$announcementID = check_var('announcementID', 'GET', true, false, true);
$_SESSION['announcement' . $announcementID] = 'hide';
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../../include/staff_auth.inc';
require '../../include/errors.inc';
require_once '../../classes/paperproperties.class.php';
require_once '../../plugins/questions/enhancedcalc/enhancedcalc.class.php';
require_once '../../plugins/questions/enhancedcalc/helpers/enhancedcalc_helper.php';
set_time_limit(0);
//header('Content-Type: text/html; charset=' + $configObject->get('cfg_page_charset'));
$paperID = check_var('paperID', 'REQUEST', true, false, true);
$startdate = check_var('startdate', 'REQUEST', true, false, true);
$enddate = check_var('enddate', 'REQUEST', true, false, true);
$properties = PaperProperties::get_paper_properties_by_id($paperID, $mysqli, $string);
$questions = $properties->get_questions();
$paper_type = $properties->get_paper_type();
$error = false;
// Get the enhanced calculation questions on the paper.
$q_ids = array();
$result = $mysqli->prepare("SELECT question, settings FROM papers, questions WHERE papers.question = questions.q_id AND q_type = 'enhancedcalc' AND paper = ?");
$result->bind_param('i', $paperID);
$result->execute();
$result->bind_result($q_id, $settings);
while ($result->fetch()) {
$q_ids[$q_id] = $settings;
}
$result->close();
$possible = array();
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../../include/staff_auth.inc';
require '../../include/errors.inc';
$status = 'ERROR';
$paperID = check_var('paper_id', 'POST', true, false, true);
$q_id = check_var('q_id', 'POST', true, false, true);
$log_id = check_var('log_id', 'POST', true, false, true);
$marker_id = check_var('marker_id', 'POST', true, false, true);
$mark = check_var('mark', 'POST', true, false, true);
$comments = isset($_POST['comments']) ? $_POST['comments'] : '';
$phase = check_var('phase', 'POST', true, false, true);
$log = check_var('log', 'POST', true, false, true);
$user_id = check_var('user_id', 'POST', true, false, true);
$reminders = isset($_POST['reminders']) ? $_POST['reminders'] : '';
if ($mark != 'NULL') {
$sql = <<<QUERY
INSERT INTO textbox_marking (paperID, q_id, answer_id, markerID, mark, comments, date, phase, logtype, student_userID, reminders)
VALUES (?, ?, ?, ?, ?, ?, NOW(), ?, ?, ?, ?) ON DUPLICATE KEY UPDATE
markerID = ?, mark = ?, comments = ?, reminders = ?, date = NOW()
QUERY;
try {
$result = $mysqli->prepare($sql);
$x = $mysqli->error;
if ($result) {
$result->bind_param('iiiidsiiisidss', $paperID, $q_id, $log_id, $marker_id, $mark, $comments, $phase, $log, $user_id, $reminders, $marker_id, $mark, $comments, $reminders);
$result2 = $result->execute();
if ($result !== false) {
$status = 'OK';
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* Confirm that it is OK to proceed deleting a reference material.
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/staff_auth.inc';
require '../include/errors.inc';
$refID = check_var('refID', 'GET', true, false, true);
if (!refmaterials_utils::refmaterials_exist($refID, $mysqli)) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true);
}
$mysqli->close();
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta http-equiv="content-type" content="text/html;charset=<?php
echo $configObject->get('cfg_page_charset');
?>
" />
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* Delete a question(s) in the question bank.
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/staff_auth.inc';
require '../include/errors.inc';
require_once '../classes/questionutils.class.php';
$qIDs = check_var('q_id', 'POST', true, false, true);
if ($qIDs[0] == ',') {
$qIDs = substr($qIDs, 1);
}
$tmp_q_ids = explode(',', $_POST['q_id']);
$result = $mysqli->prepare("SELECT DISTINCT paper_title, paper, paper_type FROM (papers, properties) WHERE papers.paper = properties.property_id AND properties.deleted IS NULL AND question IN ({$qIDs})");
$result->execute();
$result->store_result();
$result->bind_result($paper_title, $paper, $paper_type);
$found = $result->num_rows;
$result->close();
if ($found == 0) {
// Only delete if the question is on zero papers.
for ($i = 1; $i < count($tmp_q_ids); $i++) {
$qID = $tmp_q_ids[$i];
QuestionUtils::delete_question($qID, $mysqli);
// This file is part of Rogō
//
// Rogō is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Rogō is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../../include/sysadmin_auth.inc';
// Only let SysAdmin staff delete pages.
require '../../include/errors.inc';
require_once '../../classes/helputils.class.php';
$originalID = check_var('id', 'GET', true, false, true);
$help_system = new OnlineHelp($userObject, $configObject, $string, $notice, 'staff', $language, $mysqli);
$help_system->delete_page($originalID);
$mysqli->close();
header("location: index.php?id=1");
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* Confirm that it is OK to proceed deleting a course.
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/sysadmin_auth.inc';
require '../include/errors.inc';
$courseID = check_var('courseID', 'GET', true, false, true);
$mysqli->close();
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta http-equiv="content-type" content="text/html;charset=<?php
echo $configObject->get('cfg_page_charset');
?>
" />
<title><?php
echo $string['confirmdelete'];
?>
</title>
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/staff_auth.inc';
require '../include/errors.inc';
ini_set("auto_detect_line_endings", true);
$modID = check_var('module', 'REQUEST', true, false, true);
if (isset($_POST['submit'])) {
$session = $_POST['session'];
$session_flag = false;
if ($_FILES['txtfile']['name'] != 'none' and $_FILES['txtfile']['name'] != '') {
if (!move_uploaded_file($_FILES['txtfile']['tmp_name'], $configObject->get('cfg_tmpdir') . $userObject->get_user_ID() . '_load_objectives.txt')) {
echo uploadError($_FILES['txtfile']['error']);
exit;
} else {
$result = $mysqli->prepare("SELECT MAX(obj_id) AS largest FROM objectives");
$result->execute();
$result->bind_result($largest);
$i = 0;
while ($result->fetch()) {
$obj_id = $largest + 1;
}
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* Delete a lab and all the client identifiers in it - Admin only.
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/admin_auth.inc';
require '../include/errors.inc';
$labID = check_var('labID', 'POST', true, false, true);
$lab_no = 0;
$result = $mysqli->prepare("SELECT name FROM labs WHERE id = ?");
$result->bind_param('i', $labID);
$result->execute();
$result->store_result();
$result->bind_result($lab_name);
$result->fetch();
$lab_no = $result->num_rows;
$result->close();
if ($lab_no == 0) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true);
}
$result = $mysqli->prepare("DELETE FROM client_identifiers WHERE lab = ?");
$result->bind_param('i', $labID);
<td valign=top>Message (<i>No HTML</i>):</td>
<td><textarea rows=10 cols=40 name=msg></textarea></td>
</tr>
<tr>
<td colspan=2>
<input type=hidden name=submitted value=1>
<input type=submit value="Add Entry">
</td>
</tr>
</table>
<form>
<?php
} else {
check_var('fullname');
check_var('msg');
check_var('email');
$res = mysql_query("insert into guestbook (name, email, msg, remote_host) values " . "('" . addslashes($_REQUEST['fullname']) . "', '" . addslashes($_REQUEST['email']) . "', '" . addslashes(htmlspecialchars($_REQUEST['msg'])) . "', '" . addslashes($_SERVER['REMOTE_ADDR']) . "') ");
if ($res === false) {
die("Cannot insert entry into guestbook: " . mysql_error() . "\n");
}
print "<b>Entry successfully added</b>\n";
}
?>
<hr>
<?php
/* Display entries */
$qh = mysql_query("select name, email, msg from guestbook order by entry_id desc");
if ($qh === false) {
die("Cannot select entries from guestbook: " . mysql_error() . "\n");
}
function disprow($id, $val)
*
* Copies a paper (e.g. properties table) and possibly the questions on the paper.
*
* @author Simon Wilkinson, Anthony Brown
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require_once '../include/staff_auth.inc';
require_once '../include/errors.inc';
require_once '../include/media.inc';
require_once '../include/mapping.inc';
require_once '../classes/question_status.class.php';
require_once '../classes/paperutils.class.php';
require_once '../classes/logger.class.php';
$paperid = check_var('paperID', 'POST', true, false, true);
if (!Paper_utils::paper_exists($paperid, $mysqli)) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true);
}
if (!Paper_utils::is_paper_title_unique($_POST['new_paper'], $mysqli)) {
// If the paper title is unique.
?>
<html>
<head>
<meta http-equiv="content-type" content="text/html;charset=<?php
echo $configObject->get('cfg_page_charset');
?>
" />
<title>Rogō</title>
<link rel="stylesheet" type="text/css" href="../css/body.css" />
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/staff_auth.inc';
require_once '../include/media.inc';
require_once '../include/errors.inc';
require_once '../classes/paperproperties.class.php';
require_once '../classes/folderutils.class.php';
$paperID = check_var('paperID', 'REQUEST', true, false, true);
$properties = PaperProperties::get_paper_properties_by_id($paperID, $mysqli, $string);
$paper_title = $properties->get_paper_title();
function saveResponseData($optID, $experts, $max_experts, $db)
{
$marks = $max_experts > 0 ? $experts / $max_experts : 0;
$stmt = $db->prepare("UPDATE options SET correct = ?, marks_correct = ? WHERE id_num = ?");
$stmt->bind_param('sdi', $experts, $marks, $optID);
$stmt->execute();
$stmt->close();
}
function display_question($question, &$question_no, $reviews, &$string, $db)
{
$question_no++;
if ($question['scenario'] != '') {
echo "<tr><td class=\"q_no\">" . $question_no . ". </td><td style=\"background-color:#E4EEFC; border-bottom:1px solid #B5C4DF; font-weight:bold; padding:2px; color:#000040\">{$string['clinicalvignette']}</td></tr>\n";
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/staff_auth.inc';
require_once '../include/errors.inc';
require_once '../classes/logger.class.php';
$userID = check_var('userID', 'GET', true, false, true);
$temp_userID = check_var('temp_userID', 'GET', true, false, true);
// Get start time of the paper.
$papers = array();
$paper_no = 0;
$result = $mysqli->prepare("SELECT DISTINCT paperID, started FROM log_metadata WHERE userID = ?");
$result->bind_param('i', $temp_userID);
$result->execute();
$result->bind_result($q_paper, $started);
while ($result->fetch()) {
$papers[$paper_no]['ID'] = $q_paper;
$papers[$paper_no]['started'] = $started;
$paper_no++;
}
$result->close();
// Get grade and student of the user.
$result = $mysqli->prepare("SELECT grade, yearofstudy, username FROM users WHERE id = ?");
/**
*
* Shows information on the currently selected user: name, username, email, etc
* plus the details of any taken assessment or survey. SysAdmin users also have the ability
* to edit personal details such as name, username, password, etc.
*
* @author Simon Wilkinson, Anthony Brown
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require_once '../include/sysadmin_auth.inc';
require_once '../include/errors.inc';
require_once '../include/demo_replace.inc';
require_once '../classes/userutils.class.php';
$userID = check_var('userID', 'GET', true, false, true);
$errors = false;
$user_details = UserUtils::get_user_details($userID, $mysqli);
if ($user_details === false) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true);
}
if (isset($_POST['submit']) and $_POST['username'] != $_POST['prev_username']) {
// Check new username is not already used. Overwriting usernames could screw up other accounts.
if (UserUtils::username_exists($_POST['username'], $mysqli)) {
$errors = 'Username exists';
}
}
if (isset($_POST['submit']) and !$errors) {
$cfg_web_root = $configObject->get('cfg_web_root');
if (!empty($_FILES['photofile']['name'])) {
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* @author Adam Clarke
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require_once '../include/staff_auth.inc';
require_once '../include/errors.inc';
require_once 'include/inc.php';
$file = check_var('file', 'GET', true, false, true);
$file = str_replace("..", "", $file);
$path = check_var('path', 'GET', true, false, true);
$path = str_replace("..", "", $path);
$title = check_var('path', 'GET', true, false, true);
$base_dir = $cfg_web_root . 'qti/exports/';
$accessfile = $base_dir . $path . "/access.xml";
if (!file_exists($accessfile)) {
exit;
}
$xmlStr = file_get_contents($accessfile);
$xml = simplexml_load_string($xmlStr);
if ($userObject->get_user_ID() != $xml->owner) {
exit;
}
$xmlfile = $base_dir . $path . "/" . $file;
$ext = strtolower(substr($file, strrpos($file, ".") + 1));
$filename = $file;
if ($title) {
$filename = CleanFileName($title) . "." . $ext;
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* Displays tasks for the papers frame (papers_menu.php).
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/sysadmin_auth.inc';
require '../include/errors.inc';
$errorID = check_var('errorID', 'GET', true, false, true);
$row_no = 0;
$result = $mysqli->prepare("SELECT sys_errors.id, auth_user, title, initials, surname, DATE_FORMAT(occurred,'%d/%m/%y %H:%i:%s'), userID, errtype, errstr, errfile, errline, php_self, query_string, request_method, DATE_FORMAT(fixed,'%d/%m/%y %H:%i:%s'), paperID, post_data, variables, backtrace FROM sys_errors LEFT JOIN users ON sys_errors.userID=users.id WHERE sys_errors.id=?");
$result->bind_param('i', $errorID);
$result->execute();
$result->store_result();
$result->bind_result($error_id, $auth_user, $title, $initials, $surname, $occurred, $uID, $errtype, $errstr, $errfile, $errline, $php_self, $query_string, $request_method, $fixed, $paperID, $post_data, $variables, $backtrace);
$row_no = $result->num_rows;
$result->fetch();
$result->close();
if ($row_no == 0) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true);
}
if (isset($_POST['submit'])) {
$result = $mysqli->prepare("UPDATE sys_errors SET fixed = NOW() WHERE errstr = ? AND errfile = ? AND errline = ?");
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../../include/staff_auth.inc';
require '../../include/errors.inc';
require '../../include/question_types.inc';
require_once '../../classes/questionutils.class.php';
require_once '../../classes/question_status.class.php';
$question_paper = check_var('question_paper', 'GET', true, false, true);
if (!Paper_utils::paper_exists($question_paper, $mysqli)) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../../artwork/page_not_found.png', '#C00000', true, true);
}
// Get question statuses
$status_array = QuestionStatus::get_all_statuses($mysqli, $string, true);
?>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta http-equiv="content-type" content="text/html;charset=<?php
echo $configObject->get('cfg_page_charset');
?>
" />
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require_once '../include/staff_auth.inc';
require_once '../include/icon_display.inc';
require_once '../include/sidebar_menu.inc';
require_once '../include/errors.inc';
require_once '../include/demo_replace.inc';
require_once '../classes/dateutils.class.php';
require_once '../classes/moduleutils.class.php';
require_once '../classes/folderutils.class.php';
require_once '../classes/paperutils.class.php';
require_once '../classes/stateutils.class.php';
require_once '../classes/questionbank.class.php';
$module = check_var('module', 'GET', true, false, true);
if ((int) $module != $module) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true);
}
$add_member = false;
if (!isset($module_details) and $_GET['module'] != '0') {
$module_details = module_utils::get_full_details_by_ID($module, $mysqli);
if (!$module_details) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true);
} elseif ($module_details['active'] == 0) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true);
}
} else {
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../../include/sysadmin_auth.inc';
require '../../include/errors.inc';
require_once '../../classes/helputils.class.php';
require_once '../../classes/userutils.class.php';
$pageid = check_var('id', 'REQUEST', true, false, true);
$help_system = new OnlineHelp($userObject, $configObject, $string, $notice, 'staff', $language, $mysqli);
header('Content-Type: text/html; charset=utf8');
$page_details = $help_system->get_page_details($pageid);
if ($page_details === false) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '/artwork/page_not_found.png', '#C00000', true, true);
}
if (isset($_POST['save_changes'])) {
// Update help file record
$tmp_body = $_POST['edit1'];
$tmp_title = $_POST['page_title'];
$tmp_roles = $_POST['page_roles'];
$help_system->save_page($tmp_title, $tmp_body, $tmp_roles, $pageid, $_POST['edit_id']);
$mysqli->close();
header("location: index.php?id={$pageid}");
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* Confirm that it is OK to proceed deleting a status.
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/sysadmin_auth.inc';
require_once '../include/errors.inc';
require_once '../classes/question_status.class.php';
require_once '../classes/questionutils.class.php';
$status_id = check_var('id', 'GET', true, false, true);
try {
$status = new QuestionStatus($mysqli, $string, $status_id);
} catch (DatabaseException $ex) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true);
}
$q_count = QuestionUtils::get_question_count_by_status($status_id, $mysqli);
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta http-equiv="content-type" content="text/html;charset=<?php
echo $configObject->get('cfg_page_charset');
?>
*/
require '../include/staff_auth.inc';
require '../include/print_functions.inc';
require '../include/media.inc';
require '../config/index.inc';
require_once '../include/errors.inc';
//HTML5 part
require_once '../lang/' . $language . '/question/edit/hotspot_correct.txt';
require_once '../lang/' . $language . '/question/edit/area.txt';
require_once '../lang/' . $language . '/paper/hotspot_answer.txt';
require_once '../lang/' . $language . '/paper/hotspot_question.txt';
require_once '../lang/' . $language . '/paper/label_answer.txt';
$jstring = $string;
//to pass it to JavaScript HTML5 modules
//HTML5 part
check_var('id', 'GET', true, false, false);
function randomQOverwrite(&$questions, $random_q_data, $paper_type, $user_answers, $current_screen, $q_no)
{
global $mysqli, $used_questions;
$selected_q_id = '';
if (isset($user_answers[$current_screen])) {
//match user's answers with random question ID.
$question_on_screen = array_keys($user_answers[$current_screen]);
$selected_q_id = current($question_on_screen);
for ($i = 1; $i < $q_no; $i++) {
$selected_q_id = next($question_on_screen);
}
}
if ($selected_q_id == '') {
// Generate a random question ID.
$random_q_no = count($random_q_data['options']);
* @version 1.0
* @copyright Copyright (c) 2013 The University of Nottingham
* @package
*/
require '../include/staff_auth.inc';
require_once '../include/sort.inc';
require_once '../lang/' . $language . '/include/question_types.inc';
require_once '../classes/stateutils.class.php';
require_once '../classes/moduleutils.class.php';
require_once '../classes/keywordutils.class.php';
require_once '../classes/dateutils.class.php';
require_once '../classes/question_status.class.php';
require_once '../classes/questionbank.class.php';
require_once '../classes/questionutils.class.php';
require_once '../include/errors.inc';
$type = check_var('type', 'GET', true, false, true);
$state = $stateutil->getState();
$_SESSION['nav_page'] = $_SERVER['SCRIPT_NAME'];
$_SESSION['nav_query'] = $_SERVER['QUERY_STRING'];
// Get question statuses
$status_array = QuestionStatus::get_all_statuses($mysqli, $string, true);
$statusSQL = '';
if (isset($_GET['status'])) {
$statusSQL = " AND status = " . $_GET['status'];
}
if (isset($_GET['userid'])) {
$userid = $_GET['userid'];
} else {
$userid = '';
}
if (isset($_GET['keyword'])) {
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* Confirm that it is OK to proceed deleting a school.
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/sysadmin_auth.inc';
require_once '../include/errors.inc';
require_once '../classes/schoolutils.class.php';
$schoolID = check_var('schoolID', 'GET', true, false, true);
if (!SchoolUtils::schoolid_exists($schoolID, $mysqli)) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true);
}
$mysqli->close();
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta http-equiv="content-type" content="text/html;charset=<?php
echo $configObject->get('cfg_page_charset');
?>
" />
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/sysadmin_auth.inc';
require_once '../include/errors.inc';
require_once '../classes/moduleutils.class.php';
require_once '../classes/logger.class.php';
check_var('moduleid', 'GET', true, false, false);
$module = module_utils::get_full_details_by_ID($_GET['moduleid'], $mysqli);
if ($module === false) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true);
}
$moduleid_in_use = false;
if (isset($_POST['submit']) and $_POST['modulecode'] != $_POST['old_modulecode']) {
// Check for unique moduleid
$new_modulecode = trim($_POST['modulecode']);
$moduleid_in_use = module_utils::module_exists($new_modulecode, $mysqli);
}
if (isset($_POST['submit']) and $moduleid_in_use == false) {
if (isset($_POST['active'])) {
$module['active'] = 1;
} else {
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require_once '../include/staff_auth.inc';
require_once '../include/icon_display.inc';
require_once '../include/sidebar_menu.inc';
require_once '../include/errors.inc';
require_once '../include/demo_replace.inc';
require_once '../classes/moduleutils.class.php';
require_once '../classes/folderutils.class.php';
require_once '../classes/stateutils.class.php';
require_once '../classes/paperutils.class.php';
$folder = check_var('folder', 'GET', true, false, true);
function getLastFolder($path)
{
$parts = explode(';', $path);
$part_no = count($parts);
if ($part_no > 0) {
return $parts[$part_no - 1];
} else {
return $parts[0];
}
}
$state = $stateutil->getState();
$folder_name = '';
$folder_type = '';
$file_no = 0;
// Folder security checks
