$returnStr = $enumLib->getUsers(isset($_REQUEST['searchstr']) ? $_REQUEST['searchstr'] : ''); break; case 'getuserbyid': include 'lib/EnumLib.php'; $enumLib = new EnumLib(); $returnStr = $enumLib->getUserByID($_REQUEST['id']); break; /////////////////////////////////////////////////////////////////////////////////////////////// // student management /////////////////////////////////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////////////////////////////// // student management /////////////////////////////////////////////////////////////////////////////////////////////// case 'newstudent': include 'lib/MediaLib.php'; $returnStr = $authlib->new_student($_REQUEST['student_fname'], $_REQUEST['student_lname'], $_REQUEST['student_num'], $_REQUEST['student_email'], $_REQUEST['student_cohort'], isset($_FILES['file']) ? $_FILES['file'] : null); break; case 'updatestudent': include 'lib/MediaLib.php'; $returnStr = $authlib->update_student($_REQUEST['studentID'], $_REQUEST['student_fname'], $_REQUEST['student_lname'], $_REQUEST['student_num'], $_REQUEST['student_email'], isset($_FILES['file']) ? $_FILES['file'] : null); break; case 'deletestudent': $returnStr = $authlib->delete_student($_REQUEST['id']); break; case 'uploadstudentbycsv': $returnStr = $authlib->upload_csv($_FILES['file']); break; case 'liststudents': include 'lib/EnumLib.php'; $enumLib = new EnumLib(); $returnStr = $enumLib->getStudents();
/** * Associate a list of students defined by a CSV list to an exam instance, checking with LDAP if necessary * @global type $CFG * @param type $id the examination instance * @param type $file teh CSV file. It needs to have the header 'studentid' * @return XML-formatted string containing a count of the successful operations, a count of the failed, or an error */ public function associateStudentsWithInstanceByCSV($id, $file) { session_start(); global $CFG; $i = 0; $length = 0; //$conn = mysqli_connect($CFG->db, $CFG->dbuser, $CFG->dbuserpass, $CFG->schema) or die('<data><error>failed connecting to database</error><detail>' . mysqli_error($conn) . '</detail></data>'); try { $conn = new PDO("mysql:host={$CFG->db};dbname={$CFG->schema}", $CFG->dbuser, $CFG->dbuserpass); } catch (PDOException $e) { die('<data><error>failed connecting to database</error><detail>' . $e->getMessage() . '</detail></data>'); } $isfirstrow = true; $studentnumrow = 0; $siterow = 0; $createsuccesscount = 0; $createfailcount = 0; $criticalerror = false; $criticalerrordetails = ""; if ($CFG->use_ldap_for_student_lookups == true) { // get it from LDAP $authlib = new authlib(); // set up LDAP connection $ldap = ldap_connect($CFG->student_ldap) or die('cannot connect to student directory'); $ldappassword = $CFG->student_ldap_adminpass; $ldaprdn = $CFG->student_ldap_adminuser . $CFG->student_ldap_account_suffix; ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); $bind = ldap_bind($ldap, $ldaprdn, $ldappassword); } // get CSV if (is_uploaded_file($file['tmp_name'])) { if (($handle = fopen($file['tmp_name'], "r")) !== FALSE) { // get the number of rows in the file $linecount = count(file($file['tmp_name'])); // get the rows using headers, check for sanity while (($data = fgetcsv($handle)) !== FALSE) { // print_r($data); if ($isfirstrow) { if (array_search('studentid', $data) !== false) { $studentnumrow = array_search('studentid', $data); } else { return '<data><error>Field header missing</error><detail>Needs to have a header called studentid</detail></data>'; } if (array_search('site', $data) !== false) { $siterow = array_search('site', $data); } else { return '<data><error>Field header missing</error><detail>Needs to have a header called site</detail></data>'; } $isfirstrow = false; } else { // we've got the header fields, do something with them // check that this student is already in the user table. If not, we'll have to check LDAP for an entry, and failing that we'll need to pass $query = "SELECT COUNT(*) as count FROM students WHERE studentnum = :studentnum"; $stmt = $conn->prepare($query); $stmt->bindValue(':studentnum', $data[$studentnumrow], PDO::PARAM_STR); $stmt->execute() or die('<data><error>check studente exist query failed</error><detail><![CDATA[' . var_dump($stmt->errorInfo()) . ']]></detail></data>'); // if it doesn't exist in the student table, *AND* we're getting it from LDAP if ($stmt->fetchObject()->count == 0) { if ($CFG->use_ldap_for_student_lookups == true) { // get it from LDAP $filter = "(&(objectCategory=person)({$CFG->student_ldap_searchfield}={$CFG->student_ldap_search_prefix}{$data[$studentnumrow]}{$CFG->student_ldap_search_suffix}))"; $result = ldap_search($ldap, $CFG->student_ldap_base_dn, $filter); // ldap_sort($ldap, $result, "sn"); $info = ldap_get_entries($ldap, $result); // print_r($info); // for ($i = 0; $i < $info["count"]; $i++) { if ($info['count'] > 0) { $criticalerror = false; // check student // $returnStr = "<fname>{$info[0][$CFG->student_ldap_fname][0]}</fname><lname>{$info[0][$CFG->student_ldap_lname][0]}</lname><email>{$info[0][$CFG->student_ldap_email][0]}</email>"; } else { $criticalerror = true; $criticalerrordetails .= 'The student ID ' . $studentnum . ' is not valid;'; } // $studentdata = simplexml_load_string($authlib->getStudentDetailsFromLDAP($data[$studentnumrow])); if (!$criticalerror) { // $createfailcount++; // insert it into the student table $insertresult = $authlib->new_student($info[0][$CFG->student_ldap_fname][0], $info[0][$CFG->student_ldap_lname][0], $data[$studentnumrow], $info[0][$CFG->student_ldap_email][0], 0); } else { $criticalerror = true; $criticalerrordetails .= 'The student ID ' . $data[$studentnumrow] . ' is not valid;'; } } $stmt->closeCursor(); // // set a progress variable as event $i++; echo round($i / $linecount * 100) . "%,"; ob_flush(); flush(); } else { // there's an entry in the student table, but is there an entry in LDAP? if ($CFG->use_ldap_for_student_lookups == true) { // a MASSIVE hack- send out to the world a status update $i++; echo round($i / $linecount * 100) . "%,"; ob_flush(); flush(); $filter = "({$CFG->student_ldap_searchfield}={$CFG->student_ldap_search_prefix}{$data[$studentnumrow]}{$CFG->student_ldap_search_suffix})"; $result = ldap_search($ldap, $CFG->student_ldap_base_dn, $filter); // ldap_sort($ldap, $result, "sn"); $info = ldap_get_entries($ldap, $result); // print_r($info); // for ($i = 0; $i < $info["count"]; $i++) { if ($info['count'] > 0) { $criticalerror = false; } if (isset($studentdata->error)) { $criticalerror = true; $criticalerrordetails .= 'No student with ID ' . $data[$studentnumrow] . ' in LDAP;'; $createfailcount++; } } } } // moving on... if (!$criticalerror) { // check that this student hasn't already been associated with this exam $query = "SELECT COUNT(*) as count FROM student_exam_instance_link WHERE students_ID = (SELECT ID FROM students WHERE studentnum = :studentnum) AND exam_instances_ID = :id"; $stmt = $conn->prepare($query); $stmt->bindValue(':studentnum', $data[$studentnumrow], PDO::PARAM_STR); $stmt->bindValue(':id', $id, PDO::PARAM_INT); $stmt->execute() or die('<data><error>check linkage query failed</error><detail><![CDATA[' . var_dump($stmt->errorInfo()) . ']]></detail></data>'); //$result = mysqli_query($conn, $query) or die('<data><error>check linkage query failed</error><detail>' . mysqli_error($conn) . $query . '</detail></data>'); if ($stmt->fetchObject()->count == 0) { $stmt->closeCursor(); $query = "SELECT ID FROM students WHERE studentnum = :studentnum"; // print($query); $stmt = $conn->prepare($query); $stmt->bindValue(':studentnum', $data[$studentnumrow], PDO::PARAM_STR); $stmt->execute() or die('<data><error>check student ID query failed</error><detail>' . $stmt->errorCode() . '</detail></data>'); //$result2 = mysqli_query($conn, $query) or die('<data><error>check student ID query failed</error><detail>' . mysqli_error($conn) . $query . '</detail></data>'); while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) { $studentid = $row['ID']; } if (isset($studentid)) { $enumlib = new EnumLib(); $resultXMLStr = $this->associateStudentsWithInstance($id, $studentid, $enumlib->getSiteIDByShortCode($data[$siterow])); $resultXML = simplexml_load_string($resultXMLStr); // print_r($resultXML); if ($resultXML->student[0]->id > 0) { $createsuccesscount++; } else { $createfailcount++; } } } } else { $createfailcount++; $criticalerror = false; } } } fclose($handle); } return ",<data><success>{$createsuccesscount}</success><fail>{$createfailcount}</fail>" . (strlen($criticalerrordetails) > 0 ? "<error><detail>{$criticalerrordetails}</detail></error>" : "") . "<report></report></data>"; }