Location: PHPKode > projects > Open SoCks > homework.php3
<?
// Copyright (C) 2000-2002 C├ędric Raguenaud (hide@address.com) for Napier University

// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation

// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.

// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.

// If you modify this file, please send me a copy.

/* Author: Cedric Raguenaud */
/* Version: 0.0.2 200202 */
/* 200202: added line breaks in display of comments */

include_once("config.php3");
include_once("core.php3");
include_once("people.inc");
include_once("conference.inc");

function displayHomework($homeworkid, $template) {
	global $config;
	global $prefix;
	global $moduleid;

	$template = str_replace("#PREFIX#", $prefix, $template);

	$db2 = new myDB($config["sqlserver"], $config["sqluser"], $config["sqlpassword"], $config["sqldatabase"]);
	if ($db2) {
		$query = "select * from homework as h, modules as m where h.homeworkid = '".$homeworkid."' and h.moduleid=m.moduleid order by student asc";
		$db2->setQuery($query);
		$r2 = $db2->executequery();
		if ($r2 >0) {
			if ($db2->hasMoreElements()) {
				$row2 = $db2->nextElement();
			}
		}

		$template = str_replace("#PAGE_TITLE#", "Homework submissions", $template);
		$template = str_replace("#HOMEWORKID#", $homeworkid, $template);

		$template = str_replace("#MODULE#", "<a href=".propagateAttributes("\"module.php3?op=onemodule&moduleid=".$row2["moduleid"])."\">".stripslashes($row2["moduleid"]).": ".stripslashes($row2["module_name"])."</a>", $template);
		$moduleid = $row2["moduleid"];
		$template = str_replace("#STUDENT#", stripslashes($row2["student"]), $template);
		$template = str_replace("#MARK#", stripslashes($row2["mark"]), $template);
		$template = str_replace("#DATE#", AmericanEnglishDate(stripslashes($row2["date"])), $template);
		$template = str_replace("#LECTURER_COMMENT#", str_replace("\n", "<br>", stripslashes($row2["lecturer_comment"])), $template);
		$template = str_replace("#STUDENT_COMMENT#", str_replace("\n", "<br>", stripslashes($row2["student_comment"])), $template);
		if ($row2["file_name"] != "")	{
			$template = str_replace("#MATERIAL#", "<a href=".propagateAttributes("\"homework.php3?op=gethomework&cloaking=no&homeworkid=".$row2["homeworkid"])."\">Homework</a> (".substr(stripslashes($row2["file_name"]), strpos(stripslashes($row2["file_name"]), ".")+1).")", $template);
		} else {
			$template = str_replace("#MATERIAL#", "", $template);
		}
		$db2->close();
	}
	return $template;
}

function displayAllHomeworks($moduleid, $template) {
	global $config;
	global $prefix;

	$template = str_replace("#PREFIX#", $prefix, $template);
	$db2 = new myDB($config["sqlserver"], $config["sqluser"], $config["sqlpassword"], $config["sqldatabase"]);
	if ($db2) {
		$query = "";
		$query = "select * from homework where moduleid='".$moduleid."' ";
		$query .= "order by student asc";
		$db2->setQuery($query);
		$r2 = $db2->executequery();
		if ($r2 >0) {
			$student = "";
			while ($db2->hasMoreElements()) {
				$row2 = $db2->nextElement();
				if (stripslashes($row2["student"]) != $student) {
					$display .= "<h3>Student: ".stripslashes($row2["student"])."</h3>";
					$student = stripslashes($row2["student"]);
				}
				$display .= "<a href=".propagateAttributes("\"homework.php3?op=onehomework&homeworkid=".$row2["homeworkid"])."\">Submission ".AmericanEnglishDate(stripslashes($row2["date"]))."</a><br><br>";
			}
		}
		$db2->close();
	}
	$template = str_replace("#HOMEWORKS#", $display, $template);
	return $template;
}

function displayHomeworkForEdit($homeworkid, $moduleid, $template) {
	global $config;
	global $prefix;

	$template = str_replace("#PREFIX#", $prefix, $template);
	$template = str_replace("#HOMEWORKID#", $homeworkid, $template);
	$template = str_replace("#MODULEID#", $moduleid, $template);

	$db2 = new myDB($config["sqlserver"], $config["sqluser"], $config["sqlpassword"], $config["sqldatabase"]);
	if ($db2) {
		$db2->setQuery("select * from homework where homeworkid = '".addslashes($homeworkid)."'");
		$r2 = $db2->executequery();
		if ($r2 >0) {
			if ($db2->hasMoreElements()) {
				$row2 = $db2->nextElement();
			}
		}

		$template = str_replace("#PAGE_TITLE#", "Homework submission", $template);

		$template = str_replace("#STUDENT#", stripslashes($row2["student"]), $template);
		$template = str_replace("#MARK#", stripslashes($row2["mark"]), $template);
		$template = str_replace("#DATE#", AmericanEnglishDate(stripslashes($row2["date"])), $template);
		$template = str_replace("#LECTURER_COMMENT#", stripslashes($row2["lecturer_comment"]), $template);
		$template = str_replace("#STUDENT_COMMENT#", stripslashes($row2["student_comment"]), $template);
		if ($row2["material"] != "")	{
			$template = str_replace("#MATERIAL#", "<a href=".propagateAttributes("\"homework.php3?op=gethomework&cloaking=no&homeworkid=".$row2["homeworkid"])."\">Material</a>", $template);
		} else {
			$template = str_replace("#MATERIAL#", "Material", $template);
		}

		$modules = "";
		$db = new myDB($config["sqlserver"], $config["sqluser"], $config["sqlpassword"], $config["sqldatabase"]);
		if ($db) {
			$db->setQuery("select * from modules where moduleid='".$moduleid."'");
			$r = $db->executequery();
			if ($r >0) {
				if ($db->hasMoreElements()) {
					$row = $db->nextElement();
					$modules = "<a href=".propagateAttributes("\"module.php3?op=onemodule&moduleid=".$row["moduleid"])."\">".stripslashes($row["moduleid"]).": ".stripslashes($row["module_name"])."</a>";
				}
			}
		}
		$template = str_replace("#MODULE#", $modules, $template);

	}
	$db2->close();
	return $template;
}

function saveNewHomework() {
	global $config;
	global $student;
	global $mark;
	global $date;
	global $lecturer_comment;
	global $student_comment;
	global $moduleid;
	global $material;
	global $material_name;

	$display = "";
	if ($date == "") {
		$date = date("d/m/Y",time());
	}

	$db = new myDB($config["sqlserver"], $config["sqluser"], $config["sqlpassword"], $config["sqldatabase"]);
	if ($db) {
		$homeworkid=getUniqueID("homework", "homeworkid");
		// We need to create it
		debug("Creating homework ".$homeworkid);
		$file = "";
		if (file_exists($material)) {
			$fp = fopen($material, 'r');
			if(!$fp) {
				debug("$errstr ($errno)");
			} else {
				while (! feof($fp)) {
					$file .= fread($fp, 40000);
				}
				fclose($fp);
			}
		}
		$db->setQuery("INSERT INTO homework (
			homeworkid,
			student,
			mark,
			date,
			lecturer_comment,
			student_comment,
			moduleid,
			material,
			file_name)
			VALUES (
			'".addSlashes($homeworkid)."',
			'".addSlashes($student)."',
			'".addSlashes($mark)."',
			'".addSlashes(AmericanEnglishDate($date))."',
			'".addSlashes($lecturer_comment)."',
			'".addSlashes($student_comment)."',
			'".addSlashes($moduleid)."',
			'".addSlashes($file)."',
			'".addSlashes($material_name)."')");
		$r = $db->executeQuery();
		if ($r >0) {
			debug("Homework ".$homeworkid." created");
		} else {
			debug("Homework ".$homeworkid." not created");
			$display .= "Homework ".$homeworkid." not created.<br>\n";
			debug(mysql_error());
		}
	} else {
		$display .= "Homework object not found.<br>\n";
	}
	return $display;
}

function saveHomework($homeworkid) {
	global $config;
	global $student;
	global $mark;
	global $date;
	global $lecturer_comment;
	global $student_comment;
	global $moduleid;
	global $material;
	global $material_name;

// Blob in my sql: -O max_allowed_packet=maxsize 

	$display = "";
	if ($date == "") {
		$date = date("d/m/Y",time());
	}

	$db2 = new myDB($config["sqlserver"], $config["sqluser"], $config["sqlpassword"], $config["sqldatabase"]);
	if ($db2) {
		$db2->setQuery("select * from homework where homeworkid = '".addslashes($homeworkid)."'");
		$r2 = $db2->executequery();
		if ($r2 >0) {
			if ($db2->hasMoreElements()) {
				$row2 = $db2->nextElement();

				// We need to create it
				debug("Updating homework ".$homeworkid);
				$file = "";
				$query="UPDATE homework SET 
					student='".addSlashes($student)."',
					mark='".addSlashes($mark)."',
					date='".addSlashes(AmericanEnglishDate($date))."',
					lecturer_comment='".addSlashes($lecturer_comment)."',
					student_comment='".addSlashes($student_comment)."',
					moduleid='".addSlashes($moduleid)."' ";

				if ($material_name != "") {
					if (file_exists($material)) {
						$fp = fopen($material, 'r');
						if(!$fp) {
							debug("$errstr ($errno)");
						} else {
							while (! feof($fp)) {
								$file .= fread($fp, 40000);
							}
							fclose($fp);
						}
					}
					$query .= ", materal='".addSlashes($file)."', file_name='".$material_name."'";
				}
				$query .= "WHERE homeworkid = '".addslashes($homeworkid)."'";
				$db2->setQuery($query);
				$r = $db2->executeQuery();
				if ($r>0) {
					debug("Homework ".$homeworkid." updated");
				} else {
					debug("Homework ".$homeworkid." not updated");
					$display .= "Homework ".$homeworkid." not updated.<br>\n";
					debug(mysql_error());
				}

			} else {
				$display .= "Homework object not found.<br>\n";
			}
		}
	}
	return $display;
}

function deleteHomework($homeworkid) {
	global $config;

	$db2 = new myDB($config["sqlserver"], $config["sqluser"], $config["sqlpassword"], $config["sqldatabase"]);
	if ($db2) {
		$db2->setQuery("DELETE from homework where homeworkid = '".addslashes($homeworkid)."'");
		$r2 = $db2->executequery();
		if ($r2 >0) {
			debug("Homework deleted");
			print("<br>Deleted<br>");
		} else {
			debug("Homework not deleted");
			print("<H1>Homework object not found</H1><br>\n");
		}
	}
}

function displayHomeworkDocument($homeworkid) {
	global $config;

	MYSQL_CONNECT( $config["sqlserver"], $config["sqluser"], $config["sqlpassword"]); 
	mysql_select_db( $config["sqldatabase"]); 
	$query = "select material, file_name from homework where homeworkid = '".addslashes($homeworkid)."'"; 
	$result = MYSQL_QUERY($query); 
	$data = MYSQL_RESULT($result,0, "material"); 
	$type = MYSQL_RESULT($result,0, "file_name"); 

	sendBinaryInformation($data, $type);
}

function displayOneHomework($homeworkid) {
	global $config;
	global $templatename;

	$disp = "";
	if ($templatename == "") {
		$templatename = "OneHomework";
	}
	$template = getTemplate($templatename);
	$disp = displayHomework($homeworkid, $template);
	return $disp;
}

function displayOneHomeworkForEdit($homeworkid, $moduleid) {
	global $config;
	global $templatename;

	$disp = "";
	if ($templatename == "") {
		$templatename = "OneHomeworkForEdit";
	}
	$template = getTemplate($templatename);
	$disp = displayHomeworkForEdit($homeworkid, $moduleid, $template);
	return $disp;
}

function displayAll($moduleid) {
	global $config;
	global $templatename;

	$disp = "";
	if ($templatename == "") {
		$templatename = "AllHomeworks";
	}
	$template = getTemplate($templatename);
	$disp = displayAllHomeworks($moduleid, $template);
	return $disp;
}

function isUserResponsibleForHomework($homeworkid) {
	global $config;
	global $HTTP_COOKIE_VARS;

	$temp = !1;
	if ($HTTP_COOKIE_VARS["username"]) {
		$db2 = new myDB($config["sqlserver"], $config["sqluser"], $config["sqlpassword"], $config["sqldatabase"]);
		if ($db2) {
			$db2->setQuery("select p.peopleid from homework as h, people as p, staff_in_timetable as s, module_timetables as m, modules as mod where h.homeworkid='".$homeworkid."' and m.moduleid=h.moduleid and s.slotid=m.slotid and m.moduleid=mod.moduleid and s.peopleid=p.peopleid and p.email = '".addslashes($HTTP_COOKIE_VARS["username"])."'");
			$r2 = $db2->executequery();
			if ($r2 >0) {
				if ($db2->hasMoreElements()) {
					$temp = 1;
				} else {
					$db2->setQuery("select p.peopleid from people as p, modules as mod where mod.moduleid='".$moduleid."' and mod.module_leader=p.peopleid and p.email = '".addslashes($HTTP_COOKIE_VARS["username"])."'");
					$r2 = $db2->executequery();
					if ($r2 >0) {
						if ($db2->hasMoreElements()) {
							$temp = 1;
						}
					}
				}
			}
				$db2->close();
		}
	}
	return $temp;
}

function isUserResponsibleForModule($moduleid) {
	global $config;
	global $HTTP_COOKIE_VARS;

	$temp = !1;
	if ($HTTP_COOKIE_VARS["username"]) {
		$db2 = new myDB($config["sqlserver"], $config["sqluser"], $config["sqlpassword"], $config["sqldatabase"]);
		if ($db2) {
			$db2->setQuery("select p.peopleid from people as p, staff_in_timetable as s, module_timetables as m, modules as mod where m.moduleid='".$moduleid."' and s.slotid=m.slotid and m.moduleid=mod.moduleid and s.peopleid=p.peopleid and p.email = '".addslashes($HTTP_COOKIE_VARS["username"])."'");
			$r2 = $db2->executequery();
			if ($r2 >0) {
				if ($db2->hasMoreElements()) {
					$temp = 1;
				} else {
					$db2->setQuery("select p.peopleid from people as p, modules as mod where mod.moduleid='".$moduleid."' and mod.module_leader=p.peopleid and p.email = '".addslashes($HTTP_COOKIE_VARS["username"])."'");
					$r2 = $db2->executequery();
					if ($r2 >0) {
						if ($db2->hasMoreElements()) {
							$temp = 1;
						}
					}
				}
			}
				$db2->close();
		}
	}
	return $temp;
}

if ($op=="onehomework") {
	debug("display one homework (".$homeworkid.")");
	printTop();
	if ((isUserAdmin() || isUserPublisher() || isUserResponsibleForHomework($homeworkid) || hasUserAbility("Modules")) && (isIntranet())) {
		print(manageLinks(displayOneHomework($homeworkid)));
		$display ="<br><br><hr><a href=".propagateAttributes("\"homework.php3?op=new&moduleid=".$moduleid)."\">New</a> <a href=".propagateAttributes("\"homework.php3?op=edit&homeworkid=".$homeworkid."&moduleid=".$moduleid);
		$display .= "\">Edit</a> <a href=".propagateAttributes("\"homework.php3?op=delete&homeworkid=".$homeworkid."&moduleid=".$moduleid)."\" onClick=\"if (confirm('Are you sure you want to delete this object?')) { return true; } else { return false; }\">Delete</a><br>";
		print(manageLinks($display));
	} else {
		notAuthorised();
	}
	printBottom();
} else 
if ($op=="new") {
	debug("Edit new homework");
	printTop();
	print(manageLinks(displayOneHomeworkForEdit("", $moduleid)));
	print(manageLinks("<br><br><hr><a href=".propagateAttributes("\"homework.php3?op=new&moduleid=".$moduleid)."\">New</a><br>"));
	printBottom();
} else 
if ($op=="edit") {
	debug("display one homework for save (".$homeworkid.")");
	printTop();
	if ((isUserAdmin() || isUserPublisher() || isUserResponsibleForHomework($homeworkid) || hasUserAbility("Modules")) && (isIntranet())) {
		print(manageLinks(displayOneHomeworkForEdit($homeworkid, $moduleid)));
		print(manageLinks("<br><br><hr><a href=".propagateAttributes("\"homework.php3?op=new&moduleid=".$moduleid)."\">New</a> <a href=".propagateAttributes("\"homework.php3?op=delete&homeworkid=".$homeworkid."&moduleid=".$moduleid)."\" onClick=\"if (confirm('Are you sure you want to delete this object?')) { return true; } else { return false; }\">Delete</a><br>"));
	} else {
		notAuthorised();
	}
	printBottom();
} else 
if ($op=="save") {
	debug("display one homework for edit (".$homeworkid.")");
	printTop();
	if ((isset($homeworkid)) && ($homeworkid != "")) {
		if ((isUserAdmin() || isUserPublisher() || isUserResponsibleForHomework($homeworkid) || hasUserAbility("Modules")) && (isIntranet())) {
			$results = saveHomework($homeworkid);
			if ($results == "") {
				print(manageLinks(displayOneHomeworkForEdit($homeworkid, $moduleid)));
			} else {
				print(manageLinks($results));
			}
		} else {
			notAuthorised();
		}
	} else {
		$results = saveNewHomework();
		if ($results == "") {
			print(manageLinks(displayOneHomeworkForEdit("", $moduleid)));
		} else {
			print(manageLinks($results));
		}
	}
	print(manageLinks("<br><br><hr><a href=".propagateAttributes("\"homework.php3?op=new&moduleid=".$moduleid)."\">New</a><br>"));
	printBottom();
} else 
if ($op=="delete") {
	debug("Delete one homework (".$homeworkid.")");
	printTop();
	if ((isUserAdmin() || isUserPublisher() || isUserResponsibleForHomework($homeworkid) || hasUserAbility("Modules")) && (isIntranet())) {
		DeleteHomework($homeworkid);
	} else {
		notAuthorised();
	}
	printBottom();
} else 
if ($op=="allhomeworks") {
	debug("display all homeworks");
	printTop();
	if ((isUserAdmin() || isUserPublisher() || isUserResponsibleForModule($moduleid) || hasUserAbility("Modules")) && (isIntranet())) {
		print(manageLinks(displayAll($moduleid)));
		print(manageLinks("<hr><a href=".propagateAttributes("\"homework.php3?op=new&moduleid=".$moduleid)."\">New</a><br><br>"));
	} else {
		notAuthorised();
	}
	printBottom();
} else 
if ($op=="gethomework") {
	debug("Display homework");
	displayHomeworkDocument($homeworkid);
} else {
	error404();
}

?>
Return current item: Open SoCks