Hello
parent
b4fc06db87
commit
7a41dbbbdf
|
@ -0,0 +1,75 @@
|
||||||
|
<?php
|
||||||
|
// Include shared subprograms
|
||||||
|
require "common/common.php";
|
||||||
|
|
||||||
|
// Only allow admins to view this page
|
||||||
|
auth(AUTH_ADMIN);
|
||||||
|
|
||||||
|
if ($_GET['id']=="user"){
|
||||||
|
$user = new User(null);
|
||||||
|
$user->username = $_POST['username'];
|
||||||
|
$user->firstname = $_POST['first'];
|
||||||
|
$user->surname = $_POST['sur'];
|
||||||
|
$user->password = md5($_POST['pass']);
|
||||||
|
$user->rank = $_POST['rank'];
|
||||||
|
$user->year = $_POST['year'];
|
||||||
|
$user->group = $_POST['group'];
|
||||||
|
$user->save();
|
||||||
|
header("location: admin.php");
|
||||||
|
die("");
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($_GET['id']=="increase"){
|
||||||
|
if ($_GET['con']==1){
|
||||||
|
$all_users = User::all();
|
||||||
|
foreach ($all_users as $user){
|
||||||
|
if (is_numeric($user->year)){
|
||||||
|
$user->year = $user->year + 1;
|
||||||
|
$user->save();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
header("location: admin.php");
|
||||||
|
die("");
|
||||||
|
}else{
|
||||||
|
showHeader("Are you sure?");?>
|
||||||
|
<h2>Are you sure?</h2>
|
||||||
|
|
||||||
|
<p>
|
||||||
|
This will increase all pupils years by 1.
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<a class="button" href="admin.php?id=increase&con=1">Increase all years</a> <a class="button" href="admin.php">Cancel</a>
|
||||||
|
<?php die("");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Show admin settings page
|
||||||
|
showHeader("Admin Settings");
|
||||||
|
?>
|
||||||
|
<h2>Admin Settings</h2>
|
||||||
|
|
||||||
|
<p>Please be careful in this section!</p>
|
||||||
|
|
||||||
|
<fieldset>
|
||||||
|
<legend>Danger Zone</legend>
|
||||||
|
<a href="admin.php?id=increase">Increase years</a>
|
||||||
|
</fieldset>
|
||||||
|
|
||||||
|
<form action="admin.php?id=user" method="post">
|
||||||
|
<fieldset>
|
||||||
|
<legend>Add User</legend>
|
||||||
|
<i>* - required</i><br>
|
||||||
|
* Firstname: <input type="text" name="first" required><br>
|
||||||
|
* Surname: <input type="text" name="sur" required><br>
|
||||||
|
* Username: <input type="text" name="username" required><br>
|
||||||
|
* Password: <input type="text" name="pass" value="password" required><br>
|
||||||
|
* Rank: <select name="rank">
|
||||||
|
<option value="1" selected>Pupil</option>";
|
||||||
|
<option value="2">Staff</option>";
|
||||||
|
<option value="3">Admin</option>";
|
||||||
|
</select><br>
|
||||||
|
Year: <input type="number" name="year" min=3 max=6 /><br>
|
||||||
|
Group: <input type="text" name="group" size=1 /><br><br>
|
||||||
|
<input type="submit" value="Create" />
|
||||||
|
</fieldset>
|
||||||
|
</form>
|
|
@ -64,7 +64,7 @@ function getAuthLabel($level){
|
||||||
return "pupil";
|
return "pupil";
|
||||||
else if ($level == AUTH_STAFF)
|
else if ($level == AUTH_STAFF)
|
||||||
return "staff";
|
return "staff";
|
||||||
else if ($level == AUTH_STAFF)
|
else if ($level == AUTH_ADMIN)
|
||||||
return "admin";
|
return "admin";
|
||||||
else
|
else
|
||||||
return "lvl($level)";
|
return "lvl($level)";
|
||||||
|
|
|
@ -42,6 +42,26 @@ class User {
|
||||||
return "{$res}";
|
return "{$res}";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Update existing record
|
||||||
|
private function update($id, $col, $value, $int=false){
|
||||||
|
// Update a field in an existing record
|
||||||
|
global $handle;
|
||||||
|
$res = "";
|
||||||
|
if ($int){
|
||||||
|
// Update integer field
|
||||||
|
if (!is_numeric($value)){
|
||||||
|
echo "<p>inputed value is not numeric! ($id, $col, $value, $int) </p>";
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
$res = "UPDATE user SET $col = $value WHERE userID = $id";
|
||||||
|
}else{
|
||||||
|
// Update string field
|
||||||
|
$res = "UPDATE user SET $col = '$value' WHERE userID = $id";
|
||||||
|
}
|
||||||
|
// Run update query
|
||||||
|
$handle->query($res) or die("<br><br>Query Error: ".mysqli_error($handle));
|
||||||
|
}
|
||||||
|
|
||||||
// Save the record
|
// Save the record
|
||||||
public function save(){
|
public function save(){
|
||||||
global $handle;
|
global $handle;
|
||||||
|
@ -55,35 +75,14 @@ class User {
|
||||||
$h->close();
|
$h->close();
|
||||||
$this->id = $handle->insert_id;
|
$this->id = $handle->insert_id;
|
||||||
}else{
|
}else{
|
||||||
// Update existing record
|
|
||||||
function update($id, $col, $value, $int=false){
|
|
||||||
// Update a field in an existing record
|
|
||||||
global $handle;
|
|
||||||
$res = "";
|
|
||||||
if ($int){
|
|
||||||
// Update integer field
|
|
||||||
if (!is_numeric($value)){
|
|
||||||
echo "<p>inputed value is not numeric! ($id, $col, $value, $int) </p>";
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
$res = "UPDATE user SET $col = $value WHERE userID = $id";
|
|
||||||
}else{
|
|
||||||
// Update string field
|
|
||||||
$res = "UPDATE user SET $col = '$value' WHERE userID = $id";
|
|
||||||
}
|
|
||||||
|
|
||||||
// Run update query
|
|
||||||
$handle->query($res) or die("<br><br>Query Error: ".mysqli_error($handle));
|
|
||||||
}
|
|
||||||
|
|
||||||
// Update each field using the function above
|
// Update each field using the function above
|
||||||
update($this->id,"username",$this->username,false);
|
$this->update($this->id,"username",$this->username,false);
|
||||||
update($this->id,"password",$this->password,false);
|
$this->update($this->id,"password",$this->password,false);
|
||||||
update($this->id,"firstname",$this->firstname,false);
|
$this->update($this->id,"firstname",$this->firstname,false);
|
||||||
update($this->id,"surname",$this->surname,false);
|
$this->update($this->id,"surname",$this->surname,false);
|
||||||
update($this->id,"year",$this->year,true);
|
$this->update($this->id,"year",$this->year,true);
|
||||||
update($this->id,"ugroup",$this->group,false);
|
$this->update($this->id,"ugroup",$this->group,false);
|
||||||
update($this->id,"rank",$this->rank,true);
|
$this->update($this->id,"rank",$this->rank,true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
17
index.php
17
index.php
|
@ -1,10 +1,14 @@
|
||||||
<?php
|
<?php
|
||||||
require "common/common.php";
|
require "common/common.php";
|
||||||
|
|
||||||
|
// Require log in
|
||||||
auth(AUTH_PUPIL);
|
auth(AUTH_PUPIL);
|
||||||
|
|
||||||
|
// Display page
|
||||||
showHeader("Dashboard");
|
showHeader("Dashboard");
|
||||||
|
|
||||||
|
|
||||||
|
// Display 404 - page not found message if necessary
|
||||||
if ($_GET['404']==1){
|
if ($_GET['404']==1){
|
||||||
?>
|
?>
|
||||||
<div style="background:red;color:white;padding:1em;margin:0.5em;margin-bottom:1em;border-radius:2px;">
|
<div style="background:red;color:white;padding:1em;margin:0.5em;margin-bottom:1em;border-radius:2px;">
|
||||||
|
@ -12,18 +16,25 @@ if ($_GET['404']==1){
|
||||||
</div>
|
</div>
|
||||||
<?php
|
<?php
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Show the dashboard
|
||||||
?>
|
?>
|
||||||
<h2>Dashboard</h2>
|
<h2>Dashboard</h2>
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
if ($current_user->isPupil()){
|
if ($current_user->isPupil()){
|
||||||
|
// Show pupil dash board
|
||||||
echo "<table id=\"testlist\">";
|
echo "<table id=\"testlist\">";
|
||||||
$ass = $current_user->tests();
|
|
||||||
|
|
||||||
|
// Get all assignments this pupil has
|
||||||
|
$ass = $current_user->tests();
|
||||||
foreach ($ass as $a){
|
foreach ($ass as $a){
|
||||||
|
// Look for submitted results from this pupil, for the test.
|
||||||
|
// ie: see if the pupil has done this test yet
|
||||||
$res = Score::getfromusertest($current_user->id,$a->testID);
|
$res = Score::getfromusertest($current_user->id,$a->testID);
|
||||||
echo "<tr><td>".$a->test()->title."</td><td class=\"take\" style=\"width:120px;\">";
|
echo "<tr><td>".$a->test()->title."</td><td class=\"take\" style=\"width:120px;\">";
|
||||||
|
|
||||||
|
// Show correct button - retake or take.
|
||||||
if (!$res || count($res)==0)
|
if (!$res || count($res)==0)
|
||||||
echo "<a class=\"button\" href=\"".burl("test/take.php?id=".$a->test()->id)."\">Take</a>";
|
echo "<a class=\"button\" href=\"".burl("test/take.php?id=".$a->test()->id)."\">Take</a>";
|
||||||
else
|
else
|
||||||
|
@ -32,6 +43,7 @@ if ($current_user->isPupil()){
|
||||||
echo "</td></tr>";
|
echo "</td></tr>";
|
||||||
}
|
}
|
||||||
}else if ($current_user->isStaff()){
|
}else if ($current_user->isStaff()){
|
||||||
|
// Show staff dash board
|
||||||
?>
|
?>
|
||||||
<div class="dashbox">
|
<div class="dashbox">
|
||||||
<div class="dashbox_title">
|
<div class="dashbox_title">
|
||||||
|
@ -42,7 +54,8 @@ if ($current_user->isPupil()){
|
||||||
<li><a href="<?php echo burl("users.php?rank=1");?>">Pupils</a></li>
|
<li><a href="<?php echo burl("users.php?rank=1");?>">Pupils</a></li>
|
||||||
<li><a href="<?php echo burl("test/?user=".$current_user->id);?>">My Tests</a></li>
|
<li><a href="<?php echo burl("test/?user=".$current_user->id);?>">My Tests</a></li>
|
||||||
<?php
|
<?php
|
||||||
echo "\t\t\t<li><a href=\"".burl("admin.php")."\">Admin Tools</a></li>";
|
if ($current_user->isAdmin())
|
||||||
|
echo "\t\t\t<li><a href=\"".burl("admin.php")."\">Admin Tools</a></li>";
|
||||||
?>
|
?>
|
||||||
|
|
||||||
</ul>
|
</ul>
|
||||||
|
|
17
login.php
17
login.php
|
@ -1,38 +1,33 @@
|
||||||
<?php
|
<?php
|
||||||
require "common/common.php";
|
require "common/common.php";
|
||||||
|
|
||||||
|
// Check for submissions
|
||||||
if ($_POST['submitted']=="true"){
|
if ($_POST['submitted']=="true"){
|
||||||
|
// Check username and password
|
||||||
$user = User::getUsername($_POST['username']);
|
$user = User::getUsername($_POST['username']);
|
||||||
if ($user){
|
if ($user){
|
||||||
|
// hash password to be checked against database
|
||||||
$hash = md5($_POST['password']);
|
$hash = md5($_POST['password']);
|
||||||
if ($hash == $user->password){
|
if ($hash == $user->password){
|
||||||
|
// Log user in
|
||||||
$_SESSION['user'] = $user->username;
|
$_SESSION['user'] = $user->username;
|
||||||
header("location: index.php");
|
header("location: index.php");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Show page
|
||||||
showHeader("Log in");
|
showHeader("Log in");
|
||||||
?>
|
?>
|
||||||
<form action="login.php" method="post">
|
<form action="login.php" method="post">
|
||||||
<input type="hidden" name="submitted" value="true" />
|
<input type="hidden" name="submitted" value="true" />
|
||||||
<?php
|
<?php
|
||||||
if ($_POST['submitted']=="true"){
|
if ($_POST['submitted']=="true"){
|
||||||
|
// Show wrong username / password message
|
||||||
echo "<span style=\"color:red;\">Wrong username / password</span><br>";
|
echo "<span style=\"color:red;\">Wrong username / password</span><br>";
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
Username: <input type="test" name="username"><br>
|
Username: <input type="test" name="username"><br>
|
||||||
Password: <input type="password" name="password"><br>
|
Password: <input type="password" name="password"><br>
|
||||||
<input type="submit" value="Log in">
|
<input type="submit" value="Log in">
|
||||||
|
|
||||||
<p>
|
|
||||||
<b>Admins:</b> aw<br />
|
|
||||||
<b>Staff:</b> ad<br />
|
|
||||||
<b>Pupils:</b> to, rt, mp
|
|
||||||
|
|
||||||
<p>
|
|
||||||
<b>Password:</b> pass
|
|
||||||
</p>
|
|
||||||
</p>
|
|
||||||
</form>
|
</form>
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
<?php
|
<?php
|
||||||
|
// Log user out
|
||||||
session_start();
|
session_start();
|
||||||
session_destroy();
|
session_destroy();
|
||||||
|
|
||||||
header("location: index.php");
|
// Redirect to the login page
|
||||||
|
header("location: login.php");
|
65
profile.php
65
profile.php
|
@ -2,6 +2,7 @@
|
||||||
// Include shared subprograms
|
// Include shared subprograms
|
||||||
require "common/common.php";
|
require "common/common.php";
|
||||||
|
|
||||||
|
// Get the user whose profile we are going to show
|
||||||
$user = 0;
|
$user = 0;
|
||||||
if (!$_GET['id'] || $current_user->id == $_GET['id']){
|
if (!$_GET['id'] || $current_user->id == $_GET['id']){
|
||||||
$user = $current_user;
|
$user = $current_user;
|
||||||
|
@ -15,26 +16,70 @@ if (!$_GET['id'] || $current_user->id == $_GET['id']){
|
||||||
msgscrn("User not found","The user does not exist.","","rc");
|
msgscrn("User not found","The user does not exist.","","rc");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Change the user's password, if requested.
|
||||||
|
if ( ($_GET['edit']==1) && ($_POST['submitted']==1) && ($user->id == $current_user->id || $current_user->isAdmin()) ){
|
||||||
|
// Check that the old password given is correct.
|
||||||
|
// Admins editing other user's passwords do not need this
|
||||||
|
if ($current_user->id == $user->id){
|
||||||
|
$hashed = md5($_POST['old']);
|
||||||
|
if ($user->password != $hashed){
|
||||||
|
// Show error page
|
||||||
|
header("location: profile.php?id={$user->id}&edit=1&failed=1");
|
||||||
|
die("");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// Check that the new passwords match
|
||||||
|
if ($_POST['new'] == $_POST['confirm'] && $_POST['new']!=""){
|
||||||
|
// Change password
|
||||||
|
$user->password = md5($_POST["new"]);
|
||||||
|
$user->save();
|
||||||
|
|
||||||
|
// Go back to the profile page
|
||||||
|
header("location: profile.php?id={$user->id}");
|
||||||
|
die("");
|
||||||
|
}
|
||||||
|
// Show error page
|
||||||
|
header("location: profile.php?id={$user->id}&edit=1&failed=1");
|
||||||
|
die("");
|
||||||
|
}
|
||||||
|
|
||||||
// Show test player page
|
// Show test player page
|
||||||
showHeader($user->firstname." ".$user->surname." - Profile");
|
showHeader($user->firstname." ".$user->surname." - Profile");
|
||||||
|
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<h1><?php echo $user->firstname;?> <?php echo $user->surname;?></h1>
|
<h1><?php echo $user->firstname;?> <?php echo $user->surname;?></h1>
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
function prof($one,$two){
|
// This function is an easy way of outputing the user's details
|
||||||
if ($two)
|
function profile_row($name,$value){
|
||||||
echo "$one: $two<br />\n";
|
if ($value)
|
||||||
|
echo "$name: $value<br />\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
prof("Username", $user->username);
|
profile_row("Username", $user->username);
|
||||||
prof("Year", $user->year);
|
profile_row("Year", $user->year);
|
||||||
prof("Group", $user->group);
|
profile_row("Group", $user->group);
|
||||||
|
|
||||||
echo "<p>";
|
echo "<p>";
|
||||||
if ($user->id == $current_user->id || $current_user->isAdmin())
|
if ($user->id == $current_user->id || $current_user->isAdmin()){
|
||||||
echo "<a class=\"button\" href=\"profile.php?id={$user->id}&edit=1\">Edit</a>";
|
if ($_GET['edit']==1){
|
||||||
|
?>
|
||||||
|
<form action="<?php echo "profile.php?id={$user->id}&edit=1";?>" method="post">
|
||||||
|
<input type="hidden" value="1" name="submitted" />
|
||||||
|
<?php if ($_GET['failed']==1) echo "<p style=\"color:red;\">Failed to change password.</p>";
|
||||||
|
if ($current_user->id == $user->id){ ?>
|
||||||
|
Old password: <input type="password" name="old" /><br>
|
||||||
|
<?php } ?>
|
||||||
|
New password: <input type="password" name="new" /><br>
|
||||||
|
Confirm new password: <input type="password" name="confirm" /><br>
|
||||||
|
<input type="submit" value="Save">
|
||||||
|
</form>
|
||||||
|
</p><p>
|
||||||
|
<?php
|
||||||
|
}else{
|
||||||
|
echo "<a class=\"button\" href=\"profile.php?id={$user->id}&edit=1\">Edit</a>";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if ($user->isPupil())
|
if ($user->isPupil())
|
||||||
echo " <a class=\"button\" href=\"report.php?id={$user->id}\">View Report</a>";
|
echo " <a class=\"button\" href=\"report.php?id={$user->id}\">View Report</a>";
|
||||||
echo "</p>";
|
echo "</p>";
|
||||||
|
|
|
@ -8,36 +8,43 @@ auth(AUTH_PUPIL);
|
||||||
// Load Test details from database
|
// Load Test details from database
|
||||||
$test = Test::get($_GET['id']);
|
$test = Test::get($_GET['id']);
|
||||||
|
|
||||||
|
// Check that test exists
|
||||||
if (!$test)
|
if (!$test)
|
||||||
msgscrn("Test not found","Test could not be found","","");
|
msgscrn("Test not found","Test could not be found","","");
|
||||||
|
|
||||||
|
// Get author of test
|
||||||
$author = User::get($test->userID);
|
$author = User::get($test->userID);
|
||||||
|
|
||||||
|
// Show page
|
||||||
|
|
||||||
// Show test player page
|
|
||||||
showHeader($test->title." - Results");
|
showHeader($test->title." - Results");
|
||||||
|
|
||||||
echo "<h2>".$test->title."</h2>";
|
echo "<h2>".$test->title."</h2>";
|
||||||
|
|
||||||
echo "<p>Created on ".$test->datecreated;
|
echo "<p>Created on ".$test->datecreated;
|
||||||
|
|
||||||
if ($author)
|
if ($author)
|
||||||
echo " by ".$author->firstname ." ". $author->surname;
|
echo " by ".$author->firstname ." ". $author->surname;
|
||||||
|
|
||||||
echo "</p>";
|
echo "</p>";
|
||||||
|
|
||||||
// Show user test submissions
|
// Show user test submissions
|
||||||
if ($current_user->rank == 1 || $_GET['user']){
|
if ($current_user->rank == 1 || $_GET['user']){
|
||||||
|
// Get the id of the pupil whose results we are looking at
|
||||||
$search_id = ($current_user->rank == 1) ? $current_user->id : $_GET['user'];
|
$search_id = ($current_user->rank == 1) ? $current_user->id : $_GET['user'];
|
||||||
$me = Score::_search("WHERE userID = $search_id AND testID = {$test->id} ORDER BY scoreID desc");
|
|
||||||
if (count($me)<1){
|
// Get results
|
||||||
echo ($search_id == $current_user->id) ? "You have not taken this test yet.":"The pupil has not taken this test yet.";
|
$myres = Score::_search("WHERE userID = $search_id AND testID = {$test->id} ORDER BY scoreID desc");
|
||||||
|
|
||||||
|
if (count($myres)<1){
|
||||||
|
// They have not taken this test yet, display message
|
||||||
|
if ($search_id == $current_user->id)
|
||||||
|
echo "You have not taken this test yet.";
|
||||||
|
else
|
||||||
|
echo "The pupil has not taken this test yet.";
|
||||||
|
|
||||||
|
// Show appropriate buttons
|
||||||
if($current_user->rank > 1)
|
if($current_user->rank > 1)
|
||||||
echo "<p><a href=\"view.php?id={$test->id}\" class=\"button\">Back</a></p>";
|
echo "<p><a href=\"view.php?id={$test->id}\" class=\"button\">Back</a></p>";
|
||||||
else
|
else
|
||||||
echo "<p><a href=\"take.php?id={$test->id}\" class=\"button\">Take test</a></p>";
|
echo "<p><a href=\"take.php?id={$test->id}\" class=\"button\">Take test</a></p>";
|
||||||
}else{
|
}else{
|
||||||
|
// Display messages, and table start
|
||||||
echo "<p>Each row in this table is an attempt at the test. The latest attempt is at the top</p>";
|
echo "<p>Each row in this table is an attempt at the test. The latest attempt is at the top</p>";
|
||||||
if ($_GET['latest']==1){
|
if ($_GET['latest']==1){
|
||||||
?>
|
?>
|
||||||
|
@ -51,8 +58,12 @@ if ($current_user->rank == 1 || $_GET['user']){
|
||||||
}
|
}
|
||||||
echo "<table class=\"resultTable\">";
|
echo "<table class=\"resultTable\">";
|
||||||
echo "<tr><th>Score</th><th>Incorrect words</th></tr>";
|
echo "<tr><th>Score</th><th>Incorrect words</th></tr>";
|
||||||
foreach($me as $s){
|
|
||||||
|
// Loop through scores
|
||||||
|
foreach($myres as $s){
|
||||||
echo "<tr><td>{$s->score}</td><td>";
|
echo "<tr><td>{$s->score}</td><td>";
|
||||||
|
|
||||||
|
// Get the words they got wrong, and print them.
|
||||||
$ww = $s->wrongWords();
|
$ww = $s->wrongWords();
|
||||||
if ($ww){
|
if ($ww){
|
||||||
echo "<span style=\"color:red\">";
|
echo "<span style=\"color:red\">";
|
||||||
|
@ -61,7 +72,7 @@ if ($current_user->rank == 1 || $_GET['user']){
|
||||||
if ($comma)
|
if ($comma)
|
||||||
echo ", ";
|
echo ", ";
|
||||||
|
|
||||||
echo $w->word;
|
echo "'".$w->word."'";
|
||||||
$comma = true;
|
$comma = true;
|
||||||
}
|
}
|
||||||
echo "</span>";
|
echo "</span>";
|
||||||
|
@ -72,28 +83,33 @@ if ($current_user->rank == 1 || $_GET['user']){
|
||||||
}
|
}
|
||||||
echo "</table>";
|
echo "</table>";
|
||||||
|
|
||||||
|
// Display appropriate buttons
|
||||||
if($current_user->rank > 1)
|
if($current_user->rank > 1)
|
||||||
echo "<p><a href=\"view.php?id={$test->id}\" class=\"button\">Back</a>";
|
echo "<p><a href=\"view.php?id={$test->id}\" class=\"button\">Back</a>";
|
||||||
else
|
else
|
||||||
echo "<p><a href=\"take.php?id={$test->id}\" class=\"button\">Retake test</a>";
|
echo "<p><a href=\"take.php?id={$test->id}\" class=\"button\">Retake test</a>";
|
||||||
|
|
||||||
echo "<a href=\"../report.php?id=$search_id\" class=\"button\">View Report</a></p>";
|
echo "<a href=\"../report.php?id=$search_id\" class=\"button\">View Report</a></p>";
|
||||||
}
|
}
|
||||||
}else if($current_user->rank > 1){
|
}else if($current_user->rank > 1){
|
||||||
|
// Get users that this test applies to
|
||||||
$users = $test->users();
|
$users = $test->users();
|
||||||
if (!$users || count($users)<1){
|
if (!$users || count($users)<1){
|
||||||
|
// Display message
|
||||||
echo "No pupils are to take this test<br>";
|
echo "No pupils are to take this test<br>";
|
||||||
}else{
|
}else{
|
||||||
|
// Display table head
|
||||||
echo "<table class=\"resultTable\">";
|
echo "<table class=\"resultTable\">";
|
||||||
echo "<tr><th>User</th><th>Score</th><th>Attempts</td><th></th></tr>";
|
echo "<tr><th>User</th><th>Score</th><th>Attempts</td><th></th></tr>";
|
||||||
|
|
||||||
|
// Loop through users
|
||||||
foreach($users as $u){
|
foreach($users as $u){
|
||||||
echo "<tr><td>{$u->surname} {$u->firstname}</td>";
|
echo "<tr><td>{$u->surname} {$u->firstname}</td>";
|
||||||
|
|
||||||
|
// Declare score here, so it is in the correct scope
|
||||||
$score = -1;
|
$score = -1;
|
||||||
|
|
||||||
// Load score submissions
|
// Load score submissions
|
||||||
$scr = Score::_search("WHERE userID = {$u->id} AND testID = {$test->id}");
|
$scr = Score::_search("WHERE userID = {$u->id} AND testID = {$test->id}");
|
||||||
|
|
||||||
if ($scr){
|
if ($scr){
|
||||||
foreach ($scr as $s){
|
foreach ($scr as $s){
|
||||||
if ($s->score > $score || $score == -1){
|
if ($s->score > $score || $score == -1){
|
||||||
|
@ -102,6 +118,7 @@ if ($current_user->rank == 1 || $_GET['user']){
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Display score and attempts
|
||||||
if (!$scr || count($scr)<1){
|
if (!$scr || count($scr)<1){
|
||||||
echo "<td style=\"background:red;color:white;\" colspan=2>Test not taken yet!</td>";
|
echo "<td style=\"background:red;color:white;\" colspan=2>Test not taken yet!</td>";
|
||||||
}else{
|
}else{
|
||||||
|
|
12
users.php
12
users.php
|
@ -12,16 +12,18 @@ $rank = $_GET['rank'];
|
||||||
if (($year!=null && !is_numeric($year)) || ($rank!=null && !is_numeric($rank)))
|
if (($year!=null && !is_numeric($year)) || ($rank!=null && !is_numeric($rank)))
|
||||||
msgscrn("Query blocked","Your search terms are invalid.","","");
|
msgscrn("Query blocked","Your search terms are invalid.","","");
|
||||||
|
|
||||||
$q = "";
|
$query = "";
|
||||||
|
|
||||||
|
// Add surname filter to query
|
||||||
if ($surname)
|
if ($surname)
|
||||||
$q .= "surname LIKE '$surname'";
|
$query .= "surname LIKE '$surname'";
|
||||||
|
|
||||||
|
// Add rank filter to query
|
||||||
if ($rank)
|
if ($rank)
|
||||||
$q .= (($q!="")?" AND ":"") . "rank = $rank"; // The ? here adds ' AND ' if there was a previous condition
|
$query .= (($query!="")?" AND ":"") . "rank = $rank"; // The ? here adds ' AND ' if there was a previous condition
|
||||||
|
|
||||||
// Get tests
|
// Get tests
|
||||||
$users = User::_search( ($q!="")? "WHERE $q" : "" ); // The ? here adds 'WHERE' if there is a query
|
$users = User::_search( ($query!="")? "WHERE $query" : "" ); // The ? here adds 'WHERE' if there is a query
|
||||||
|
|
||||||
// Show test player page
|
// Show test player page
|
||||||
showHeader("User Search");
|
showHeader("User Search");
|
||||||
|
@ -40,8 +42,10 @@ echo "</select><br>\n";
|
||||||
echo "<input type=\"submit\" value=\"Filter\">";
|
echo "<input type=\"submit\" value=\"Filter\">";
|
||||||
echo "</fieldset></form><br>\n";
|
echo "</fieldset></form><br>\n";
|
||||||
|
|
||||||
|
// Display table head
|
||||||
echo "<table class=\"resultTable\"><tr><th width=\"50%\">Name</th><th style=\"width: 10%;\">Year</th><th style=\"width:10%;\">Group</th><th style=\"width:30%;\">Controls</th></tr>\n";
|
echo "<table class=\"resultTable\"><tr><th width=\"50%\">Name</th><th style=\"width: 10%;\">Year</th><th style=\"width:10%;\">Group</th><th style=\"width:30%;\">Controls</th></tr>\n";
|
||||||
|
|
||||||
|
// Loop through users
|
||||||
foreach ($users as $u){
|
foreach ($users as $u){
|
||||||
echo "<tr><td>{$u->surname}, {$u->firstname}</td><td>{$u->year}</td><td>{$u->group}</td><td><a href=\"profile.php?id={$u->id}\" class=\"button\">Profile</a></td></tr>\n";
|
echo "<tr><td>{$u->surname}, {$u->firstname}</td><td>{$u->year}</td><td>{$u->group}</td><td><a href=\"profile.php?id={$u->id}\" class=\"button\">Profile</a></td></tr>\n";
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue