/lenasys/0.1 : contents of DuggaSys/quizAjax/answerQuiz.php at revision 15

: (revision 15)

To get this branch, use:

bzr branch
http://gegoxaren.bato24.eu/bzr/lenasys/0.1

<?php
////Handels quiz answers 
////Parameters: loginName, courseName, courseOccasion, quizNr, quizAnswer
////If autoCorrection==false the answer is stored without checking
////Else the quiz answer is checked for correctness, 
////	if incorrect -> the answer is not stored
////    else -> stored 

session_start();
//Check if the sent login name is the same as the one stored in the session
if($_POST['loginName']==$_SESSION['loginName'] && $_POST['courseName']==$_SESSION['courseName'] && $_POST['quizNr']==$_SESSION['quizNr']) { 
	include "../../php/dbconnect.php";
	//Store answer and loginName+answer hash
	function storeAnswer($loginName,$courseName,$courseOccasion,$quizNr,$qVarRr,$quizAnswer,$grade,$gradeComment,$ip,$userAgent,$pdo) {
		$updateQuery="UPDATE AssignedQuizzes 
					  SET AssignedQuizzes.answer=:ANSWER, 
						  AssignedQuizzes.answerHash=:ANSWERHASH, 
						  AssignedQuizzes.grade=:GRADE, 
						  AssignedQuizzes.gradeComment=:GRADECOMMENT, 
						  AssignedQuizzes.answeredDateTime=:DATETIME,
						  AssignedQuizzes.userAgent=:AGENT,
						  AssignedQuizzes.userIP=:IP
					  WHERE AssignedQuizzes.ssn=(SELECT Student.ssn FROM Student WHERE Student.loginName=:LOGIN)
						AND AssignedQuizzes.quizNr=:QNR
						AND AssignedQuizzes.quizCourseName=:CNAME
						AND AssignedQuizzes.courseOccasion=:COCCASION;";
		$updateStmt = $pdo->prepare($updateQuery);
		$updateStmt->bindParam(':LOGIN', $loginName);
		$updateStmt->bindParam(':CNAME', $courseName);
		$updateStmt->bindParam(':QNR', $quizNr);
		$updateStmt->bindParam(':COCCASION', $courseOccasion);
		$updateStmt->bindParam(':ANSWER', $quizAnswer);
		$hashedAnswer=md5($loginName.$quizAnswer);
		$updateStmt->bindParam(':ANSWERHASH', $hashedAnswer);
		$updateStmt->bindParam(':GRADE', $grade);
		$updateStmt->bindParam(':GRADECOMMENT', $gradeComment);
		$now=new DateTime();
		$dateString=$now->format('Y-m-d H:i:s');
		$updateStmt->bindParam(':DATETIME', $dateString); // date and time formated to string e.g. "2012-08-23 08:59:00"
		$updateStmt->bindParam(':IP',$ip);
		$updateStmt->bindParam(':AGENT',$userAgent);
		
		return $updateStmt->execute();
	}


	//Prevents browsers (IE) from caching the response
	header('Cache-Control: no-cache, must-revalidate');
	header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
	header('Content-type: application/json; charset=utf-8'); 

	
	
	//TODO: Store ALL answer attempts in answerlog
	// CREATE TABLE AssignedQuizzesAnswerLog(
    // ssn CHAR(11), /*YYMMDD-XXXX*/
	// loginName VARCHAR(50),
    // quizNr INTEGER,
    // qVarNr INTEGER,
    // quizCourseName VARCHAR(200),
	// courseOccasion VARCHAR(25),
    // answerHash VARCHAR(255), /*Hash of Student login name + answer */
    // answer TEXT,
	// grade VARCHAR(10),
	// gradeComment TEXT,
	// answeredDateTime TIMESTAMP,
    // userAgent VARCHAR(1024), /*$_SERVER['HTTP_USER_AGENT']*/
    // userIP VARCHAR(20) /*$_SERVER['REMOTE_ADDR']*/
	// ) ENGINE=INNODB CHARACTER SET utf8 COLLATE utf8_swedish_ci;
	$insertString = "INSERT INTO AssignedQuizzesAnswerLog(
							ssn,
							loginName,
							quizNr,
							qVarNr,
							quizCourseName,
							courseOccasion,
							answerHash,
							answer,
							grade,
							gradeComment,
							answeredDateTime,
							userAgent,
							userIP) 
							VALUES(
							(SELECT Student.ssn FROM Student WHERE Student.loginName=:LOGIN),
							:LOGIN,
							:QNR,
							(SELECT AssignedQuizzes.qVarNr 
							 FROM AssignedQuizzes, Student 
							 WHERE Student.ssn=AssignedQuizzes.ssn 	
							   AND AssignedQuizzes.quizNr=:QNR	
							   AND Student.loginName=:LOGIN 
							   AND AssignedQuizzes.quizCourseName=:CNAME
							   AND AssignedQuizzes.courseOccasion=:COCCASION),
							  :CNAME,
							  :COCCASION,
							  :AHASH,
							  :ANSWER,
							  '',
							  '',
							  :ADATETIME,
							  :UAGENT,
							  :UIP);";
	$stmt = $pdo->prepare($insertString);
	$stmt->bindParam(':QNR', $_POST['quizNr']);
	$stmt->bindParam(':LOGIN', $_POST['loginName']);
	$stmt->bindParam(':CNAME', $_POST['courseName']);
	$stmt->bindParam(':COCCASION', $_POST['courseOccasion']);
	$stmt->bindParam(':ANSWER', $_POST['quizAnswer']);
	$hashedAnswer=md5($_POST['loginName'].$_POST['quizAnswer']);
	$stmt->bindParam(':AHASH', $hashedAnswer);
	$stmt->bindParam(':UAGENT', $_SERVER['HTTP_USER_AGENT']);
	$now=new DateTime();
	$dateString=$now->format('Y-m-d H:i:s');
	$stmt->bindParam(':ADATETIME', $dateString); // date and time formated to string e.g. "2012-08-23 08:59:00"
	$stmt->bindParam(':UIP', $_SERVER['REMOTE_ADDR']);
	$stmt->execute();
	
	//Check if the student is a praticipant of the course
	$queryString="SELECT COUNT(*) 
				   FROM Student, StudentCourseRegistration 
				   WHERE Student.ssn=StudentCourseRegistration.studentSsn
				   AND Student.loginName=:LOGIN
				   AND Student.passw=:PASSW
				   AND courseName=:CNAME 
				   AND courseOccasion=:COCCASION;";
	$stmt = $pdo->prepare($queryString);
	$stmt->bindParam(':LOGIN', $_SESSION['loginName']);
	$stmt->bindParam(':PASSW', $_SESSION['password']);
	$stmt->bindParam(':CNAME', $_SESSION['courseName']);
	$stmt->bindParam(':COCCASION', $_SESSION['courseOccasion']);
	$stmt->execute();

	if($stmt->fetchColumn()==1) { //Student is registered for the course - COUNT result read from the first column of the next unread row (i.e. the first row) 
		//Check if quiz is open (and fetch auto correction setting)
		$queryString="SELECT Quiz.opening, Quiz.closing, Quiz.autoCorrected, Quiz.allowMultipleReplies
					   FROM Quiz
					   WHERE Quiz.nr=:QNR
					   AND Quiz.courseName=:CNAME;";
		$stmt = $pdo->prepare($queryString);
		$stmt->bindParam(':QNR', $_POST['quizNr']);
		$stmt->bindParam(':CNAME', $_POST['courseName']);
		$stmt->execute();
		$quizData=$stmt->fetch(PDO::FETCH_ASSOC);
		if($quizData){
			
			$now = new DateTime();
			$opening = new DateTime($quizData['opening']);
			$closing = new DateTime($quizData['closing']);

			if($now<$opening) { //Quiz is not open yet
				echo json_encode(array('Error' => 'Requested quiz is not open yet'));
				exit();
			} else if($now>$closing) { //Quiz is closed
				echo json_encode(array('Error' => 'Requested quiz is closed'));
				exit();
			} // else continue (Not the best coding practice...)
			
		} else { //Quiz does not exist
			echo json_encode(array('Error' => 'Requested quiz does not exist'));
			exit();
		}
		
		/*
			AssignedQuizzes(
		ssn CHAR(11), //YYMMDD-XXXX
		quizNr INTEGER,
		qVarNr INTEGER,
		quizCourseName VARCHAR(200),
		courseOccasion VARCHAR(25) NOT NULL,
		answerHash VARCHAR(255), //Hash of Student login name + answer 
		answer TEXT,
		grade VARCHAR(10),
		gradeComment TEXT,
		answeredDateTime TIMESTAMP,
		userAgent VARCHAR(1024),
		userIP VARCHAR(20), //$_SERVER['REMOTE_ADDR']
		PRIMARY KEY(ssn, qVarNr, quizNr, quizCourseName),
		*/

		//Check if student already has answered the assigned quiz variant
		$queryString="SELECT AssignedQuizzes.answerHash, AssignedQuizzes.qVarNr, AssignedQuizzes.gradeComment 
					  FROM AssignedQuizzes, Student
					  WHERE Student.ssn=AssignedQuizzes.ssn
						AND AssignedQuizzes.quizNr=:QNR 
						AND Student.loginName=:LOGIN
						AND AssignedQuizzes.quizCourseName=:CNAME
						AND AssignedQuizzes.courseOccasion=:COCCASION;";
		$stmt = $pdo->prepare($queryString);
		$stmt->bindParam(':QNR', $_POST['quizNr']);
		$stmt->bindParam(':LOGIN', $_POST['loginName']);
		$stmt->bindParam(':CNAME', $_POST['courseName']);
		$stmt->bindParam(':COCCASION', $_POST['courseOccasion']);
		$stmt->execute();
		$result=$stmt->fetch(PDO::FETCH_ASSOC);
		$stmt->closeCursor();
		if($result){ //If this quiz is assigned to the student 
				if($result['answerHash']!=NULL && $quizData['allowMultipleReplies']!='1'){ //Student has already answered the quiz
					echo json_encode(array('Error' => 'This quiz has already been answered', 'answerHash'=>$result['answerHash']));
					exit();
				} else { //check if autoCorrection
				
					if($quizData['autoCorrected']=='0'){ //Not auto corrected
						$hashedAnswer= substr(md5($_POST['loginName'].$_POST['quizAnswer']),0,8);
						if(storeAnswer($_POST['loginName'],
									   $_POST['courseName'],
									   $_POST['courseOccasion'],
									   $_POST['quizNr'],
									   $result['qVarNr'],
									   $_POST['quizAnswer'],
									   "ungraded",
									   $result['gradeComment']."-",
									   $_SERVER['REMOTE_ADDR'],
									   $_SERVER['HTTP_USER_AGENT'],
									   $pdo)){
							//Stored answer
							echo json_encode(array('Success' => 'true','hashedAnswer' => $hashedAnswer));
						} else {
							//Failed to store answer
							echo json_encode(array('Success' => 'false','hashedAnswer' => $hashedAnswer));
						}
						exit();
					} else { //Is auto corrected - Check if the correct answer was given 
						/*QuizVariant(
						 qVarNr INTEGER,
						quizNr INTEGER,
						quizCourseName VARCHAR(200),
						correctAnswer VARCHAR(255),
						quizObjectIDs TEXT,
						PRIMARY KEY(qVarNr, quizNr, quizCourseName),
						*/
						$queryString = "SELECT QuizVariant.correctAnswer
										FROM QuizVariant
										WHERE QuizVariant.qVarNr=:QVNR
											AND QuizVariant.quizNr=:QNR
											AND QuizVariant.quizCourseName=:CNAME";
						$stmt = $pdo->prepare($queryString);
						$stmt->bindParam(':QNR', $_POST['quizNr']);
						$stmt->bindParam(':QVNR', $result['qVarNr']);
						$stmt->bindParam(':CNAME', $_POST['courseName']);
						$stmt->execute();
						$qVarData=$stmt->fetch(PDO::FETCH_ASSOC);
						$correctAnswer=$qVarData['correctAnswer'];
						if($_POST['quizAnswer']==$correctAnswer){ //Correct answer was given
							$hashedAnswer= substr(md5($_POST['loginName'].$_POST['quizAnswer']),0,8);
							$stmt->closeCursor();
							if(storeAnswer($_POST['loginName'],
									   $_POST['courseName'],
									   $_POST['courseOccasion'],
									   $_POST['quizNr'],
									   $result['qVarNr'],
									   $_POST['quizAnswer'],
									   "Correct",
									   $result['gradeComment']." Quiz was corrected automatically",
									   $_SERVER['REMOTE_ADDR'],
									   $_SERVER['HTTP_USER_AGENT'],
									   $pdo)){
								//Stored answer
								echo json_encode(array('Success' => 'true', 'isCorrect' => 'true', 'hashedAnswer' => $hashedAnswer));
							} else {
								//Failed to store answer
								echo json_encode(array('Success' => 'false', 'isCorrect' => 'true', 'hashedAnswer' => $hashedAnswer));
							}
							exit();
						} else { //Answer is incorrect
							
							echo json_encode(array('isCorrect' => 'false'));
						}
						exit();
					}
				}
		} else {
			echo json_encode(array('Error' => 'This student has not been assigned the quiz'));
			exit();
		}
		
	} else {
		echo json_encode(array('Error' => 'Student not registered for this course'));
		exit();
	}
} else { //Sent login name does not match the login name stored in the session
	echo json_encode(array('Error' => 'Sent login name does not match stored login name')); 
}
?>

1 by Henrik G. First seed of Lenasys ... Needs to be Organized Further	1	<?php
	2	////Handels quiz answers
	3	////Parameters: loginName, courseName, courseOccasion, quizNr, quizAnswer
	4	////If autoCorrection==false the answer is stored without checking
	5	////Else the quiz answer is checked for correctness,
	6	//// if incorrect -> the answer is not stored
	7	//// else -> stored
	8
	9	session_start();
	10	//Check if the sent login name is the same as the one stored in the session
4.10.1 by Daniel Johansson Uppdaterat DuggaSys till att fÃ¶lja kodstandard utseendemÃ¤ssigt. Namnkonventioner kvar.	11	if($_POST['loginName']==$_SESSION['loginName'] && $_POST['courseName']==$_SESSION['courseName'] && $_POST['quizNr']==$_SESSION['quizNr']) {
9.5.1 by galaxyAbstractor Moved shared js, css and php, updated all paths in DuggaSys.	12	include "../../php/dbconnect.php";
1 by Henrik G. First seed of Lenasys ... Needs to be Organized Further	13	//Store answer and loginName+answer hash
4.10.1 by Daniel Johansson Uppdaterat DuggaSys till att fÃ¶lja kodstandard utseendemÃ¤ssigt. Namnkonventioner kvar.	14	function storeAnswer($loginName,$courseName,$courseOccasion,$quizNr,$qVarRr,$quizAnswer,$grade,$gradeComment,$ip,$userAgent,$pdo) {
1 by Henrik G. First seed of Lenasys ... Needs to be Organized Further	15	$updateQuery="UPDATE AssignedQuizzes
	16	SET AssignedQuizzes.answer=:ANSWER,
	17	AssignedQuizzes.answerHash=:ANSWERHASH,
	18	AssignedQuizzes.grade=:GRADE,
	19	AssignedQuizzes.gradeComment=:GRADECOMMENT,
	20	AssignedQuizzes.answeredDateTime=:DATETIME,
	21	AssignedQuizzes.userAgent=:AGENT,
	22	AssignedQuizzes.userIP=:IP
	23	WHERE AssignedQuizzes.ssn=(SELECT Student.ssn FROM Student WHERE Student.loginName=:LOGIN)
	24	AND AssignedQuizzes.quizNr=:QNR
	25	AND AssignedQuizzes.quizCourseName=:CNAME
	26	AND AssignedQuizzes.courseOccasion=:COCCASION;";
	27	$updateStmt = $pdo->prepare($updateQuery);
	28	$updateStmt->bindParam(':LOGIN', $loginName);
	29	$updateStmt->bindParam(':CNAME', $courseName);
	30	$updateStmt->bindParam(':QNR', $quizNr);
	31	$updateStmt->bindParam(':COCCASION', $courseOccasion);
	32	$updateStmt->bindParam(':ANSWER', $quizAnswer);
	33	$hashedAnswer=md5($loginName.$quizAnswer);
	34	$updateStmt->bindParam(':ANSWERHASH', $hashedAnswer);
	35	$updateStmt->bindParam(':GRADE', $grade);
	36	$updateStmt->bindParam(':GRADECOMMENT', $gradeComment);
	37	$now=new DateTime();
	38	$dateString=$now->format('Y-m-d H:i:s');
	39	$updateStmt->bindParam(':DATETIME', $dateString); // date and time formated to string e.g. "2012-08-23 08:59:00"
	40	$updateStmt->bindParam(':IP',$ip);
	41	$updateStmt->bindParam(':AGENT',$userAgent);
	42
	43	return $updateStmt->execute();
	44	}
	45
	46
	47	//Prevents browsers (IE) from caching the response
	48	header('Cache-Control: no-cache, must-revalidate');
	49	header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
	50	header('Content-type: application/json; charset=utf-8');
	51
9.5.1 by galaxyAbstractor Moved shared js, css and php, updated all paths in DuggaSys.	52
1 by Henrik G. First seed of Lenasys ... Needs to be Organized Further	53
	54	//TODO: Store ALL answer attempts in answerlog
	55	// CREATE TABLE AssignedQuizzesAnswerLog(
	56	// ssn CHAR(11), /YYMMDD-XXXX/
	57	// loginName VARCHAR(50),
	58	// quizNr INTEGER,
	59	// qVarNr INTEGER,
	60	// quizCourseName VARCHAR(200),
	61	// courseOccasion VARCHAR(25),
	62	// answerHash VARCHAR(255), /Hash of Student login name + answer /
	63	// answer TEXT,
	64	// grade VARCHAR(10),
	65	// gradeComment TEXT,
	66	// answeredDateTime TIMESTAMP,
	67	// userAgent VARCHAR(1024), /$_SERVER['HTTP_USER_AGENT']/
	68	// userIP VARCHAR(20) /$_SERVER['REMOTE_ADDR']/
	69	// ) ENGINE=INNODB CHARACTER SET utf8 COLLATE utf8_swedish_ci;
	70	$insertString = "INSERT INTO AssignedQuizzesAnswerLog(
	71	ssn,
	72	loginName,
	73	quizNr,
	74	qVarNr,
	75	quizCourseName,
	76	courseOccasion,
	77	answerHash,
	78	answer,
	79	grade,
	80	gradeComment,
	81	answeredDateTime,
	82	userAgent,
	83	userIP)
	84	VALUES(
	85	(SELECT Student.ssn FROM Student WHERE Student.loginName=:LOGIN),
	86	:LOGIN,
	87	:QNR,
	88	(SELECT AssignedQuizzes.qVarNr
	89	FROM AssignedQuizzes, Student
	90	WHERE Student.ssn=AssignedQuizzes.ssn
	91	AND AssignedQuizzes.quizNr=:QNR
	92	AND Student.loginName=:LOGIN
	93	AND AssignedQuizzes.quizCourseName=:CNAME
	94	AND AssignedQuizzes.courseOccasion=:COCCASION),
	95	:CNAME,
	96	:COCCASION,
	97	:AHASH,
	98	:ANSWER,
	99	'',
	100	'',
	101	:ADATETIME,
	102	:UAGENT,
	103	:UIP);";
	104	$stmt = $pdo->prepare($insertString);
	105	$stmt->bindParam(':QNR', $_POST['quizNr']);
	106	$stmt->bindParam(':LOGIN', $_POST['loginName']);
	107	$stmt->bindParam(':CNAME', $_POST['courseName']);
	108	$stmt->bindParam(':COCCASION', $_POST['courseOccasion']);
	109	$stmt->bindParam(':ANSWER', $_POST['quizAnswer']);
	110	$hashedAnswer=md5($_POST['loginName'].$_POST['quizAnswer']);
	111	$stmt->bindParam(':AHASH', $hashedAnswer);
	112	$stmt->bindParam(':UAGENT', $_SERVER['HTTP_USER_AGENT']);
	113	$now=new DateTime();
	114	$dateString=$now->format('Y-m-d H:i:s');
	115	$stmt->bindParam(':ADATETIME', $dateString); // date and time formated to string e.g. "2012-08-23 08:59:00"
	116	$stmt->bindParam(':UIP', $_SERVER['REMOTE_ADDR']);
117	$stmt->execute();
118
119	//Check if the student is a praticipant of the course
120	$queryString="SELECT COUNT(*)
121	FROM Student, StudentCourseRegistration
122	WHERE Student.ssn=StudentCourseRegistration.studentSsn
123	AND Student.loginName=:LOGIN
124	AND Student.passw=:PASSW
125	AND courseName=:CNAME
126	AND courseOccasion=:COCCASION;";
127	$stmt = $pdo->prepare($queryString);
128	$stmt->bindParam(':LOGIN', $_SESSION['loginName']);
129	$stmt->bindParam(':PASSW', $_SESSION['password']);
130	$stmt->bindParam(':CNAME', $_SESSION['courseName']);
131	$stmt->bindParam(':COCCASION', $_SESSION['courseOccasion']);
132	$stmt->execute();
133
4.10.1 by Daniel Johansson Uppdaterat DuggaSys till att fÃ¶lja kodstandard utseendemÃ¤ssigt. Namnkonventioner kvar.	134	if($stmt->fetchColumn()==1) { //Student is registered for the course - COUNT result read from the first column of the next unread row (i.e. the first row)
1 by Henrik G. First seed of Lenasys ... Needs to be Organized Further	135	//Check if quiz is open (and fetch auto correction setting)
	136	$queryString="SELECT Quiz.opening, Quiz.closing, Quiz.autoCorrected, Quiz.allowMultipleReplies
	137	FROM Quiz
	138	WHERE Quiz.nr=:QNR
	139	AND Quiz.courseName=:CNAME;";
	140	$stmt = $pdo->prepare($queryString);
	141	$stmt->bindParam(':QNR', $_POST['quizNr']);
	142	$stmt->bindParam(':CNAME', $_POST['courseName']);
	143	$stmt->execute();
	144	$quizData=$stmt->fetch(PDO::FETCH_ASSOC);
	145	if($quizData){
	146
	147	$now = new DateTime();
	148	$opening = new DateTime($quizData['opening']);
	149	$closing = new DateTime($quizData['closing']);
	150
	151	if($now<$opening) { //Quiz is not open yet
	152	echo json_encode(array('Error' => 'Requested quiz is not open yet'));
	153	exit();
	154	} else if($now>$closing) { //Quiz is closed
	155	echo json_encode(array('Error' => 'Requested quiz is closed'));
	156	exit();
	157	} // else continue (Not the best coding practice...)
	158
	159	} else { //Quiz does not exist
	160	echo json_encode(array('Error' => 'Requested quiz does not exist'));
	161	exit();
	162	}
	163
	164	/*
	165	AssignedQuizzes(
	166	ssn CHAR(11), //YYMMDD-XXXX
	167	quizNr INTEGER,
	168	qVarNr INTEGER,
	169	quizCourseName VARCHAR(200),
	170	courseOccasion VARCHAR(25) NOT NULL,
	171	answerHash VARCHAR(255), //Hash of Student login name + answer
	172	answer TEXT,
	173	grade VARCHAR(10),
	174	gradeComment TEXT,
	175	answeredDateTime TIMESTAMP,
	176	userAgent VARCHAR(1024),
	177	userIP VARCHAR(20), //$_SERVER['REMOTE_ADDR']
	178	PRIMARY KEY(ssn, qVarNr, quizNr, quizCourseName),
	179	*/
	180
	181	//Check if student already has answered the assigned quiz variant
	182	$queryString="SELECT AssignedQuizzes.answerHash, AssignedQuizzes.qVarNr, AssignedQuizzes.gradeComment
	183	FROM AssignedQuizzes, Student
	184	WHERE Student.ssn=AssignedQuizzes.ssn
	185	AND AssignedQuizzes.quizNr=:QNR
	186	AND Student.loginName=:LOGIN
	187	AND AssignedQuizzes.quizCourseName=:CNAME
	188	AND AssignedQuizzes.courseOccasion=:COCCASION;";
	189	$stmt = $pdo->prepare($queryString);
	190	$stmt->bindParam(':QNR', $_POST['quizNr']);
	191	$stmt->bindParam(':LOGIN', $_POST['loginName']);
	192	$stmt->bindParam(':CNAME', $_POST['courseName']);
	193	$stmt->bindParam(':COCCASION', $_POST['courseOccasion']);
	194	$stmt->execute();
	195	$result=$stmt->fetch(PDO::FETCH_ASSOC);
	196	$stmt->closeCursor();
	197	if($result){ //If this quiz is assigned to the student
	198	if($result['answerHash']!=NULL && $quizData['allowMultipleReplies']!='1'){ //Student has already answered the quiz
199	echo json_encode(array('Error' => 'This quiz has already been answered', 'answerHash'=>$result['answerHash']));
200	exit();
201	} else { //check if autoCorrection
202
203	if($quizData['autoCorrected']=='0'){ //Not auto corrected
204	$hashedAnswer= substr(md5($_POST['loginName'].$_POST['quizAnswer']),0,8);
205	if(storeAnswer($_POST['loginName'],
206	$_POST['courseName'],
207	$_POST['courseOccasion'],
208	$_POST['quizNr'],
209	$result['qVarNr'],
210	$_POST['quizAnswer'],
211	"ungraded",
212	$result['gradeComment']."-",
213	$_SERVER['REMOTE_ADDR'],
214	$_SERVER['HTTP_USER_AGENT'],
215	$pdo)){
216	//Stored answer
217	echo json_encode(array('Success' => 'true','hashedAnswer' => $hashedAnswer));
218	} else {
219	//Failed to store answer
220	echo json_encode(array('Success' => 'false','hashedAnswer' => $hashedAnswer));
221	}
222	exit();
223	} else { //Is auto corrected - Check if the correct answer was given
224	/*QuizVariant(
225	qVarNr INTEGER,
226	quizNr INTEGER,
227	quizCourseName VARCHAR(200),
228	correctAnswer VARCHAR(255),
229	quizObjectIDs TEXT,
230	PRIMARY KEY(qVarNr, quizNr, quizCourseName),
231	*/
232	$queryString = "SELECT QuizVariant.correctAnswer
233	FROM QuizVariant
234	WHERE QuizVariant.qVarNr=:QVNR
235	AND QuizVariant.quizNr=:QNR
236	AND QuizVariant.quizCourseName=:CNAME";
237	$stmt = $pdo->prepare($queryString);
238	$stmt->bindParam(':QNR', $_POST['quizNr']);
239	$stmt->bindParam(':QVNR', $result['qVarNr']);
240	$stmt->bindParam(':CNAME', $_POST['courseName']);
241	$stmt->execute();
242	$qVarData=$stmt->fetch(PDO::FETCH_ASSOC);
243	$correctAnswer=$qVarData['correctAnswer'];
244	if($_POST['quizAnswer']==$correctAnswer){ //Correct answer was given
245	$hashedAnswer= substr(md5($_POST['loginName'].$_POST['quizAnswer']),0,8);
246	$stmt->closeCursor();
247	if(storeAnswer($_POST['loginName'],
248	$_POST['courseName'],
249	$_POST['courseOccasion'],
250	$_POST['quizNr'],
251	$result['qVarNr'],
252	$_POST['quizAnswer'],
253	"Correct",
254	$result['gradeComment']." Quiz was corrected automatically",
255	$_SERVER['REMOTE_ADDR'],
256	$_SERVER['HTTP_USER_AGENT'],
257	$pdo)){
258	//Stored answer
259	echo json_encode(array('Success' => 'true', 'isCorrect' => 'true', 'hashedAnswer' => $hashedAnswer));
260	} else {
261	//Failed to store answer
262	echo json_encode(array('Success' => 'false', 'isCorrect' => 'true', 'hashedAnswer' => $hashedAnswer));
263	}
264	exit();
265	} else { //Answer is incorrect
266
267	echo json_encode(array('isCorrect' => 'false'));
268	}
269	exit();
270	}
271	}
272	} else {
273	echo json_encode(array('Error' => 'This student has not been assigned the quiz'));
274	exit();
275	}
276
277	} else {
278	echo json_encode(array('Error' => 'Student not registered for this course'));
279	exit();
280	}
281	} else { //Sent login name does not match the login name stored in the session
282	echo json_encode(array('Error' => 'Sent login name does not match stored login name'));
283	}
284	?>