/lenasys/0.1

To get this branch, use:
bzr branch http://gegoxaren.bato24.eu/bzr/lenasys/0.1

« back to all changes in this revision

Viewing changes to trunk/DuggaSys/quizAjax/answerQuiz.php

  • Committer: Henrik G.
  • Date: 2013-03-26 23:22:55 UTC
  • Revision ID: henrik.gustavsson@his.se-20130326232255-ik6snyatlbkf3zs1
First seed of Lenasys ... Needs to be Organized Further

Show diffs side-by-side

added added

removed removed

Lines of Context:
trunk/DuggaSys/quizAjax/answerQuiz.php
 
1
<?php
 
2
////Handels quiz answers 
 
3
////Parameters: loginName, courseName, courseOccasion, quizNr, quizAnswer
 
4
////If autoCorrection==false the answer is stored without checking
 
5
////Else the quiz answer is checked for correctness, 
 
6
////    if incorrect -> the answer is not stored
 
7
////    else -> stored 
 
8
 
 
9
session_start();
 
10
//Check if the sent login name is the same as the one stored in the session
 
11
if($_POST['loginName']==$_SESSION['loginName'] && $_POST['courseName']==$_SESSION['courseName'] && $_POST['quizNr']==$_SESSION['quizNr']){ 
 
12
 
 
13
        //Store answer and loginName+answer hash
 
14
        function storeAnswer($loginName,$courseName,$courseOccasion,$quizNr,$qVarRr,$quizAnswer,$grade,$gradeComment,$ip,$userAgent,$pdo){
 
15
                $updateQuery="UPDATE AssignedQuizzes 
 
16
                                          SET AssignedQuizzes.answer=:ANSWER, 
 
17
                                                  AssignedQuizzes.answerHash=:ANSWERHASH, 
 
18
                                                  AssignedQuizzes.grade=:GRADE, 
 
19
                                                  AssignedQuizzes.gradeComment=:GRADECOMMENT, 
 
20
                                                  AssignedQuizzes.answeredDateTime=:DATETIME,
 
21
                                                  AssignedQuizzes.userAgent=:AGENT,
 
22
                                                  AssignedQuizzes.userIP=:IP
 
23
                                          WHERE AssignedQuizzes.ssn=(SELECT Student.ssn FROM Student WHERE Student.loginName=:LOGIN)
 
24
                                                AND AssignedQuizzes.quizNr=:QNR
 
25
                                                AND AssignedQuizzes.quizCourseName=:CNAME
 
26
                                                AND AssignedQuizzes.courseOccasion=:COCCASION;";
 
27
                $updateStmt = $pdo->prepare($updateQuery);
 
28
                $updateStmt->bindParam(':LOGIN', $loginName);
 
29
                $updateStmt->bindParam(':CNAME', $courseName);
 
30
                $updateStmt->bindParam(':QNR', $quizNr);
 
31
                $updateStmt->bindParam(':COCCASION', $courseOccasion);
 
32
                $updateStmt->bindParam(':ANSWER', $quizAnswer);
 
33
                $hashedAnswer=md5($loginName.$quizAnswer);
 
34
                $updateStmt->bindParam(':ANSWERHASH', $hashedAnswer);
 
35
                $updateStmt->bindParam(':GRADE', $grade);
 
36
                $updateStmt->bindParam(':GRADECOMMENT', $gradeComment);
 
37
                $now=new DateTime();
 
38
                $dateString=$now->format('Y-m-d H:i:s');
 
39
                $updateStmt->bindParam(':DATETIME', $dateString); // date and time formated to string e.g. "2012-08-23 08:59:00"
 
40
                $updateStmt->bindParam(':IP',$ip);
 
41
                $updateStmt->bindParam(':AGENT',$userAgent);
 
42
                
 
43
                return $updateStmt->execute();
 
44
        }
 
45
 
 
46
 
 
47
        //Prevents browsers (IE) from caching the response
 
48
        header('Cache-Control: no-cache, must-revalidate');
 
49
        header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
 
50
        header('Content-type: application/json; charset=utf-8'); 
 
51
 
 
52
        include "dbconnect.php";
 
53
        
 
54
        //TODO: Store ALL answer attempts in answerlog
 
55
        // CREATE TABLE AssignedQuizzesAnswerLog(
 
56
    // ssn CHAR(11), /*YYMMDD-XXXX*/
 
57
        // loginName VARCHAR(50),
 
58
    // quizNr INTEGER,
 
59
    // qVarNr INTEGER,
 
60
    // quizCourseName VARCHAR(200),
 
61
        // courseOccasion VARCHAR(25),
 
62
    // answerHash VARCHAR(255), /*Hash of Student login name + answer */
 
63
    // answer TEXT,
 
64
        // grade VARCHAR(10),
 
65
        // gradeComment TEXT,
 
66
        // answeredDateTime TIMESTAMP,
 
67
    // userAgent VARCHAR(1024), /*$_SERVER['HTTP_USER_AGENT']*/
 
68
    // userIP VARCHAR(20) /*$_SERVER['REMOTE_ADDR']*/
 
69
        // ) ENGINE=INNODB CHARACTER SET utf8 COLLATE utf8_swedish_ci;
 
70
        $insertString = "INSERT INTO AssignedQuizzesAnswerLog(
 
71
                                                        ssn,
 
72
                                                        loginName,
 
73
                                                        quizNr,
 
74
                                                        qVarNr,
 
75
                                                        quizCourseName,
 
76
                                                        courseOccasion,
 
77
                                                        answerHash,
 
78
                                                        answer,
 
79
                                                        grade,
 
80
                                                        gradeComment,
 
81
                                                        answeredDateTime,
 
82
                                                        userAgent,
 
83
                                                        userIP) 
 
84
                                                        VALUES(
 
85
                                                        (SELECT Student.ssn FROM Student WHERE Student.loginName=:LOGIN),
 
86
                                                        :LOGIN,
 
87
                                                        :QNR,
 
88
                                                        (SELECT AssignedQuizzes.qVarNr 
 
89
                                                         FROM AssignedQuizzes, Student 
 
90
                                                         WHERE Student.ssn=AssignedQuizzes.ssn  
 
91
                                                           AND AssignedQuizzes.quizNr=:QNR      
 
92
                                                           AND Student.loginName=:LOGIN 
 
93
                                                           AND AssignedQuizzes.quizCourseName=:CNAME
 
94
                                                           AND AssignedQuizzes.courseOccasion=:COCCASION),
 
95
                                                          :CNAME,
 
96
                                                          :COCCASION,
 
97
                                                          :AHASH,
 
98
                                                          :ANSWER,
 
99
                                                          '',
 
100
                                                          '',
 
101
                                                          :ADATETIME,
 
102
                                                          :UAGENT,
 
103
                                                          :UIP);";
 
104
        $stmt = $pdo->prepare($insertString);
 
105
        $stmt->bindParam(':QNR', $_POST['quizNr']);
 
106
        $stmt->bindParam(':LOGIN', $_POST['loginName']);
 
107
        $stmt->bindParam(':CNAME', $_POST['courseName']);
 
108
        $stmt->bindParam(':COCCASION', $_POST['courseOccasion']);
 
109
        $stmt->bindParam(':ANSWER', $_POST['quizAnswer']);
 
110
        $hashedAnswer=md5($_POST['loginName'].$_POST['quizAnswer']);
 
111
        $stmt->bindParam(':AHASH', $hashedAnswer);
 
112
        $stmt->bindParam(':UAGENT', $_SERVER['HTTP_USER_AGENT']);
 
113
        $now=new DateTime();
 
114
        $dateString=$now->format('Y-m-d H:i:s');
 
115
        $stmt->bindParam(':ADATETIME', $dateString); // date and time formated to string e.g. "2012-08-23 08:59:00"
 
116
        $stmt->bindParam(':UIP', $_SERVER['REMOTE_ADDR']);
 
117
        $stmt->execute();
 
118
        
 
119
        //Check if the student is a praticipant of the course
 
120
        $queryString="SELECT COUNT(*) 
 
121
                                   FROM Student, StudentCourseRegistration 
 
122
                                   WHERE Student.ssn=StudentCourseRegistration.studentSsn
 
123
                                   AND Student.loginName=:LOGIN
 
124
                                   AND Student.passw=:PASSW
 
125
                                   AND courseName=:CNAME 
 
126
                                   AND courseOccasion=:COCCASION;";
 
127
        $stmt = $pdo->prepare($queryString);
 
128
        $stmt->bindParam(':LOGIN', $_SESSION['loginName']);
 
129
        $stmt->bindParam(':PASSW', $_SESSION['password']);
 
130
        $stmt->bindParam(':CNAME', $_SESSION['courseName']);
 
131
        $stmt->bindParam(':COCCASION', $_SESSION['courseOccasion']);
 
132
        $stmt->execute();
 
133
 
 
134
        if($stmt->fetchColumn()==1){ //Student is registered for the course - COUNT result read from the first column of the next unread row (i.e. the first row) 
 
135
                //Check if quiz is open (and fetch auto correction setting)
 
136
                $queryString="SELECT Quiz.opening, Quiz.closing, Quiz.autoCorrected, Quiz.allowMultipleReplies
 
137
                                           FROM Quiz
 
138
                                           WHERE Quiz.nr=:QNR
 
139
                                           AND Quiz.courseName=:CNAME;";
 
140
                $stmt = $pdo->prepare($queryString);
 
141
                $stmt->bindParam(':QNR', $_POST['quizNr']);
 
142
                $stmt->bindParam(':CNAME', $_POST['courseName']);
 
143
                $stmt->execute();
 
144
                $quizData=$stmt->fetch(PDO::FETCH_ASSOC);
 
145
                if($quizData){
 
146
                        
 
147
                        $now = new DateTime();
 
148
                        $opening = new DateTime($quizData['opening']);
 
149
                        $closing = new DateTime($quizData['closing']);
 
150
 
 
151
                        if($now<$opening) { //Quiz is not open yet
 
152
                                echo json_encode(array('Error' => 'Requested quiz is not open yet'));
 
153
                                exit();
 
154
                        } else if($now>$closing) { //Quiz is closed
 
155
                                echo json_encode(array('Error' => 'Requested quiz is closed'));
 
156
                                exit();
 
157
                        } // else continue (Not the best coding practice...)
 
158
                        
 
159
                } else { //Quiz does not exist
 
160
                        echo json_encode(array('Error' => 'Requested quiz does not exist'));
 
161
                        exit();
 
162
                }
 
163
                
 
164
                /*
 
165
                        AssignedQuizzes(
 
166
                ssn CHAR(11), //YYMMDD-XXXX
 
167
                quizNr INTEGER,
 
168
                qVarNr INTEGER,
 
169
                quizCourseName VARCHAR(200),
 
170
                courseOccasion VARCHAR(25) NOT NULL,
 
171
                answerHash VARCHAR(255), //Hash of Student login name + answer 
 
172
                answer TEXT,
 
173
                grade VARCHAR(10),
 
174
                gradeComment TEXT,
 
175
                answeredDateTime TIMESTAMP,
 
176
                userAgent VARCHAR(1024),
 
177
                userIP VARCHAR(20), //$_SERVER['REMOTE_ADDR']
 
178
                PRIMARY KEY(ssn, qVarNr, quizNr, quizCourseName),
 
179
                */
 
180
 
 
181
                //Check if student already has answered the assigned quiz variant
 
182
                $queryString="SELECT AssignedQuizzes.answerHash, AssignedQuizzes.qVarNr, AssignedQuizzes.gradeComment 
 
183
                                          FROM AssignedQuizzes, Student
 
184
                                          WHERE Student.ssn=AssignedQuizzes.ssn
 
185
                                                AND AssignedQuizzes.quizNr=:QNR 
 
186
                                                AND Student.loginName=:LOGIN
 
187
                                                AND AssignedQuizzes.quizCourseName=:CNAME
 
188
                                                AND AssignedQuizzes.courseOccasion=:COCCASION;";
 
189
                $stmt = $pdo->prepare($queryString);
 
190
                $stmt->bindParam(':QNR', $_POST['quizNr']);
 
191
                $stmt->bindParam(':LOGIN', $_POST['loginName']);
 
192
                $stmt->bindParam(':CNAME', $_POST['courseName']);
 
193
                $stmt->bindParam(':COCCASION', $_POST['courseOccasion']);
 
194
                $stmt->execute();
 
195
                $result=$stmt->fetch(PDO::FETCH_ASSOC);
 
196
                $stmt->closeCursor();
 
197
                if($result){ //If this quiz is assigned to the student 
 
198
                                if($result['answerHash']!=NULL && $quizData['allowMultipleReplies']!='1'){ //Student has already answered the quiz
 
199
                                        echo json_encode(array('Error' => 'This quiz has already been answered', 'answerHash'=>$result['answerHash']));
 
200
                                        exit();
 
201
                                } else { //check if autoCorrection
 
202
                                
 
203
                                        if($quizData['autoCorrected']=='0'){ //Not auto corrected
 
204
                                                $hashedAnswer= substr(md5($_POST['loginName'].$_POST['quizAnswer']),0,8);
 
205
                                                if(storeAnswer($_POST['loginName'],
 
206
                                                                           $_POST['courseName'],
 
207
                                                                           $_POST['courseOccasion'],
 
208
                                                                           $_POST['quizNr'],
 
209
                                                                           $result['qVarNr'],
 
210
                                                                           $_POST['quizAnswer'],
 
211
                                                                           "ungraded",
 
212
                                                                           $result['gradeComment']."-",
 
213
                                                                           $_SERVER['REMOTE_ADDR'],
 
214
                                                                           $_SERVER['HTTP_USER_AGENT'],
 
215
                                                                           $pdo)){
 
216
                                                        //Stored answer
 
217
                                                        echo json_encode(array('Success' => 'true','hashedAnswer' => $hashedAnswer));
 
218
                                                } else {
 
219
                                                        //Failed to store answer
 
220
                                                        echo json_encode(array('Success' => 'false','hashedAnswer' => $hashedAnswer));
 
221
                                                }
 
222
                                                exit();
 
223
                                        } else { //Is auto corrected - Check if the correct answer was given 
 
224
                                                /*QuizVariant(
 
225
                                                 qVarNr INTEGER,
 
226
                                                quizNr INTEGER,
 
227
                                                quizCourseName VARCHAR(200),
 
228
                                                correctAnswer VARCHAR(255),
 
229
                                                quizObjectIDs TEXT,
 
230
                                                PRIMARY KEY(qVarNr, quizNr, quizCourseName),
 
231
                                                */
 
232
                                                $queryString = "SELECT QuizVariant.correctAnswer
 
233
                                                                                FROM QuizVariant
 
234
                                                                                WHERE QuizVariant.qVarNr=:QVNR
 
235
                                                                                        AND QuizVariant.quizNr=:QNR
 
236
                                                                                        AND QuizVariant.quizCourseName=:CNAME";
 
237
                                                $stmt = $pdo->prepare($queryString);
 
238
                                                $stmt->bindParam(':QNR', $_POST['quizNr']);
 
239
                                                $stmt->bindParam(':QVNR', $result['qVarNr']);
 
240
                                                $stmt->bindParam(':CNAME', $_POST['courseName']);
 
241
                                                $stmt->execute();
 
242
                                                $qVarData=$stmt->fetch(PDO::FETCH_ASSOC);
 
243
                                                $correctAnswer=$qVarData['correctAnswer'];
 
244
                                                if($_POST['quizAnswer']==$correctAnswer){ //Correct answer was given
 
245
                                                        $hashedAnswer= substr(md5($_POST['loginName'].$_POST['quizAnswer']),0,8);
 
246
                                                        $stmt->closeCursor();
 
247
                                                        if(storeAnswer($_POST['loginName'],
 
248
                                                                           $_POST['courseName'],
 
249
                                                                           $_POST['courseOccasion'],
 
250
                                                                           $_POST['quizNr'],
 
251
                                                                           $result['qVarNr'],
 
252
                                                                           $_POST['quizAnswer'],
 
253
                                                                           "Correct",
 
254
                                                                           $result['gradeComment']." Quiz was corrected automatically",
 
255
                                                                           $_SERVER['REMOTE_ADDR'],
 
256
                                                                           $_SERVER['HTTP_USER_AGENT'],
 
257
                                                                           $pdo)){
 
258
                                                                //Stored answer
 
259
                                                                echo json_encode(array('Success' => 'true', 'isCorrect' => 'true', 'hashedAnswer' => $hashedAnswer));
 
260
                                                        } else {
 
261
                                                                //Failed to store answer
 
262
                                                                echo json_encode(array('Success' => 'false', 'isCorrect' => 'true', 'hashedAnswer' => $hashedAnswer));
 
263
                                                        }
 
264
                                                        exit();
 
265
                                                } else { //Answer is incorrect
 
266
                                                        
 
267
                                                        echo json_encode(array('isCorrect' => 'false'));
 
268
                                                }
 
269
                                                exit();
 
270
                                        }
 
271
                                }
 
272
                } else {
 
273
                        echo json_encode(array('Error' => 'This student has not been assigned the quiz'));
 
274
                        exit();
 
275
                }
 
276
                
 
277
        } else {
 
278
                echo json_encode(array('Error' => 'Student not registered for this course'));
 
279
                exit();
 
280
        }
 
281
} else { //Sent login name does not match the login name stored in the session
 
282
        echo json_encode(array('Error' => 'Sent login name does not match stored login name')); 
 
283
}
 
284
?>
 
 
b'\\ No newline at end of file'